urlscan.io logo urlscan.io
SecurityTrails logo

www.normantranscript.com Open in urlscan Pro
192.104.182.209  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://normantranscript.com/
Effective URL: https://www.normantranscript.com/
Submission: On January 09 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 120 IPs in 12 countries across 131 domains to perform 537 HTTP transactions. The main IP is 192.104.182.209, located in United States and belongs to LEE-ASN, US. The main domain is www.normantranscript.com.
TLS certificate: Issued by GTS CA 1P5 on December 10th 2023. Valid for: 3 months.
This is the only time www.normantranscript.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 192.104.182.209 10668 (LEE-ASN)
52 104.16.133.24 13335 (CLOUDFLAR...)
2 2404:6800:400... 15169 (GOOGLE)
1 3.163.24.100 16509 (AMAZON-02)
2 34.87.122.136 396982 (GOOGLE-CL...)
19 2404:6800:400... 15169 (GOOGLE)
1 18.65.168.38 16509 (AMAZON-02)
4 216.17.34.107 10242 (USINTERNET)
2 2404:6800:400... 15169 (GOOGLE)
1 2606:2800:247... 15133 (EDGECAST)
2 54.82.174.208 14618 (AMAZON-AES)
1 2600:9000:20c... 16509 (AMAZON-02)
10 2404:6800:400... 15169 (GOOGLE)
4 2600:1901:0:6... 15169 (GOOGLE)
2 2a03:2880:f00... 32934 (FACEBOOK)
5 2404:6800:400... 15169 (GOOGLE)
5 13.249.170.54 16509 (AMAZON-02)
1 2600:9000:24d... 16509 (AMAZON-02)
8 44.241.196.6 16509 (AMAZON-02)
9 2404:6800:400... 15169 (GOOGLE)
4 9 2620:116:800e... 16509 (AMAZON-02)
1 2600:9000:214... 16509 (AMAZON-02)
1 2404:6800:400... 15169 (GOOGLE)
4 13.35.40.29 16509 (AMAZON-02)
1 2404:6800:400... 15169 (GOOGLE)
6 2404:6800:400... 15169 (GOOGLE)
1 130.211.10.17 396982 (GOOGLE-CL...)
4 2404:6800:400... 15169 (GOOGLE)
3 4 35.244.154.8 396982 (GOOGLE-CL...)
2 2 107.178.254.65 396982 (GOOGLE-CL...)
15 18 142.250.207.2 15169 (GOOGLE)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
20 2a02:b48:9001::1 39572 (ADVANCEDH...)
11 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
1 143.204.126.66 16509 (AMAZON-02)
1 35.160.151.220 16509 (AMAZON-02)
1 2a04:4e42:600... 54113 (FASTLY)
1 143.204.86.87 16509 (AMAZON-02)
1 2600:9000:206... 16509 (AMAZON-02)
1 2600:1f18:44f... 14618 (AMAZON-AES)
2 18.65.201.30 16509 (AMAZON-02)
1 2620:116:800e... 16509 (AMAZON-02)
13 13.228.117.82 16509 (AMAZON-02)
3 31 172.64.151.101 13335 (CLOUDFLAR...)
2 2406:2600:4::12 55569 (CRITEO-AS...)
1 29 34.98.64.218 396982 (GOOGLE-CL...)
5 13 103.43.90.179 29990 (ASN-APPNEX)
1 2600:9000:216... 16509 (AMAZON-02)
1 107.22.83.82 14618 (AMAZON-AES)
2 3 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
4 2404:6800:400... 15169 (GOOGLE)
1 5 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
19 36 2600:9000:221... 16509 (AMAZON-02)
2 2606:4700:440... 13335 (CLOUDFLAR...)
16 2404:6800:400... 15169 (GOOGLE)
1 34.117.126.186 396982 (GOOGLE-CL...)
2 20 209.54.182.161 16509 (AMAZON-02)
1 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
1 34.120.58.62 396982 (GOOGLE-CL...)
2 18.213.227.39 14618 (AMAZON-AES)
7 2404:6800:400... 15169 (GOOGLE)
2 2406:2600:4::1 55569 (CRITEO-AS...)
2 2 2600:9000:21b... 16509 (AMAZON-02)
14 14 35.213.12.39 15169 (GOOGLE)
2 2 54.169.98.134 16509 (AMAZON-02)
2 2 35.208.249.213 15169 (GOOGLE)
2 4 52.69.213.237 16509 (AMAZON-02)
1 5 18.138.179.14 16509 (AMAZON-02)
4 23.39.216.189 16625 (AKAMAI-AS)
2 23.40.149.60 16625 (AKAMAI-AS)
7 8 18.143.106.89 16509 (AMAZON-02)
1 1 216.22.16.53 30633 (LEASEWEB-...)
5 6 8.39.36.141 26667 (RUBICONPR...)
4 207.65.34.81 62713 (AS-PUBMATIC)
8 9 3.33.220.150 16509 (AMAZON-02)
4 4 52.203.228.108 14618 (AMAZON-AES)
1 1 2001:df2:a300... 6336 (TURN-US-ASN)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
4 4 2001:df2:a300... 6336 (TURN-US-ASN)
3 3 211.120.53.200 4694 (IDCF IDC ...)
2 2 50.31.142.255 23352 (SERVERCEN...)
2 2 35.75.90.59 16509 (AMAZON-02)
22 207.65.34.80 62713 (AS-PUBMATIC)
3 3 99.84.133.60 16509 (AMAZON-02)
2 5 34.111.113.62 396982 (GOOGLE-CL...)
1 4 52.77.13.91 16509 (AMAZON-02)
1 119.9.108.180 45187 (RACKSPACE...)
22 29 34.142.175.23 396982 (GOOGLE-CL...)
1 18.172.52.20 16509 (AMAZON-02)
1 22 18.65.185.71 16509 (AMAZON-02)
1 6 2406:da18:929... 16509 (AMAZON-02)
1 2 35.186.253.211 15169 (GOOGLE)
2 220.150.223.50 4686 (BEKKOAME ...)
2 151.101.129.108 54113 (FASTLY)
6 104.18.38.76 13335 (CLOUDFLAR...)
3 3 35.214.181.122 15169 (GOOGLE)
2 3 35.71.178.8 16509 (AMAZON-02)
8 13 8.39.36.142 26667 (RUBICONPR...)
2 3 2600:1f18:612... 14618 (AMAZON-AES)
1 1 23.219.68.21 16625 (AKAMAI-AS)
4 5 209.191.163.152 32475 (SINGLEHOP...)
1 2 139.99.123.105 16276 (OVH)
1 1 80.77.87.161 46636 (NATCOWEB)
1 1 23.106.127.38 59253 (LEASEWEB-...)
1 1 37.157.5.84 198622 (ADFORM)
6 8 74.118.186.107 6336 (TURN-US-ASN)
3 104.129.130.39 396949 (CLOUDWEBM...)
1 1 207.65.34.77 62713 (AS-PUBMATIC)
4 4 185.84.60.23 198622 (ADFORM)
3 3 18.142.92.8 16509 (AMAZON-02)
3 4 151.101.66.49 54113 (FASTLY)
1 1 34.111.147.92 396982 (GOOGLE-CL...)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 1 18.177.11.95 16509 (AMAZON-02)
2 13.114.76.12 16509 (AMAZON-02)
3 3 54.174.90.242 14618 (AMAZON-AES)
1 1 3.114.3.225 16509 (AMAZON-02)
1 1 8.43.72.97 26667 (RUBICONPR...)
6 2404:6800:400... 15169 (GOOGLE)
1 67.220.228.203 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
12 209.191.163.210 14744 (INTERNAP-...)
1 2 172.64.146.152 13335 (CLOUDFLAR...)
1 1 54.146.218.6 14618 (AMAZON-AES)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 2 35.75.206.175 16509 (AMAZON-02)
3 3 185.184.8.90 204995 (RTB-HOUSE...)
2 2406:da18:22e... 16509 (AMAZON-02)
4 207.65.34.74 62713 (AS-PUBMATIC)
1 2 2406:2600:4::b 55569 (CRITEO-AS...)
1 182.161.74.11 55569 (CRITEO-AS...)
1 38.133.127.63 22075 (AS-OUTBRAIN)
1 1 35.79.245.176 16509 (AMAZON-02)
1 1 2600:9000:208... 16509 (AMAZON-02)
2 3 2600:1901:0:8... 396982 (GOOGLE-CL...)
1 2 50.16.197.56 14618 (AMAZON-AES)
1 52.23.7.200 14618 (AMAZON-AES)
1 59.151.139.239 20940 (AKAMAI-ASN1)
1 1 142.250.198.2 15169 (GOOGLE)
2 141.95.33.120 16276 (OVH)
2 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 3 35.186.193.173 15169 (GOOGLE)
1 1 45.137.176.88 60350 (VP)
2 2 18.178.207.225 16509 (AMAZON-02)
1 1 182.161.74.16 55569 (CRITEO-AS...)
1 1 172.104.105.5 63949 (AKAMAI-LI...)
1 1 82.145.213.8 ()
1 1 74.121.140.211 30419 (MEDIAMATH...)
1 1 198.8.71.130 54312 (ROCKETFUEL)
4 4 2a02:fa8:c411... 399104 (CNVR-APAC)
1 141.95.98.65 16276 (OVH)
1 72.34.250.78 27630 (AS-XFERNET)
1 35.213.64.108 ()
2 98.98.134.241 ()
1 1 51.68.39.188 ()
1 8.18.47.7 ()
2 2 52.198.23.127 ()
1 1 74.214.196.131 ()
1 2404:6800:400... ()
1 1 103.243.202.190 ()
1 2 23.106.127.57 ()
1 1 34.160.19.107 ()
537 120
10    192.104.182.209 (United States)

ASN10668 (LEE-ASN, US)
PTR: cms.chicago2.vip.townnews.com
normantranscript.com
www.normantranscript.com
52    104.16.133.24 (None, )

ASN13335 (CLOUDFLARENET, US)
bloximages.chicago2.vip.townnews.com
2    2404:6800:4004:824::200a (Australia)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    3.163.24.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-163-24-100.hio52.r.cloudfront.net
cdn-gateflipp.flippback.com
2    34.87.122.136 (Singapore, Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 136.122.87.34.bc.googleusercontent.com
tag.simpli.fi
i.simpli.fi
19    2404:6800:4004:811::2002 (Australia)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    18.65.168.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-168-38.nrt57.r.cloudfront.net
prod.adspsp.com
4    216.17.34.107 (United States)

ASN10242 (USINTERNET, US)
normantranscript-cnhi-pw.newsmemory.com
2    2404:6800:4004:818::2014 (Australia)

ASN15169 (GOOGLE, US)
japfg-trending-content.appspot.com
1    2606:2800:247:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
cdn.cityspark.com
2    54.82.174.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-174-208.compute-1.amazonaws.com
static.cnhionline.com
1    2600:9000:20c4:1400:8:2ae1:d740:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.viafoura.net
10    2404:6800:4004:824::2008 (Australia)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2600:1901:0:636d::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
bandborder.com
2    2a03:2880:f00f:8:face:b00c:0:1 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
connect.facebook.net
5    2404:6800:4004:822::2003 (Australia)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    13.249.170.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-170-54.nrt12.r.cloudfront.net
c.amazon-adsystem.com
1    2600:9000:24db:1a00:1e:7118:9c80:93a1 (United States)

ASN16509 (AMAZON-02, US)
geo.adspsp.com
8    44.241.196.6 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-196-6.us-west-2.compute.amazonaws.com
adspsp.com
9    2404:6800:4004:824::200e (Australia)

ASN15169 (GOOGLE, US)
www.google-analytics.com
9    2620:116:800e:21:46d:7e81:55ff:4c12 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    2600:9000:2142:c00:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    2404:6800:4004:820::200e (Australia)

ASN15169 (GOOGLE, US)
ampcid.google.com
4    13.35.40.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-40-29.nrt20.r.cloudfront.net
cdn.segment.com
1    2404:6800:4004:823::200e (Australia)

ASN15169 (GOOGLE, US)
ampcid.google.co.jp
6    2404:6800:4004:823::2001 (Australia)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
1    130.211.10.17 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.10.211.130.bc.googleusercontent.com
www.justapinch.com
4    2404:6800:4008:c13::9c (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
18    142.250.207.2 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s54-in-f2.1e100.net
cm.g.doubleclick.net
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
20    2a02:b48:9001::1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
cdn-p.cityspark.com
cdn59755463.blazingcdn.net
11    2404:6800:4004:80f::200e (Australia)

ASN15169 (GOOGLE, US)
analytics.google.com
www.youtube.com
2    2404:6800:4004:820::2003 (Australia)

ASN15169 (GOOGLE, US)
www.google.co.jp
1    143.204.126.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-126-66.nrt20.r.cloudfront.net
p.flipp.com
1    35.160.151.220 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-160-151-220.us-west-2.compute.amazonaws.com
api.segment.io
1    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    143.204.86.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-86-87.nrt12.r.cloudfront.net
config.aps.amazon-adsystem.com
1    2600:9000:2066:d800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2600:1f18:44f0:4846:1f:94ea:f868:81bf (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
api.viafoura.co
2    18.65.201.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-201-30.nrt57.r.cloudfront.net
aax.amazon-adsystem.com
1    2620:116:800e:21:6c50:dbee:bef5:203d (United States)

ASN16509 (AMAZON-02, US)
pixel.quantcount.com
13    13.228.117.82 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-117-82.ap-southeast-1.compute.amazonaws.com
btlr.sharethrough.com
31    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
2    2406:2600:4::12 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
29    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
cnhi-d.openx.net
u.openx.net
jp-u.openx.net
us-u.openx.net
justapinch-com-d.openx.net
13    103.43.90.179 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    2600:9000:2163:3600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    107.22.83.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-83-82.compute-1.amazonaws.com
ping.chartbeat.net
3    2404:6800:4004:826::2002 (Australia)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2404:6800:4004:824::2006 (Australia)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2404:6800:4004:818::200a (Australia)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
5    2404:6800:4004:820::2004 (Australia)

ASN15169 (GOOGLE, US)
www.google.com
1    2404:6800:4004:826::2016 (Australia)

ASN15169 (GOOGLE, US)
i.ytimg.com
36    2600:9000:221e:e000:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
rtb.primis.tech
2    2606:4700:4400::ac40:90a6 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
16    2404:6800:4004:825::2001 (Australia)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
tpc.googlesyndication.com
1    34.117.126.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.126.117.34.bc.googleusercontent.com
bids.concert.io
20    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2404:6800:4004:81c::2001 (Australia)

ASN15169 (GOOGLE, US)
d631796cb912d060e1c81f291b4f78a0.safeframe.googlesyndication.com
2    2404:6800:4004:823::2003 (Australia)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    34.120.58.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.58.120.34.bc.googleusercontent.com
www.americanhometownmedia.com
2    18.213.227.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-227-39.compute-1.amazonaws.com
notifications.viafoura.co
i.viafoura.co
7    2404:6800:4004:80a::2002 (Australia)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2406:2600:4::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
2    2600:9000:21b7:de00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
14    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
2    54.169.98.134 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-98-134.ap-southeast-1.compute.amazonaws.com
ad.360yield.com
2    35.208.249.213 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
4    52.69.213.237 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-69-213-237.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
5    18.138.179.14 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-179-14.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
4    23.39.216.189 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-39-216-189.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    23.40.149.60 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-40-149-60.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
8    18.143.106.89 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-143-106-89.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
cms.analytics.yahoo.com
1    216.22.16.53 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync-us.smartadserver.com
6    8.39.36.141 (Los Angeles, United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
4    207.65.34.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
9    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
4    52.203.228.108 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-228-108.compute-1.amazonaws.com
i.liadm.com
1    2001:df2:a300:bbbb::136 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
1    2600:1f18:ed:550f:27fd:18e1:959d:33af (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
4    2001:df2:a300:bbbb::135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
3    211.120.53.200 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
2    50.31.142.255 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
2    35.75.90.59 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-75-90-59.ap-northeast-1.compute.amazonaws.com
api.primecaster.net
22    207.65.34.80 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
3    99.84.133.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-133-60.nrt57.r.cloudfront.net
cr-p10.ladsp.com
cr-p3.ladsp.com
5    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
4    52.77.13.91 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-13-91.ap-southeast-1.compute.amazonaws.com
sync.crwdcntrl.net
bcp.crwdcntrl.net
id.crwdcntrl.net
1    119.9.108.180 (Hong Kong)

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)
uipglob.semasio.net
29    34.142.175.23 (Singapore, Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 23.175.142.34.bc.googleusercontent.com
um.simpli.fi
1    18.172.52.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-52-20.nrt20.r.cloudfront.net
api.intentiq.com
22    18.65.185.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-185-71.nrt57.r.cloudfront.net
sync.intentiq.com
sync1.intentiq.com
6    2406:da18:929:5a01:4f7c:de84:79b9:a7e6 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    220.150.223.50 (Japan)

ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP)
PTR: 50.223.150.220.in-addr.arpa
sync-dsp.ad-m.asia
2    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
6    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
3    35.214.181.122 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 122.181.214.35.bc.googleusercontent.com
csync.loopme.me
3    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
13    8.39.36.142 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    2600:1f18:612b:4216:bba5:fc0b:66fa:bb51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
mb9eo.publishers.tremorhub.com
simplifi.partners.tremorhub.com
1    23.219.68.21 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-219-68-21.deploy.static.akamaitechnologies.com
cs.media.net
5    209.191.163.152 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
2    139.99.123.105 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ads11-sgp.stickyadstv.com
ads.stickyadstv.com
1    80.77.87.161 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
1    23.106.127.38 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync-global.smartadserver.com
1    37.157.5.84 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
8    74.118.186.107 (Serangoon New Town, Singapore)

ASN6336 (TURN-US-ASN, US)
sync.1rx.io
sync.targeting.unrulymedia.com
3    104.129.130.39 (Dallas, United States)

ASN396949 (CLOUDWEBMANAGE-TX, US)
video.primis.tech
1    207.65.34.77 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
4    185.84.60.23 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    18.142.92.8 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-142-92-8.ap-southeast-1.compute.amazonaws.com
i.w55c.net
pm.w55c.net
4    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    34.111.147.92 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 92.147.111.34.bc.googleusercontent.com
sync-axelmark-dsp.focas.jp
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    18.177.11.95 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-11-95.ap-northeast-1.compute.amazonaws.com
bk.r-ad.ne.jp
2    13.114.76.12 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-114-76-12.ap-northeast-1.compute.amazonaws.com
dps.jp.cinarra.com
3    54.174.90.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-90-242.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    3.114.3.225 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-114-3-225.ap-northeast-1.compute.amazonaws.com
dynalyst-sync.adtdp.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
6    2404:6800:4004:825::2002 (Australia)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    67.220.228.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
12    209.191.163.210 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)
ce.lijit.com
2    172.64.146.152 (United States)

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
1    54.146.218.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-218-6.compute-1.amazonaws.com
sync.ipredictive.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
2    35.75.206.175 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-75-206-175.ap-northeast-1.compute.amazonaws.com
dpm.demdex.net
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
2    2406:da18:22e:4f04:5db4:f8ff:1a3b:fd55 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
d.adroll.com
4    207.65.34.74 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
image4.pubmatic.com
2    2406:2600:4::b (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    182.161.74.11 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
mug.criteo.com
1    38.133.127.63 (Sacramento, United States)

ASN22075 (AS-OUTBRAIN, US)
sync.outbrain.com
1    35.79.245.176 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-79-245-176.ap-northeast-1.compute.amazonaws.com
aa.agkn.com
1    2600:9000:208e:5400:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)
d.agkn.com
3    2600:1901:0:8eee:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
fei.pro-market.net
pbid.pro-market.net
2    50.16.197.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-197-56.compute-1.amazonaws.com
loadm.exelator.com
1    52.23.7.200 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-7-200.compute-1.amazonaws.com
sync.bfmio.com
1    59.151.139.239 (United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a59-151-139-239.deploy.static.akamaitechnologies.com
stags.bluekai.com
1    142.250.198.2 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s58-in-f2.1e100.net
www.googleadservices.com
2    141.95.33.120 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203256.ip-141-95-33.eu
id5-sync.com
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
3    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
cm.ctnsnet.com
ipac.ctnsnet.com
1    45.137.176.88 (France)

ASN60350 (VP, FR)
sync.adotmob.com
2    18.178.207.225 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-178-207-225.ap-northeast-1.compute.amazonaws.com
ds.uncn.jp
1    182.161.74.16 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
1    172.104.105.5 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1715-5.members.linode.com
gocm.c.appier.net
1    82.145.213.8 (None, )

ASN- ()
t.adx.opera.com
1    74.121.140.211 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    198.8.71.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
4    2a02:fa8:c411:13::1370 (Amsterdam, Netherlands)

ASN399104 (CNVR-APAC, US)
pubmatic-match.dotomi.com
openx2-match.dotomi.com
1    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
lb.eu-1-id5-sync.com
1    72.34.250.78 (Hemet, United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
1    35.213.64.108 (None, )

ASN- ()
e-jp.cmcd1.com
2    98.98.134.241 (None, )

ASN- ()
pixel-sync.sitescout.com
1    51.68.39.188 (None, )

ASN- ()
dsp.nrich.ai
1    8.18.47.7 (None, )

ASN- ()
apsoutheast-match.deepintent.com
2    52.198.23.127 (None, )

ASN- ()
pool.admedo.com
1    74.214.196.131 (None, )

ASN- ()
bh.contextweb.com
1    2404:6800:4004:808::2006 (None, )

ASN- ()
s0.2mdn.net
1    103.243.202.190 (None, )

ASN- ()
cm-exchange.toast.com
2    23.106.127.57 (None, )

ASN- ()
sync.smartadserver.com
1    34.160.19.107 (None, )

ASN- ()
dmp.brand-display.com
Apex Domain
Subdomains		 Transfer
52 townnews.com
bloximages.chicago2.vip.townnews.com — Cisco Umbrella Rank: 35962
470 KB
45 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
stats.g.doubleclick.net — Cisco Umbrella Rank: 184
cm.g.doubleclick.net — Cisco Umbrella Rank: 338
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
static.doubleclick.net — Cisco Umbrella Rank: 371
226 KB
39 primis.tech
live.primis.tech — Cisco Umbrella Rank: 2303
video.primis.tech — Cisco Umbrella Rank: 7837
rtb.primis.tech — Cisco Umbrella Rank: 7674
803 KB
35 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 811
image6.pubmatic.com — Cisco Umbrella Rank: 1215
simage2.pubmatic.com — Cisco Umbrella Rank: 1499
image2.pubmatic.com — Cisco Umbrella Rank: 1555
image8.pubmatic.com — Cisco Umbrella Rank: 1098
simage4.pubmatic.com — Cisco Umbrella Rank: 1864
image4.pubmatic.com — Cisco Umbrella Rank: 2201
43 KB
31 openx.net
cnhi-d.openx.net — Cisco Umbrella Rank: 355178
u.openx.net — Cisco Umbrella Rank: 1108
jp-u.openx.net — Cisco Umbrella Rank: 10572
rtb.openx.net — Cisco Umbrella Rank: 1007
us-u.openx.net — Cisco Umbrella Rank: 930
justapinch-com-d.openx.net — Cisco Umbrella Rank: 104748
6 KB
31 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 757
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 796
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194
dsum.casalemedia.com — Cisco Umbrella Rank: 2867
23 KB
31 simpli.fi
tag.simpli.fi — Cisco Umbrella Rank: 7462
um.simpli.fi — Cisco Umbrella Rank: 1428
i.simpli.fi — Cisco Umbrella Rank: 6388
14 KB
29 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 359
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 925
aax.amazon-adsystem.com — Cisco Umbrella Rank: 464
s.amazon-adsystem.com — Cisco Umbrella Rank: 398
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 923
163 KB
23 intentiq.com
api.intentiq.com — Cisco Umbrella Rank: 2042
sync.intentiq.com — Cisco Umbrella Rank: 1479
sync1.intentiq.com — Cisco Umbrella Rank: 2959
19 KB
22 rubiconproject.com
eus.rubiconproject.com — Cisco Umbrella Rank: 951
token.rubiconproject.com — Cisco Umbrella Rank: 744
pixel.rubiconproject.com — Cisco Umbrella Rank: 620
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 2017
27 KB
22 googlesyndication.com
d631796cb912d060e1c81f291b4f78a0.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 185
pagead2.googlesyndication.com — Cisco Umbrella Rank: 140
787 KB
18 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1894
match.sharethrough.com — Cisco Umbrella Rank: 797
11 KB
17 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 998
ce.lijit.com — Cisco Umbrella Rank: 1432
18 KB
15 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 356
acdn.adnxs.com — Cisco Umbrella Rank: 957
secure.adnxs.com — Cisco Umbrella Rank: 793
46 KB
15 blazingcdn.net
cdn59755463.blazingcdn.net — Cisco Umbrella Rank: 50605
1 MB
14 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 505
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 819
cms.analytics.yahoo.com — Cisco Umbrella Rank: 2418
6 KB
14 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 590
7 KB
10 youtube.com
www.youtube.com — Cisco Umbrella Rank: 79
1 MB
10 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
765 KB
10 adspsp.com
prod.adspsp.com — Cisco Umbrella Rank: 26857
geo.adspsp.com — Cisco Umbrella Rank: 220560
adspsp.com — Cisco Umbrella Rank: 21506
90 KB
10 normantranscript.com
normantranscript.com
www.normantranscript.com
127 KB
9 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 594
4 KB
9 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 2137
pixel.quantserve.com — Cisco Umbrella Rank: 1736
cms.quantserve.com — Cisco Umbrella Rank: 1348
12 KB
9 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
21 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 271
454 KB
7 google.com
ampcid.google.com — Cisco Umbrella Rank: 3299
analytics.google.com — Cisco Umbrella Rank: 266
www.google.com — Cisco Umbrella Rank: 6
21 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
135 KB
6 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 1067
cdn.indexww.com — Cisco Umbrella Rank: 2632
5 KB
6 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 878
gum.criteo.com — Cisco Umbrella Rank: 597
mug.criteo.com — Cisco Umbrella Rank: 1867
dis.criteo.com — Cisco Umbrella Rank: 943
8 KB
6 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 129
49 KB
6 cityspark.com
cdn.cityspark.com — Cisco Umbrella Rank: 62666
cdn-p.cityspark.com — Cisco Umbrella Rank: 45266
34 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
jnn-pa.googleapis.com — Cisco Umbrella Rank: 306
43 KB
5 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 857
2 KB
5 adform.net
cm.adform.net — Cisco Umbrella Rank: 1664
c1.adform.net — Cisco Umbrella Rank: 1001
3 KB
5 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 845
1 KB
5 turn.com
d.turn.com — Cisco Umbrella Rank: 2160
ad.turn.com — Cisco Umbrella Rank: 1449
2 KB
5 liadm.com
i.liadm.com — Cisco Umbrella Rank: 979
i6.liadm.com — Cisco Umbrella Rank: 4366
3 KB
4 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 5770
openx2-match.dotomi.com
1 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1396
1020 B
4 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1419
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1431
id.crwdcntrl.net — Cisco Umbrella Rank: 4038
2 KB
4 smartadserver.com
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 13277
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 2541
sync.smartadserver.com
1 KB
4 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 972
2 KB
4 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 764
api.rlcdn.com Failed
911 B
4 segment.com
cdn.segment.com — Cisco Umbrella Rank: 2979
37 KB
4 bandborder.com
bandborder.com — Cisco Umbrella Rank: 308569
30 KB
4 newsmemory.com
normantranscript-cnhi-pw.newsmemory.com
187 KB
3 ctnsnet.com
cm.ctnsnet.com — Cisco Umbrella Rank: 6228
ipac.ctnsnet.com — Cisco Umbrella Rank: 7580
1 KB
3 pro-market.net
fei.pro-market.net — Cisco Umbrella Rank: 3732
pbid.pro-market.net — Cisco Umbrella Rank: 16052
1 KB
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 809
2 KB
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1274
3 KB
3 w55c.net
i.w55c.net — Cisco Umbrella Rank: 2282
pm.w55c.net — Cisco Umbrella Rank: 1620
2 KB
3 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 2399
1 KB
3 tremorhub.com
mb9eo.publishers.tremorhub.com — Cisco Umbrella Rank: 9214
simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 10133
1004 B
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 731
1 KB
3 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1467
747 B
3 ladsp.com
cr-p10.ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 16443
2 KB
3 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 2129
3 KB
3 viafoura.co
api.viafoura.co — Cisco Umbrella Rank: 16578
notifications.viafoura.co — Cisco Umbrella Rank: 20897
i.viafoura.co — Cisco Umbrella Rank: 18554
4 KB
3 google.co.jp
ampcid.google.co.jp — Cisco Umbrella Rank: 831592
www.google.co.jp — Cisco Umbrella Rank: 17094
936 B
2 admedo.com
pool.admedo.com
1 KB
2 sitescout.com
pixel-sync.sitescout.com
374 B
2 uncn.jp
ds.uncn.jp — Cisco Umbrella Rank: 20494
854 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1559
s.tribalfusion.com — Cisco Umbrella Rank: 3590
1 KB
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 658
2 KB
2 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 3106
3 KB
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 973
d.agkn.com — Cisco Umbrella Rank: 1340
1 KB
2 adroll.com
d.adroll.com — Cisco Umbrella Rank: 2450
361 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 313
1 KB
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1732
522 B
2 cinarra.com
dps.jp.cinarra.com — Cisco Umbrella Rank: 13335
75 B
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 958
1 KB
2 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 8048
486 B
2 primecaster.net
api.primecaster.net — Cisco Umbrella Rank: 275307
665 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 994
1014 B
2 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 1925
480 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 995
652 B
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 1035
963 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 894
61 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 2295
111 KB
2 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1945
pixel.quantcount.com — Cisco Umbrella Rank: 4638
800 B
2 pippio.com
pippio.com — Cisco Umbrella Rank: 1480
880 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 240
88 KB
2 cnhionline.com
static.cnhionline.com — Cisco Umbrella Rank: 301283
63 KB
2 appspot.com
japfg-trending-content.appspot.com — Cisco Umbrella Rank: 118694
3 KB
1 brand-display.com
dmp.brand-display.com
339 B
1 toast.com
cm-exchange.toast.com
431 B
1 2mdn.net
s0.2mdn.net
490 B
1 contextweb.com
bh.contextweb.com
832 B
1 deepintent.com
apsoutheast-match.deepintent.com
44 B
1 nrich.ai
dsp.nrich.ai
579 B
1 cmcd1.com
e-jp.cmcd1.com
82 B
1 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 4534
1 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1338
284 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1485
793 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 2123
738 B
1 opera.com
t.adx.opera.com
552 B
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 4327
435 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 2147
680 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 173
546 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 1624
444 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 3080
421 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 1287
287 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 2957
424 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1536
493 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 778
514 B
1 adtdp.com
dynalyst-sync.adtdp.com — Cisco Umbrella Rank: 26998
541 B
1 r-ad.ne.jp
bk.r-ad.ne.jp — Cisco Umbrella Rank: 21649
548 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2809
173 B
1 focas.jp
sync-axelmark-dsp.focas.jp — Cisco Umbrella Rank: 18146
473 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1665
586 B
1 media.net
cs.media.net — Cisco Umbrella Rank: 1972
901 B
1 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 2396
220 B
1 americanhometownmedia.com
www.americanhometownmedia.com — Cisco Umbrella Rank: 137397
103 KB
1 concert.io
bids.concert.io — Cisco Umbrella Rank: 13200
472 B
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 193
5 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 104
19 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1643
201 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 988
482 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 438
83 KB
1 segment.io
api.segment.io — Cisco Umbrella Rank: 1619
180 B
1 flipp.com
p.flipp.com — Cisco Umbrella Rank: 17852
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 7397
405 B
1 justapinch.com
www.justapinch.com — Cisco Umbrella Rank: 120000
22 KB
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 2311
15 KB
1 viafoura.net
cdn.viafoura.net — Cisco Umbrella Rank: 16289
15 KB
1 flippback.com
cdn-gateflipp.flippback.com — Cisco Umbrella Rank: 17109
34 KB
0 ck-ie.com Failed
us.ck-ie.com Failed
0 mrpdata.net Failed
j.mrpdata.net Failed
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 rundsp.com Failed
match.rundsp.com Failed
0 nex8.net Failed
cs.nex8.net Failed
537 131
Domain Requested by
52 bloximages.chicago2.vip.townnews.com www.normantranscript.com
35 live.primis.tech 19 redirects www.normantranscript.com
live.primis.tech
29 um.simpli.fi 22 redirects ads.pubmatic.com
21 sync.intentiq.com 1 redirects live.primis.tech
www.normantranscript.com
s.amazon-adsystem.com
ads.pubmatic.com
20 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
20 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
ssum-sec.casalemedia.com
ads.pubmatic.com
match.sharethrough.com
jp-u.openx.net
19 securepubads.g.doubleclick.net www.normantranscript.com
securepubads.g.doubleclick.net
www.googletagservices.com
18 cm.g.doubleclick.net 15 redirects jp-u.openx.net
s.amazon-adsystem.com
16 simage2.pubmatic.com ads.pubmatic.com
match.sharethrough.com
15 us-u.openx.net jp-u.openx.net
ce.lijit.com
us-u.openx.net
15 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
15 cdn59755463.blazingcdn.net www.normantranscript.com
14 x.bidswitch.net 14 redirects
13 pixel.rubiconproject.com 8 redirects s.amazon-adsystem.com
13 btlr.sharethrough.com prod.adspsp.com
12 ce.lijit.com s.amazon-adsystem.com
www.americanhometownmedia.com
ce.lijit.com
ads.pubmatic.com
us-u.openx.net
12 ib.adnxs.com 4 redirects prod.adspsp.com
acdn.adnxs.com
s.amazon-adsystem.com
10 www.youtube.com www.normantranscript.com
bloximages.chicago2.vip.townnews.com
www.youtube.com
10 www.googletagmanager.com www.normantranscript.com
www.googletagmanager.com
9 match.adsrvr.org 8 redirects live.primis.tech
9 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.normantranscript.com
8 adspsp.com www.normantranscript.com
8 www.normantranscript.com www.normantranscript.com
7 jp-u.openx.net prod.adspsp.com
jp-u.openx.net
www.americanhometownmedia.com
us-u.openx.net
7 ups.analytics.yahoo.com 6 redirects jp-u.openx.net
7 ssum-sec.casalemedia.com 2 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
js-sec.indexww.com
7 www.googletagservices.com securepubads.g.doubleclick.net
6 pagead2.googlesyndication.com www.googletagservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 pr-bh.ybp.yahoo.com 1 redirects jp-u.openx.net
ssum-sec.casalemedia.com
6 image2.pubmatic.com ads.pubmatic.com
6 token.rubiconproject.com 5 redirects eus.rubiconproject.com
6 lh3.googleusercontent.com www.normantranscript.com
5 sync.1rx.io 5 redirects
5 ap.lijit.com 4 redirects www.americanhometownmedia.com
5 pixel.tapad.com 2 redirects ads.pubmatic.com
s.amazon-adsystem.com
5 match.sharethrough.com 1 redirects s.amazon-adsystem.com
match.sharethrough.com
5 www.google.com 1 redirects www.youtube.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 cdn-p.cityspark.com cdn.cityspark.com
cdn-p.cityspark.com
5 c.amazon-adsystem.com prod.adspsp.com
c.amazon-adsystem.com
live.primis.tech
5 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
4 sync-tm.everesttech.net 3 redirects ads.pubmatic.com
4 c1.adform.net 4 redirects
4 cms.quantserve.com 4 redirects
4 ad.turn.com 4 redirects
4 i.liadm.com 4 redirects
4 image6.pubmatic.com ads.pubmatic.com
4 u.openx.net 1 redirects s.amazon-adsystem.com
jp-u.openx.net
us-u.openx.net
4 ads.pubmatic.com s.amazon-adsystem.com
ads.pubmatic.com
live.primis.tech
ce.lijit.com
4 match.prod.bidr.io 2 redirects ssum-sec.casalemedia.com
s.amazon-adsystem.com
4 jnn-pa.googleapis.com www.youtube.com
4 pixel.quantserve.com cdn.cityspark.com
cdn.jsdelivr.net
www.normantranscript.com
4 idsync.rlcdn.com 3 redirects www.normantranscript.com
4 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
4 cdn.segment.com www.normantranscript.com
cdn.segment.com
4 bandborder.com www.normantranscript.com
bandborder.com
4 normantranscript-cnhi-pw.newsmemory.com www.normantranscript.com
normantranscript-cnhi-pw.newsmemory.com
3 simage4.pubmatic.com ads.pubmatic.com
3 creativecdn.com 3 redirects
3 cdn.indexww.com ssum-sec.casalemedia.com
3 sync.srv.stackadapt.com 3 redirects
3 video.primis.tech www.normantranscript.com
live.primis.tech
3 sync.targeting.unrulymedia.com 1 redirects jp-u.openx.net
3 eb2.3lift.com 2 redirects
3 csync.loopme.me 3 redirects
3 js-sec.indexww.com prod.adspsp.com
live.primis.tech
3 tg.socdm.com 3 redirects
3 googleads.g.doubleclick.net 2 redirects www.youtube.com
3 htlb.casalemedia.com prod.adspsp.com
live.primis.tech
2 sync.smartadserver.com 1 redirects us-u.openx.net
2 pool.admedo.com 2 redirects
2 openx2-match.dotomi.com 2 redirects
2 pixel-sync.sitescout.com jp-u.openx.net
ce.lijit.com
2 pubmatic-match.dotomi.com 2 redirects
2 ipac.ctnsnet.com 1 redirects ads.pubmatic.com
2 ds.uncn.jp 2 redirects
2 id5-sync.com live.primis.tech
2 loadm.exelator.com 1 redirects
2 fei.pro-market.net 2 redirects
2 gum.criteo.com 1 redirects static.criteo.net
2 d.adroll.com ssum-sec.casalemedia.com
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 capi.connatix.com 1 redirects s.amazon-adsystem.com
2 dps.jp.cinarra.com jp-u.openx.net
ads.pubmatic.com
2 pm.w55c.net 2 redirects
2 ads.stickyadstv.com 1 redirects ssum-sec.casalemedia.com
2 mb9eo.publishers.tremorhub.com 2 redirects
2 acdn.adnxs.com prod.adspsp.com
2 sync-dsp.ad-m.asia jp-u.openx.net
ads.pubmatic.com
2 rtb.openx.net 1 redirects jp-u.openx.net
2 sync.crwdcntrl.net 1 redirects ads.pubmatic.com
2 cr-p10.ladsp.com 2 redirects
2 api.primecaster.net 2 redirects
2 b1sync.zemanta.com 2 redirects
2 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
2 trace.mediago.io 2 redirects
2 ad.360yield.com 2 redirects
2 s.ad.smaato.net 2 redirects
2 static.criteo.net prod.adspsp.com
static.criteo.net
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 cdn.confiant-integrations.net www.googletagmanager.com
cdn.confiant-integrations.net
2 cnhi-d.openx.net prod.adspsp.com
2 bidder.criteo.com prod.adspsp.com
2 aax.amazon-adsystem.com c.amazon-adsystem.com
2 www.google.co.jp www.normantranscript.com
2 pippio.com 2 redirects
2 connect.facebook.net www.normantranscript.com
connect.facebook.net
2 static.cnhionline.com www.normantranscript.com
2 japfg-trending-content.appspot.com www.normantranscript.com
2 fonts.googleapis.com www.normantranscript.com
live.primis.tech
2 normantranscript.com 1 redirects www.normantranscript.com
1 dmp.brand-display.com 1 redirects
1 cm-exchange.toast.com 1 redirects
1 s0.2mdn.net ce.lijit.com
1 bh.contextweb.com 1 redirects
1 apsoutheast-match.deepintent.com jp-u.openx.net
1 dsp.nrich.ai 1 redirects
1 e-jp.cmcd1.com jp-u.openx.net
1 justapinch-com-d.openx.net www.americanhometownmedia.com
1 apex.go.sonobi.com www.americanhometownmedia.com
1 lb.eu-1-id5-sync.com live.primis.tech
1 p.rfihub.com 1 redirects
1 sync.mathtag.com 1 redirects
1 t.adx.opera.com 1 redirects
1 gocm.c.appier.net 1 redirects
1 dis.criteo.com 1 redirects
1 image4.pubmatic.com
1 sync.adotmob.com 1 redirects
1 cm.ctnsnet.com 1 redirects
1 s.tribalfusion.com 1 redirects
1 a.tribalfusion.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 id.crwdcntrl.net live.primis.tech
1 www.googleadservices.com 1 redirects
1 bcp.crwdcntrl.net
1 stags.bluekai.com
1 sync.bfmio.com
1 pbid.pro-market.net
1 cms.analytics.yahoo.com 1 redirects
1 d.agkn.com 1 redirects
1 aa.agkn.com 1 redirects
1 simplifi.partners.tremorhub.com
1 sync.outbrain.com
1 mug.criteo.com
1 i.simpli.fi tag.simpli.fi
1 s.company-target.com 1 redirects
1 rtb.primis.tech live.primis.tech
1 sync.ipredictive.com 1 redirects
1 px.ads.linkedin.com s.amazon-adsystem.com
1 aax-eu.amazon-adsystem.com s.amazon-adsystem.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 dynalyst-sync.adtdp.com 1 redirects
1 secure.adnxs.com 1 redirects
1 bk.r-ad.ne.jp 1 redirects
1 tr.blismedia.com jp-u.openx.net
1 sync-axelmark-dsp.focas.jp 1 redirects
1 i.w55c.net 1 redirects
1 image8.pubmatic.com 1 redirects
1 cm.adform.net 1 redirects
1 ssbsync-global.smartadserver.com 1 redirects
1 cs.admanmedia.com 1 redirects
1 cs.media.net 1 redirects
1 cr-p3.ladsp.com 1 redirects
1 sync1.intentiq.com www.normantranscript.com
1 api.intentiq.com live.primis.tech
1 uipglob.semasio.net ads.pubmatic.com
1 i6.liadm.com ssum-sec.casalemedia.com
1 d.turn.com 1 redirects
1 ssbsync-us.smartadserver.com 1 redirects
1 i.viafoura.co www.normantranscript.com
1 notifications.viafoura.co cdn.viafoura.net
1 www.americanhometownmedia.com www.normantranscript.com
1 d631796cb912d060e1c81f291b4f78a0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 bids.concert.io prod.adspsp.com
1 yt3.ggpht.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 ping.chartbeat.net www.normantranscript.com
1 static.adsafeprotected.com www.normantranscript.com
1 pixel.quantcount.com secure.quantserve.com
1 api.viafoura.co cdn.viafoura.net
1 rules.quantcount.com secure.quantserve.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 cdn.jsdelivr.net cdn.cityspark.com
1 api.segment.io cdn.segment.com
1 p.flipp.com cdn-gateflipp.flippback.com
1 analytics.google.com www.googletagmanager.com
1 tags.rd.linksynergy.com 1 redirects
1 www.justapinch.com www.normantranscript.com
1 ampcid.google.co.jp www.google-analytics.com
1 ampcid.google.com www.google-analytics.com
1 static.chartbeat.com www.normantranscript.com
1 secure.quantserve.com www.normantranscript.com
1 geo.adspsp.com prod.adspsp.com
1 cdn.viafoura.net www.normantranscript.com
1 cdn.cityspark.com www.normantranscript.com
1 prod.adspsp.com www.normantranscript.com
1 tag.simpli.fi www.normantranscript.com
1 cdn-gateflipp.flippback.com www.normantranscript.com
0 us.ck-ie.com Failed ce.lijit.com
0 j.mrpdata.net Failed jp-u.openx.net
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
us-u.openx.net
0 api.rlcdn.com Failed live.primis.tech
0 match.rundsp.com Failed jp-u.openx.net
0 cs.nex8.net Failed jp-u.openx.net
537 204
Subject Issuer Validity Valid
normantranscript.com
GTS CA 1P5		 2023-12-10 -
2024-03-09		 3 months crt.sh
bloximages.chicago2.vip.townnews.com
GeoTrust TLS RSA CA G1		 2023-03-13 -
2024-04-12		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
flippback.com
Amazon RSA 2048 M01		 2023-09-18 -
2024-10-16		 a year crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-12-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
prod.adspsp.com
Amazon RSA 2048 M03		 2023-11-18 -
2024-12-16		 a year crt.sh
*.newsmemory.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-02 -
2024-04-01		 a year crt.sh
*.appspot.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
sni0f49gl.wpc.edgecastcdn.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-24 -
2024-08-23		 a year crt.sh
static.cnhionline.com
ZeroSSL RSA Domain Secure Site CA		 2023-11-27 -
2024-02-25		 3 months crt.sh
viafoura.com
Amazon RSA 2048 M02		 2023-08-08 -
2024-09-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
bandborder.com
R3		 2023-11-21 -
2024-02-19		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-18 -
2024-01-16		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
geo.adspsp.com
Amazon RSA 2048 M03		 2023-11-21 -
2024-12-19		 a year crt.sh
adspsp.com
Amazon RSA 2048 M03		 2023-11-17 -
2024-12-15		 a year crt.sh
quantserve.com
R3		 2023-12-27 -
2024-03-26		 3 months crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.segment.com
Amazon RSA 2048 M03		 2023-11-14 -
2024-12-13		 a year crt.sh
*.google.co.jp
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
justapinch.com
Go Daddy Secure Certificate Authority - G2		 2023-04-18 -
2024-05-19		 a year crt.sh
cdn-p.cityspark.com
R3		 2023-12-15 -
2024-03-14		 3 months crt.sh
flipp.com
Amazon RSA 2048 M01		 2023-07-31 -
2024-08-28		 a year crt.sh
*.segment.io
Amazon RSA 2048 M03		 2023-12-13 -
2025-01-11		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
*.blazingcdn.net
Sectigo RSA Domain Validation Secure Server CA		 2023-07-05 -
2024-08-04		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M02		 2023-09-23 -
2024-10-20		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
*.chartbeat.net
Thawte TLS RSA CA G1		 2023-11-20 -
2024-12-20		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.primis.tech
Amazon RSA 2048 M01		 2023-09-24 -
2024-10-22		 a year crt.sh
confiant-integrations.net
GTS CA 1P5		 2023-11-19 -
2024-02-17		 3 months crt.sh
bids.concert.io
GTS CA 1D4		 2023-12-22 -
2024-03-21		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-01 -
2024-12-21		 a year crt.sh
www.americanhometownmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-05-14 -
2024-06-14		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.intentiq.com
Amazon RSA 2048 M02		 2023-04-11 -
2024-05-08		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
sync-dsp.ad-m.asia
ZeroSSL RSA Domain Secure Site CA		 2023-11-27 -
2024-02-25		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
primis.tech
Go Daddy Secure Certificate Authority - G2		 2023-07-27 -
2024-06-18		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-12-02 -
2024-03-01		 3 months crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-17 -
2024-06-16		 a year crt.sh
match.prod.bidr.io
Amazon RSA 2048 M01		 2023-07-19 -
2024-08-15		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M03		 2023-10-09 -
2024-11-07		 a year crt.sh
*.id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M03		 2023-10-08 -
2024-11-06		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2023-12-07 -
2025-01-07		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
e-jp.cmcd1.com
GTS CA 1D4		 2024-01-03 -
2024-04-02		 3 months crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2023-12-01 -
2025-01-01		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-12-26 -
2024-06-19		 6 months crt.sh

This page contains 66 frames:

Primary Page: https://www.normantranscript.com/
Frame ID: 68468B206D2829E82045F0106E53A5C4
Requests: 226 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=G-39CWM68PTE&l=cswDataLayer
Frame ID: CC4CF5EFBA221DC9518838F5008FC002
Requests: 25 HTTP requests in this frame

Frame: https://www.youtube.com/embed/J9oVQ43j22g?enablejsapi=1&origin=https://www.normantranscript.com
Frame ID: 188B08E7735FA4CCA91DC8AB9F79218E
Requests: 20 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-Azerion_n-baidu_n-Beeswax_ox-db5_smrt&dcc=t
Frame ID: 9217AC78143405BB1B37B75124D6B4CD
Requests: 1 HTTP requests in this frame

Frame: https://d631796cb912d060e1c81f291b4f78a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 18CAF9957916D38D2A30ACE9D1CFE5E8
Requests: 1 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=105129&cbuster=1704785127081&pubUrl=https%3A%2F%2Fwww.normantranscript.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1&cbuster=1704785127&pubUrlAuto=https%3A%2F%2Fwww.normantranscript.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Frame ID: BFCA860E495C2633F4B1EB95CA4253C4
Requests: 40 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZ_jQPAPEPeaKKnoquz-dmUyKsuxaYw51pSuorH5wwzHnyIGX7X-tsIoUWmkLKGPkR95FwARjU6A0T-4ZZGri2Xb9Zbjp4tR71ZqK5hQyRVVfDfAcNPpVSeFs3gMtOVwhzFbGpPNkO4l_0F99xUuSqtG8WjhTZRWL33mLKwh6ZmyYDA8ujVLWkB_v4UBx7DkMZqAnAHVcMELzRmj9iY2_xzppfXUaCmwfy5v5FeAuiI8YDIcGu7miHjT1mZ8O8J8Ujoja2w0AfXRX7wKj1oNzS0f4TAA7HLlf7UYN7g-01MZBIYppc7I7iVW199lqhR-SWevXzypjSzFpwEq3aBQIPn5NjQZxjcyImjXyFoILCpXhaguW3atX-GFglbmbXdtivX3e5VwHZ-f02_pL3rfpvi2SILTZGpE7W&sai=AMfl-YQBe7981mEDgM49mgFZrwllisjwIfQg7sQP7O3xm4afI7aradBFn-E9T1KGhupU9C8AHidihnoLuA5Ygcef_3JQXB79G6fAMP3hIaOTUZbLYLGP7lyEFdeUhiDVhTbRrSEoOJcHWzzF0RJRJe_EHtPI&sig=Cg0ArKJSzFhMuBzzApGQEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: CD8B06A086427E61EE8A7D1624205CCA
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMJLkZZSkuiAkNvIAnxDbjzdKzNuhTxcQ23BjI8m4vaQDyXA-GVGF35q919vYzgbJoecMID86yS1In942SF4-rfWsfj1avSR7VwaU4_mrD3uTUsV2eXBGkU5Qg_qf6As-H3YQ6_E5AWjcVbCDGhnMWxIHTjgA5W-ADrjV6nUlFISLqdt5JPRycdo8XqTkzTgq0hMZ9hfiJKyMh0mhMuajPHWy5mjSzR6OKAxJCKYrXlBGY8QZJR6o44egu0mTXbdHH-ws9lLgK8lkkOr0tWjPwxQucRdLmLngr0OzC7oZPs5DI5k1KEp-ezoGzIzcV8w2FQlnT22BzC6-AmXyXFCo6SFvlMNK0vaN7r0b21xdqKT-7UzoqAesikrzEOOJeqzB0JCry_AoeYwYF3ikPv0CA5F9IQrEQ-5DzjsG86MROiLdNB_etR3w&sai=AMfl-YTkb3NnbOHqrCnSHThjw58-uTjBKi4q4OkDmYlJ_7uJPmrMDsOYn2GNZlbaXGQog4dZ9MLOfOpGBnqxsL4d1g6dhDhFjWkl0gLVw91k1cSRTVf4JuTF1vCCCJy9zgbpkqxNKNeYzzMwakM2PkSPxueU&sig=Cg0ArKJSzLb7WMCzZIUXEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 8E787CF18C0871E95D2BAE87DC85476E
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNSB04NilxqliKLd7GZ8LqExocHIYGWmxBG59682Z4RBUfIyCvO5ewgmATVHmxh8kXAbcx3WIiyRkz7nYFPgT4SGyIpyVFyugBb5zHrf8ppj9U8npf7fX5j1UDg1GQ9Bjj6WUetE3az48H37Qudm91J87lfOvy6LtOcqyITtiac0ZGLUCI1M3jtwcO0OoCohlT4Z00eIige_jFJUmf_uyYRPeO1dzn1QVGxCJ5QO18a9R_Xy_u39qcm06oUi-0CGewcCjVreee-d5Lqide-3uE0aOFd6uG7VZj1ew3aHIt-2hIVBKGK_qduepTuSkyxyy3jS-y6s_7zVpJ2JbxGNojmBCoNVGLmfs_t2WwQk-wSdoAWXllDhysYDzQUP7p5EqiZ4D6h4OiOEBYm82gLCG82F_rY0MbaFW0gsPE5EknqNlmMr9uxfw&sai=AMfl-YQV3nN-uDN7Qgq8nQLI5v-qLXhr0uilcCgHYPaAOD-ybrEsmc4s3BNjWwqLwmzQnqSMGEjlZX7v01CNHiE2-QlamJ1J_4ZCOmX9GHxyXBgzbyV00U0ifjbTNrqq4TiRvF_OKR2OK3_jNgxJQCufUDrZ&sig=Cg0ArKJSzGMVf2ui-xDDEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 7BBDBECA9027DAC4F6867DCB50F9AF91
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-Azerion_n-baidu_n-Beeswax_ox-db5_smrt&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 83AD4177525C1D5302AD0AC66755A605
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 82B628459436F95EA8A04A98D43F33F3
Requests: 10 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 261B95D7DB5168D9B94E70807BFD2E05
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: C2FCC577D14F22D0B51148F6C9F17792
Requests: 16 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 4C08542E978B1336EF984E53DEEF8D84
Requests: 20 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1LM0ZEV0xkRTJ1SXguS3ZOWUZGVmtpVWo3Z0xSOG5oYX5B
Frame ID: 40761FA124237847AE239BFFD459F018
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 3F4DF6D3939E5B4746ECEDD100D4F8F4
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=4995439349706841471&gdpr=0&gdpr_consent=
Frame ID: CA741E4988F07E40E473C211DC185DDC
Requests: 1 HTTP requests in this frame

Frame: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Frame ID: 04AA4CD5E73C7AD34236BD2FE3AF080A
Requests: 11 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4799ebae-c07a-47eb-9a10-229473514984&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: 268BF59CAC62E36B889263643DEE0781
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AdQlnH0ALp6Bks8AED41yYvhzs8AAAGM7RyrOw
Frame ID: 47E35E0C36960BEE575A6AD1E4621182
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID3008DB03-8A32-4240-AC05-4F59925776EB
Frame ID: 64976B144DC87809B9F721EAC92658E3
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 95D33C5FDF336C5B8379AD413A7A7A31
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 56BDF85D30C01D226942706D289D591D
Requests: 3 HTTP requests in this frame

Frame: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Frame ID: 8F26F3EF2D441DC533FF1585D27E73DC
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 716426816B7CF6DE719C03A0DFB07409
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkTWYNAHE6yPgzsQt5Sru_H4X6XHKrTalG-eL9VlWfwlYQ_ytfm0oWp6Nhti8ZD89dWYnjqMYGfEVoFIWML3Rt7xdMSfENFkH3iHjOhtbW2p7_N96SoxDhxRg0NEnbKrQFlxAIiDipzwxqD7qQdRrKNlQAMJhU_tOwEIO2R3y-ljXDRwyuROMqI6d14brwDTiAF1-1kHAymkcyKYCvDNOhIc3JZOsTq7prU9SN2dI8wppGbMjIcRE4pXcr5VJetLm49ijb5XFAowCU59ubxJYGLubFiTMfaYINV8xBj9BiR4yvzKeqaPEPYEgK6G3zerTcHsnYk4U7mtN_rSQABlUNlsusJtucXaYx5H7ePddIAE3VE3Hw7KmSk4RaESl2vgDOJk4ZGgWIo-v7hwUrW6oKN8ji-LnPMOOpyfqXxkG1mb4SjuVRL6U&sai=AMfl-YSYFH_TezcM0uHbuX3ZCcF7v-NWTt076Z_kzBCXaoa33aRsB_OHX_N7RBVVf_iFFZsOW8qPBu64gqFmMSQL4FwuCP29jb6F_e8wI3hLk7L8Kcgn9eNcflBXWxaYMmQ&sig=Cg0ArKJSzHnDpBODx6qGEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 35619E482A74CAAC2B04B022DCE88E81
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssCf5U5tmJKDC_JZFZB8DJLWcyoCwOODtSmvcP6nHoVlJKYq8DARl3n4oDQPTxfkI7sIA8K1mj8uqwKMO3NaLunOFDOFdE2Dk1oH5wo53Gu3tQFkgPZ0epvDRdKuJ9vzgWSYOjQMvRVDPZhxWR98OD1joBrJ_069cMKHiKZ146cv5dL94L-ibd39LZyrWQBk6HetMIE0RzfHmh2fAivZA_w8ccRAEJIRXfKsiY2xeaxpV_oS04Nrx-mi3MGlN6IqSGttuPqoae0vjRcXQwrZtikRcjQYDij49eZtO1qy7DceuVyrIcIZVSLO_xbh21JFJE_3-tdav7_JyG3spaEP8vxV7R2bxCKZgd5pJVGHjwn5a2o5UQhWmLWPVqBIWX7KrZnda48wqWUI0nahhp3XyP7SZLYf4vInAeXTVbgO64Fem5nD_lJ_ho&sai=AMfl-YQZKK1-ogFgR1abLOWcNNTkznhtXQUnxApZqJvBrXu9yyVstg4z5MEKkZ56TL1ZyLruZ3GseA80iw14npy58pc4VYla8QWLaEE5WNW4NJvvVhLmu0RLXiV4HYM2NAM&sig=Cg0ArKJSzKHNU23jYr-GEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 20966179BD22347E30547C12056FEAEC
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Frame ID: BC61D96D87646D88943DAF1B41456804
Requests: 6 HTTP requests in this frame

Frame: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=d1621fbd-88cb-0eff-0969-aa600e92ace1
Frame ID: 81C0023D826F238A196DB6D7CACF8ADC
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.normantranscript.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: CE37985EC11DF1ACA7032C6BDAC7D5BF
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 6083C0EB1993D62D4FB294D3392E0821
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.normantranscript.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 88D226CD95B935A72528068E695A3448
Requests: 10 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.normantranscript.com
Frame ID: F51185EE6103686D307251D4EA35281E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 04DCB6F99561F5A76BA5CEC4B64FF4FA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BD28832902B02C2CE5D3EAB7482684A2
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 413BF3CDC40932E958CA58F4BC812B41
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.normantranscript.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: ACCE93042AAB68B396105C17669D00C9
Requests: 10 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_4546b59f-30d5-4f39-ab8a-2e97f2c1778b
Frame ID: AE9BFE19683C81B703358CB489E44F94
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 7AFE296E0B4F2946B09B93E7F35B6F3C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2338458340105893363&gdpr=0&gdpr_consent=
Frame ID: 38960FEFAD93451226DEF7EEE0EEC3A1
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID3008DB03-8A32-4240-AC05-4F59925776EB
Frame ID: 57678AC1EF65068053CC8571FB14163F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7J2Xa7ycyz73kM1uucmDMLjLmTH3kZg6vJFymkZN
Frame ID: 3C75ABAB144746C4E2744B70FCCB8351
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: DA77B213E6B31CD3E95A7C2C1AA8E420
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: EA5C81340F284BFECD7FD6CAA65B9A92
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: BF22CCD713B4C0FB1F77DB62E04694EA
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=q3TkUSa7A3uAutpb6_ScZQ
Frame ID: A0854640FECE8CFF70F83DE816FC4256
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=a18b0d87151d498cb87203148ed25e13
Frame ID: 751B5CE23D6B44EDFF0545BF4A584A89
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 34358FEF00E0D969F57B7DC01D38824F
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=3008DB03-8A32-4240-AC05-4F59925776EB
Frame ID: 1A9BB8360B3F38A16B66D7AF827DC9D6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=myx19p-sU3h8tHODeScjhZJGydQ&gdpr=0&gdpr_consent=
Frame ID: 228F84526C28C4E19B342D070FFA8813
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 51802C39755E23DA2F0D09D78EB8DFA5
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUcbf92ee49bb34665be9bcade7e2fbc4f
Frame ID: 9F5EC58B46CFB9B00DEBC3691D7338D9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:J6e8nzE01Rn6uk5&gdpr=0&gdpr_consent=
Frame ID: 641B2189E3A601F735B3E725308E28C0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c0ae659c-f4ec-4100-9fca-8c01a6a50409&gdpr=0&gdpr_consent=
Frame ID: 4C65FFFBE723F4CA7553977C9395369D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:708312F921DC425A8575B9AF760C19C9&gdpr=0&gdpr_consent=
Frame ID: 9B59A8ABBF305B4A6B8B9991C4DDB57E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1921700051816047321
Frame ID: EA9B80A02688CEF9C3BE9D475F162DF2
Requests: 1 HTTP requests in this frame

Frame: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=3008DB03-8A32-4240-AC05-4F59925776EB
Frame ID: A36543804F42A688A21B88FF85DF55AA
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsutCUzKIHLb-jwQgR_06PqpK4NdWyHAAeDgevvvkRuAvDDNn47KjkXWAsP58dshbLGUXi0M7RXn6QQL27BZwfYDVt0L83FQyDzn3dgSOsz8JpmUNHF0izN9EC2QYg-N4pb30eIMJISvT-4jeYFJP70z88h0aLeb51gumIr2UTKkrS463oAkZM1A2x_vDeoRr4iPa1wMcMvVKcckHvAHcVcWWmlDX3oJCqHCP0gUbhjRBLNfI-Msl3o3Tgzz2Wtz0x0rTxL9g-mXmlvEqBd48ZHahmO4rirweMi95sZIsNkoptmKchpiMnmexiayDGSkRp5hvaGTY3m8OU1wj3huZSf_WVhm2PtiVXGe9zr7bhfoW_hr1TtJ3VdXnRXRuWePzwG7BISljUdedXZeziF4bW-Gneg&sai=AMfl-YT_Iaj_3wPb-5q2rs0iB5K6MRkuI40fUBbWP_771YTdBfjdgiHxgjkgCPvx9E4TtepLWZh_a-2CpMstyCNzgIshpjUSDxxxUXu5k0EKPQGQpE3gCJwr9l33mdwRZ24&sig=Cg0ArKJSzCdZLp_vzz6HEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: DEF0AF42F6502BD05218E481810F3319
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-kBol9CAiHVeU2qIHIUkCJjnSHV0vl4P-x6R_QjKDzpLxil90zPlD8dJx3CQ9mmOYXE0aREWztizqeQ5VHhsp5WZAlkPTEeSf1J7RyV91ahgI8_4s8yCgrnkHGR-jXyGrr6y_xVhayVgV-u-zIBFC1wQ4PD_-olCgeN-9-Nj_SA9LIk0_OamGI--TseyfvFbS6XXa1ghSYzACgxd_eDLXjHJfjHOjsNa0Yzi6nyQBcKftx_m9Tg7BlzXQ7RGfXMO2XZAEpKGcls1AlthWA4AvkfVTFBPAOdhV6Bfx7NcGoXCQ7M-NvO2vzLKeMSNg9bEWQwzqLYHzhHxQj93wX8DSOAoJVgvn2vWI78AV9nI7Qv2DWkOMgfgj3G3KmAOQ5fZfn1hygnv2j9jTCjE_80bJ8Gk&sai=AMfl-YRhgpVQBmJ2BhXpn4ovTwa35edaFIP7VH-KcIi3Ecp2Qr1odFYzRqM3JYimvw2Mstq0FqAWM4pGEtjgdh358Ub_t0zdyWWxuBcvbKz44KtkWbxQizlInzqYBsnD6e8&sig=Cg0ArKJSzKcWQvBNR3e3EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 3BEA6D55EE9B3C1EB2B8BBBF1D712890
Requests: 5 HTTP requests in this frame

Frame: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=3008DB03-8A32-4240-AC05-4F59925776EB
Frame ID: FCCCA88DD499DCEDF1B10F11AE9713F3
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon?us_privacy=1---&informer=11277942
Frame ID: 02D4D3FA9F874B7A512EB9BEB1F8BF15
Requests: 9 HTTP requests in this frame

Frame: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0&us_privacy=1---
Frame ID: E6499E5A6511CBF593BDF1DEAD01F51E
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: B993CA5B3206C2991CFB491681DF3AF4
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 7F0F9516807B0033BA7DEF127BDA2264
Requests: 8 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=3008DB03-8A32-4240-AC05-4F59925776EB
Frame ID: 0769D4DEC4811BF41DCE9ED42FE060C4
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=3008DB03-8A32-4240-AC05-4F59925776EB
Frame ID: ACA1141339062AE046F24529B1856F2B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

normantranscript.com | my paper, my townArticle with imagesArticle with imagesArticle with imagesArticle with imagesArticle with imagesArticle with imagesArticle with imagesArticle with imagesLinkLinkLinkLinkLinkLinkLinkArticlesimagesVideosCommentedImage galleryImage galleryImage galleryLinkLinkLinkLinkLinkLinkLinkLinkLinkLinkLinkArticle with imagesArticle with imagesArticle with imagesArticle with imagesArticle with imagesArticle with imagesArticle with images

Page URL History Show full URLs

  1. http://normantranscript.com/ HTTP 301
    https://www.normantranscript.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

537
Requests

75 %
HTTPS

32 %
IPv6

131
Domains

204
Subdomains

120
IPs

12
Countries

7708 kB
Transfer

18257 kB
Size

210
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://normantranscript.com/ HTTP 301
    https://www.normantranscript.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 110
  • https://idsync.rlcdn.com/712559.gif?partner_uid=d213e357-e49b-477e-a56c-7df40e06b16d HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CO--KxIwCiwIARD5vAoaJGQyMTNlMzU3LWU0OWItNDc3ZS1hNTZjLTdkZjQwZTA2YjE2ZBAAGg0I5unzrAYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=0c1648657875c6306212d3ef449ee5e03516a293c5344ffed214c5d7feaea2c9791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAwYzE2NDg2NTc4NzVjNjMwNjIxMmQzZWY0NDllZTVlMDM1MTZhMjkzYzUzNDRmZmVkMjE0YzVkN2ZlYWVhMmM5NzkxNDI2YjU0MTdkY2UyMRAAGgwI5unzrAYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAwYzE2NDg2NTc4NzVjNjMwNjIxMmQzZWY0NDllZTVlMDM1MTZhMjkzYzUzNDRmZmVkMjE0YzVkN2ZlYWVhMmM5NzkxNDI2YjU0MTdkY2UyMRAAGgwI5unzrAYSBAgCEABCAEoA&google_error=3 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=847d2774-5191-4ab3-991e-b90b9f0eb740
Request Chain 176
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 206
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-Azerion_n-baidu_n-Beeswax_ox-db5_smrt HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-Azerion_n-baidu_n-Beeswax_ox-db5_smrt&dcc=t
Request Chain 251
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=84b0cf7915
Request Chain 252
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=4799ebae-c07a-47eb-9a10-229473514984
Request Chain 253
  • https://ad.360yield.com/server_match?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dazerion.com%26id%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dazerion.com%26id%3D%7BPUB_USER_ID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=b79bfb06-55ed-49ef-994e-6362e287e295
Request Chain 254
  • https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=746ded22e48ffe542jgkeo00lr611rwy
Request Chain 255
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID HTTP 303
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1 HTTP 303
  • https://s.amazon-adsystem.com/ecm3?id=AAJgvU7LOeoAABPGHEehAA&ex=beeswax.com
Request Chain 256
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 260
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1LM0ZEV0xkRTJ1SXguS3ZOWUZGVmtpVWo3Z0xSOG5oYX5B
Request Chain 262
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=4995439349706841471&gdpr=0&gdpr_consent=
Request Chain 266
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://match.adsrvr.org/track/cmb/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=5e1cdb2f-412b-4a5e-93a4-04564d7f3206&expiration=1707377128&gdpr=0&gdpr_consent=
Request Chain 267
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZZz06Og13FvJmt7L2nqK1gAAFUUAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIrBo2u6saXq3nKYcJQdTis&google_cver=1
Request Chain 269
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZz06Og13FvJmt7L2nqK1gAA%265445&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZZz06Og13FvJmt7L2nqK1gAA%265445&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=cbe2a8d0085d4799b74f8e1060b9f021 HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=7001959693255496791 HTTP 303
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0 HTTP 302
  • https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=5e1cdb2f-412b-4a5e-93a4-04564d7f3206 HTTP 303
  • https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=5e1cdb2f-412b-4a5e-93a4-04564d7f3206
Request Chain 270
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4119655931738379351
Request Chain 271
  • https://tg.socdm.com/aux/idsync?proto=index_exchange HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=206&external_user_id=ZZz06MCo5tIAAFmFULYAAAAA
Request Chain 272
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://b1sync.zemanta.com/usersync/index/?gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=2&us_privacy= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=smnb4j-Heqi0BKVqBVnq
Request Chain 273
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=uNnJ0OjYlYWj1JPV7Y3di-yPx4qj1caB6NUGtpnv
Request Chain 276
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://api.primecaster.net/adlogue/api/sync/bidswitch?ssp_id=pubmatic HTTP 302
  • https://api.primecaster.net/adlogue/api/sync/bidswitch?ssp_id=pubmatic&uid-set=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=191&user_id=mK7TAkolLQ1&expires=90&ssp=pubmatic&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4799ebae-c07a-47eb-9a10-229473514984&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 277
  • https://cr-p10.ladsp.com/cookiesender/10?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://cr-p10.ladsp.com/cookiesender/10?cr=true&https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AdQlnH0ALp6Bks8AED41yYvhzs8AAAGM7RyrOw
Request Chain 279
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MAjbA4oyQkCsBU9Zkld26w%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 280
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=3008DB03-8A32-4240-AC05-4F59925776EB HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=3008DB03-8A32-4240-AC05-4F59925776EB HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=25340944-7749-4ec2-8326-ce538a3d1a70%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=5e1cdb2f-412b-4a5e-93a4-04564d7f3206&ttd_puid=25340944-7749-4ec2-8326-ce538a3d1a70%2C%2C
Request Chain 281
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=3008DB03-8A32-4240-AC05-4F59925776EB&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=3008DB03-8A32-4240-AC05-4F59925776EB&gdpr=0&gdpr_consent=&ct=y
Request Chain 283
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzAwOERCMDMtOEEzMi00MjQwLUFDMDUtNEY1OTkyNTc3NkVC&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 284
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEZky93RF7iQw6zOci4TOco&google_cver=1
Request Chain 286
  • https://tg.socdm.com/rtb/sync?proto=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZZz06MCo5tAAAMtw5E4AAAAA
Request Chain 290
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=176745&iiqidtype=2&iiqpcid=ffe1e76b-5a3c-488d-be1b-2bf341942233&iiqpciddate=1704785128268&tsrnd=110_1704785128270&vrref=https%3A%2F%2Fwww.normantranscript.com%2F&jsver=5.09 HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=176745&iiqidtype=2&iiqpcid=ffe1e76b-5a3c-488d-be1b-2bf341942233&iiqpciddate=1704785128268&tsrnd=110_1704785128270&vrref=https%3A%2F%2Fwww.normantranscript.com%2F&jsver=5.09&ckls=true&ci=xDGfdaijDn&nc=false&trid=2031145816
Request Chain 293
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=-ZFzMW0LjyKreHD0McPVTg==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 295
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=7001959693255496791&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 296
  • https://match.adsrvr.org/track/cmf/openx?oxid=26c7f90d-c48d-360c-4d0c-3c43e2daeff4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=5e1cdb2f-412b-4a5e-93a4-04564d7f3206&ttd_puid=26c7f90d-c48d-360c-4d0c-3c43e2daeff4&gdpr=0&gdpr_consent=
Request Chain 297
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZZz06MCo5tAAAMtw5GQAAAAA
Request Chain 298
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AdQlnH0ALp6Bks8AED41yYvhzs8AAAGM7RyrhQ
Request Chain 300
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHnvdu0Wkl74TKeZNA_vwRE&google_cver=1
Request Chain 303
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 319
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26gdpr%3D0%26gdpr_consent%3D%26advId%3D98%26advUuid%3D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&gdpr=0&gdpr_consent=&advId=98&advUuid=d1621fbd-88cb-0eff-0969-aa600e92ace1 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=d1621fbd-88cb-0eff-0969-aa600e92ace1
Request Chain 323
  • https://x.bidswitch.net/sync?ssp=sekindo&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sekindo&bsw_param=4799ebae-c07a-47eb-9a10-229473514984&google_hm=NDc5OWViYWUtYzA3YS00N2ViLTlhMTAtMjI5NDczNTE0OTg0 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEEuPZXSndMkue6lRDnhvq0g&google_cver=1&ssp=sekindo&bsw_param=4799ebae-c07a-47eb-9a10-229473514984 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=92&advUuid=4799ebae-c07a-47eb-9a10-229473514984 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1267919208&3rdpcid=4799ebae-c07a-47eb-9a10-229473514984
Request Chain 324
  • https://csync.loopme.me/?pubid=11280&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D93%26advUuid%3D%7Bviewer_token%7D HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&advId=93&advUuid=7cc5b1f4-e9b9-40a7-80e0-1002c3307362&gdpr_consent=null&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=417208643&3rdpcid=7cc5b1f4-e9b9-40a7-80e0-1002c3307362
Request Chain 325
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191923&gdpr=0&gdpr_consent=&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D99%26advUuid%3D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=99&advUuid=ZZz06Og13FvJmt7L2nqK1gAA%265445 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2120880633&3rdpcid=ZZz06Og13FvJmt7L2nqK1gAA%265445
Request Chain 326
  • https://eb2.3lift.com/getuid?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=121&advUuid=3985768900622816671989 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=259151345&3rdpcid=3985768900622816671989
Request Chain 327
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LR611SKG-F-I6SV&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LR611SKG-F-I6SV
Request Chain 328
  • https://ups.analytics.yahoo.com/ups/58818/sync?redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=128&advUuid=y-iYxNIulE2uL8pnDkDB8oorjfO_NmFtD5~A HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1028935272&3rdpcid=y-iYxNIulE2uL8pnDkDB8oorjfO_NmFtD5~A
Request Chain 329
  • https://mb9eo.publishers.tremorhub.com/pubsync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D HTTP 302
  • https://mb9eo.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=126&advUuid=1dff9ae3716e42868936ec61c6e83d66 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=584182936&3rdpcid=1dff9ae3716e42868936ec61c6e83d66
Request Chain 330
  • https://cs.media.net/cksync?gdpr=0&gdpr_consent=&cs=34&type=pri&ovsid=659cf4e72c63f&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D127%26advUuid%3D%3Cvsid%3E HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=127&advUuid=3477867281272444000V10 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1723987475&3rdpcid=3477867281272444000V10
Request Chain 331
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D130%26advUuid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D130%26advUuid%3D%24UID&sovrn_retry=true HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&advId=130&advUuid=H9hdBLZHYS3hASfSTXOna_W_ HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=396218182&3rdpcid=H9hdBLZHYS3hASfSTXOna_W_
Request Chain 332
  • https://ads.stickyadstv.com/user-matching?id=3586&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=134&advUuid=adb911b6f5223de0bf4b614593e5f4&gdpr_consent=&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=484859127&3rdpcid=adb911b6f5223de0bf4b614593e5f4
Request Chain 333
  • https://cs.admanmedia.com/3613a31b6329d1c17d5663d05b080db1.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D138%26advUuid%3D%5BUID%5D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=138&advUuid=d49758ed-d19a-4b2e-a25a-ce6b218d9546 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2136778551&3rdpcid=d49758ed-d19a-4b2e-a25a-ce6b218d9546
Request Chain 334
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=21&redirectUri=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D140%26advUuid%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=140&advUuid=4995439349706841471 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1881119486&3rdpcid=4995439349706841471
Request Chain 335
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D143%26advUuid%3D%24UID HTTP 303
  • https://live.primis.tech/live/liveCS.php?source=external&advId=143&advUuid=4211865590473351281 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1697769766&3rdpcid=4211865590473351281
Request Chain 336
  • https://match.sharethrough.com/universal/v1?supply_id=Wog2sp89&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=144&advUuid=256397b9-b916-422d-930d-65bf42cf8abb&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2011327056&3rdpcid=256397b9-b916-422d-930d-65bf42cf8abb
Request Chain 337
  • https://sync.1rx.io/usersync2/rmpssp?sub=primis&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=primis&zcc=1&cb=1704785129382 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=1429303648 HTTP 302
  • https://sync.1rx.io/usersync/turn/7001959693255496791?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-3c1002fe-bb9c-41c0-9f0b-68218e11bef1-004?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D119%26advUuid%3DRX-3c1002fe-bb9c-41c0-9f0b-68218e11bef1-004 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=119&advUuid=RX-3c1002fe-bb9c-41c0-9f0b-68218e11bef1-004 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=541745869&3rdpcid=RX-3c1002fe-bb9c-41c0-9f0b-68218e11bef1-004
Request Chain 346
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=MjU2Mzk3YjktYjkxNi00MjJkLTkzMGQtNjViZjQyY2Y4YWJi HTTP 302
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Request Chain 347
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=5e1cdb2f-412b-4a5e-93a4-04564d7f3206&gdpr=0&gdpr_consent=
Request Chain 348
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156557&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156557%26pr%3Dhttps%253A%252F%252Fmatch.sharethrough.com%252Fsync%252Fv1%253Fsource_id%253DuFFr5RFBYgoUJbWMAWGEZKS3%2526source_user_id%253D%2523PMUID HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5e1cdb2f-412b-4a5e-93a4-04564d7f3206&gdpr=0&gdpr_consent=
Request Chain 349
  • https://x.bidswitch.net/sync?ssp=sharethrough&user_id=256397b9-b916-422d-930d-65bf42cf8abb&gdpr=0&gdpr_consent=&gdpr_pd=1&us_privacy=&expires=365 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=sharethrough HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=sharethrough HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=4211865590473351281&ssp=sharethrough HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=4799ebae-c07a-47eb-9a10-229473514984&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 350
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=708312F921DC425A8575B9AF760C19C9
Request Chain 353
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=J6e8nzE01Rn6uk5
Request Chain 354
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZZz06AANCqNeaQAM HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZZz06AANCqNeaQAM&_test=ZZz06AANCqNeaQAM
Request Chain 355
  • https://sync-axelmark-dsp.focas.jp/sync/opx HTTP 302
  • https://u.openx.net/w/1.0/sd?gdpr=0&gdpr_consent=&id=559785451&val=zAPD3yeXdsBxnxgR48yuHBbjvml5FetnRHx22yzRMcqgu6z4
Request Chain 357
  • https://bk.r-ad.ne.jp/3/cs HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537097918&val=58F7PS01NBDE8006O8qw
Request Chain 359
  • https://sync.srv.stackadapt.com/sync?nid=268 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537082476&val=myx19p-sU3h8tHODeScjhZJGydQ
Request Chain 365
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZZz06Og13FvJmt7L2nqK1gAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEO-TO6T57lHSokgheuxGtUs&google_cver=1
Request Chain 366
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2338458340105893363
Request Chain 368
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZZz06Og13FvJmt7L2nqK1gAAFUUAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZZz06Og13FvJmt7L2nqK1gAAFUUAAAIB
Request Chain 369
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=myx19p-sU3h8tHODeScjhZJGydQ
Request Chain 371
  • https://dynalyst-sync.adtdp.com/cookie/sync?pid=43 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=216&external_user_id=AYztHK1_qfYWqrdw2HI
Request Chain 372
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=5333a222-cac2-4a3f-8cc0-09e88e506348&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 375
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LR611RYY-P-CY9Q HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LR611RYY-P-CY9Q&ex=d-rubiconproject.com&status=ok
Request Chain 377
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5e1cdb2f-412b-4a5e-93a4-04564d7f3206&gdpr=0&gdpr_consent=&expires=30
Request Chain 378
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEN6ySFbsbF0hmvQVqN2uJ6I&google_cver=1
Request Chain 380
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LR611RYY-P-CY9Q&ex=d-rubiconproject.com&status=ok
Request Chain 381
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODAwYWU2MDc2ZTkyM2YxOGU1YTA0YjZkYWY4MmFlZGRiMDAyNGFiZA
Request Chain 382
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=O277NyG4QeqZ5x9tFO943w&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=O277NyG4QeqZ5x9tFO943w
Request Chain 383
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFI2MTFSWVktUC1DWTlR HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDwYilJTh0gjHemzDzMf4AY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI2MTFSWVktUC1DWTlR&google_push=
Request Chain 384
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/zuUZ1gv9g1NkTmLAKiWzOg?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-cFUK8Q5E2oL33nkaGLmVTcQkdPVymuzYbhIyHQ--~A
Request Chain 385
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR611RYY-P-CY9Q
Request Chain 387
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LR611RYY-P-CY9Q
Request Chain 388
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LR611RYY-P-CY9Q&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LR611RYY-P-CY9Q&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Request Chain 389
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=c1eb2d68-80e3-499c-9826-555c8a5797c5&expires=30
Request Chain 390
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LR611RYY-P-CY9Q
Request Chain 391
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LR611RYY-P-CY9Q HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LR611RYY-P-CY9Q
Request Chain 392
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LR611RYY-P-CY9Q
Request Chain 400
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1720509929&external_user_id=ed55f341-8669-4275-a151-58331487235d
Request Chain 401
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=708312F921DC425A8575B9AF760C19C9
Request Chain 402
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZZz06AANCqNeaQAM
Request Chain 403
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZZz06Og13FvJmt7L2nqK1gAA%265445?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZZz06Og13FvJmt7L2nqK1gAA%265445
Request Chain 404
  • https://trace.mediago.io/ju/cs/indexexchange HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=746ded22e48ffe542jgkeo00lr611rwy
Request Chain 405
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZZz06Og13FvJmt7L2nqK1gAA%265445 HTTP 302
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZZz06Og13FvJmt7L2nqK1gAA%265445&tc=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=_wXDy6gr-NxQ8pAod8v40PAQL9C5r9aMWlwcEhkKN_o&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZZz06Og13FvJmt7L2nqK1gAA%265445&tc=1
Request Chain 421
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=normantranscript.com&sn=ChromeSyncframe&so=0&topUrl=www.normantranscript.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=omeqLnxWQjA2ajl1SWdvOWtSN0QwdGN0U05URWpWZzQzNFBCVlRhejE2Wmphc3B0MVR5MDllbXA3NTYzWjY5Q3R3RkwzNzlFem52WmRVb1BSRmZyaHg4SUZPY0pJeEpURkY2ZGVMRC9ub1ptUFpySklodzlrWTlBcW5FTDc3M0E5UzY4dlJBWEZwRTB6OWp4bTBxREFOY2tOWStENEMxdWhZcGM5d1JQYXJBYUd6V2RzNEhBUkhiLytnajJvR214Qm16eFE1SEFvbENjL2dKWm5tVHdRU1NmbTBSck1MYWRmRXJ0a2RVa2FGYmRxRnE1WTZ0S011cUFMN05yOVpzRythZ2E5U2FhczVxSUN6YW9HdTVZbHdmOEgra2Q2aUpyYkVWZHRqQ1pLVmYxa1Zkcz18&cppv=2
Request Chain 423
  • https://um.simpli.fi/smaato HTTP 302
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=708312F921DC425A8575B9AF760C19C9 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=smaato&uid=84b0cf7915&gdpr=0&gdpr_consent=
Request Chain 424
  • https://um.simpli.fi/nexxen HTTP 302
  • https://sync.1rx.io/usersync/simplifi/708312F921DC425A8575B9AF760C19C9 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-3c1002fe-bb9c-41c0-9f0b-68218e11bef1-004
Request Chain 425
  • https://um.simpli.fi/triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=7969&xuid=708312F921DC425A8575B9AF760C19C9&dongle=yf3
Request Chain 426
  • https://um.simpli.fi/telaria_p HTTP 302
  • https://simplifi.partners.tremorhub.com/sync?UISF=708312F921DC425A8575B9AF760C19C9
Request Chain 427
  • https://um.simpli.fi/tapad HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=708312F921DC425A8575B9AF760C19C9
Request Chain 428
  • https://um.simpli.fi/ad_advisor HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=708312F921DC425A8575B9AF760C19C9 HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1704785130962&ip=146.70.201.212&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D232583304756003788549 HTTP 302
  • https://um.simpli.fi/aa_px?sk=232583304756003788549 HTTP 302
  • https://um.simpli.fi/empty.gif
Request Chain 429
  • https://um.simpli.fi/intentiq HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=708312F921DC425A8575B9AF760C19C9
Request Chain 432
  • https://um.simpli.fi/dtnx HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=708312F921DC425A8575B9AF760C19C9;mimetype=img; HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=708312F921DC425A8575B9AF760C19C9;mimetype=img;sr HTTP 302
  • https://cms.analytics.yahoo.com/cms?partner_id=DATCS HTTP 302
  • https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS HTTP 302
  • https://pbid.pro-market.net/engine?du=81&mimetype=img&csync=y-Y_CtFAFE2pSuDqhZ8FB9W60OXyZSSWsCjso-~A
Request Chain 433
  • https://um.simpli.fi/exelatem HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=708312F921DC425A8575B9AF760C19C9&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=708312F921DC425A8575B9AF760C19C9&j=0&xl8blockcheck=1
Request Chain 435
  • https://um.simpli.fi/beachfront HTTP 302
  • https://sync.bfmio.com/sync?pid=141&uid=708312F921DC425A8575B9AF760C19C9
Request Chain 436
  • https://um.simpli.fi/bluekai HTTP 302
  • https://stags.bluekai.com/site/29931?id=708312F921DC425A8575B9AF760C19C9
Request Chain 437
  • https://um.simpli.fi/crwdcntrl HTTP 302
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=708312F921DC425A8575B9AF760C19C9
Request Chain 438
  • https://um.simpli.fi/lj_match HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=708312F921DC425A8575B9AF760C19C9
Request Chain 439
  • https://um.simpli.fi/liveramp_match HTTP 302
  • https://idsync.rlcdn.com/419566.gif?partner_uid=708312F921DC425A8575B9AF760C19C9 HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
Request Chain 440
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1704785130614&cv=7&fst=1704785130614&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=557711149&cv=7&fst=1704785130614&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=6vScZdiCLofo7OsP2dyFmAg&sscte=1&crd=&pscrd=IhMI2J-MwePPgwMVBzR7Bx1ZbgGD HTTP 302
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=557711149&cv=7&fst=1704785130614&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI2J-MwePPgwMVBzR7Bx1ZbgGD&is_vtc=1&ocp_id=6vScZdiCLofo7OsP2dyFmAg&cid=CAQSKQAvHhf_s7ipeCngXW6NQeWq4ceEROfcrSVC0td_bWEg-8N_NcY_Xmek&random=357910294 HTTP 302
  • https://www.google.co.jp/pagead/1p-conversion/1026675585/?random=557711149&cv=7&fst=1704785130614&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI2J-MwePPgwMVBzR7Bx1ZbgGD&is_vtc=1&ocp_id=6vScZdiCLofo7OsP2dyFmAg&cid=CAQSKQAvHhf_s7ipeCngXW6NQeWq4ceEROfcrSVC0td_bWEg-8N_NcY_Xmek&random=357910294&ipr=y
Request Chain 442
  • https://um.simpli.fi/an HTTP 302
  • https://ib.adnxs.com/setuid?entity=66&code=708312F921DC425A8575B9AF760C19C9
Request Chain 443
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=708312F921DC425A8575B9AF760C19C9&expires=365
Request Chain 444
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=708312F921DC425A8575B9AF760C19C9
Request Chain 445
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEClLWvreXER97XrCtvknPOY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=708312F921DC425A8575B9AF760C19C9 HTTP 302
  • https://um.simpli.fi/g_match?id=
Request Chain 457
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4211865590473351281&expiration=1705994731
Request Chain 458
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=4799ebae-c07a-47eb-9a10-229473514984&gdpr=&gdpr_consent=&us_privacy=
Request Chain 459
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZZz06Og13FvJmt7L2nqK1gAA HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZZz06Og13FvJmt7L2nqK1gAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662087374294648
Request Chain 460
  • https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=a18b0d87151d498cb87203148ed25e13&expiration=1707377131
Request Chain 462
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZZz06Og13FvJmt7L2nqK1gAAFUUAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=9466225e5032ef3f2f4677a8bdd97e28&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&34673=ZZz06Og13FvJmt7L2nqK1gAAFUUAAAIB&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umwa933_7322570416264016235&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=OTQ2NjIyNWU1MDMyZWYzZjJmNDY3N2E4YmRkOTdlMjg=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESECJ4U2lk5pGLY_7kEay6o6Q&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://ads.stickyadstv.com/user-registering?userId=AAJgvU7LOeoAABPGHEehAA&dataProviderId=817&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/9466225e5032ef3f2f4677a8bdd97e28?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-0G6eiOdE2oOemnEwu_U6PMKF5qTEDXg0EZ4HFP1g~A HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=5e1cdb2f-412b-4a5e-93a4-04564d7f3206&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2338458340105893363&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=J6e8nzE01Rn6uk5&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=7042349&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=c1eb2d68-80e3-499c-9826-555c8a5797c5 HTTP 302
  • https://jelly.mdhv.io/v4/pixie HTTP 307
  • https://ads.stickyadstv.com/user-registering?dataProviderId=513&userId=6d87d065-a04b-4ee5-9e90-f21af17e933a HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1595%26userId%3D%24%7BUID%7D HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1595&userId=1f1976c2-7d12-05e5-2680-fc5663812d79
Request Chain 463
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Request Chain 467
  • https://ds.uncn.jp/pm/0/sync HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_4546b59f-30d5-4f39-ab8a-2e97f2c1778b
Request Chain 469
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2338458340105893363&gdpr=0&gdpr_consent=
Request Chain 471
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4211865590473351281
Request Chain 473
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3008DB03-8A32-4240-AC05-4F59925776EB&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-vz2eW1xE2uWRyrGO2nFQ6TBHSsS8Q9o-~A&gdpr=0
Request Chain 476
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7J2Xa7ycyz73kM1uucmDMLjLmTH3kZg6vJFymkZN
Request Chain 477
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 480
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=q3TkUSa7A3uAutpb6_ScZQ
Request Chain 481
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=a18b0d87151d498cb87203148ed25e13
Request Chain 484
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=myx19p-sU3h8tHODeScjhZJGydQ&gdpr=0&gdpr_consent=
Request Chain 485
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 486
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUcbf92ee49bb34665be9bcade7e2fbc4f
Request Chain 487
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:J6e8nzE01Rn6uk5&gdpr=0&gdpr_consent=
Request Chain 488
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c0ae659c-f4ec-4100-9fca-8c01a6a50409&gdpr=0&gdpr_consent=
Request Chain 489
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:708312F921DC425A8575B9AF760C19C9&gdpr=0&gdpr_consent=
Request Chain 490
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1921700051816047321
Request Chain 491
  • https://live.primis.tech/live/liveCS.php?source=external&advId=91&advUuid=3008DB03-8A32-4240-AC05-4F59925776EB HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=3008DB03-8A32-4240-AC05-4F59925776EB
Request Chain 492
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7001959693255496791&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 493
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=3008DB03-8A32-4240-AC05-4F59925776EB&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=7bc6ea148415218f&is_secure=true&networkId=17100&version=1&nuid=3008DB03-8A32-4240-AC05-4F59925776EB&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALAa732r1H1QNAqhX4AAAAAAA&expiration=1704871532&nuid=3008DB03-8A32-4240-AC05-4F59925776EB&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 513
  • https://live.primis.tech/live/liveCS.php?source=external&advId=91&advUuid=3008DB03-8A32-4240-AC05-4F59925776EB HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=3008DB03-8A32-4240-AC05-4F59925776EB
Request Chain 515
  • https://ap.lijit.com/beacon?us_privacy=1---&informer=11277942 HTTP 301
  • https://ce.lijit.com/beacon?us_privacy=1---&informer=11277942
Request Chain 517
  • https://sync.1rx.io/usersync/openx/b5f1e96f-bf38-0467-1de1-65ab4462a388 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-3c1002fe-bb9c-41c0-9f0b-68218e11bef1-004
Request Chain 518
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=2338458340105893363
Request Chain 520
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=XJHkrQyQuPhHnL6oCcXw9gjH6vdHnev8DJ2bobGd
Request Chain 523
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=openx&bsw_custom_parameter=4799ebae-c07a-47eb-9a10-229473514984&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=f62e7a40-53d5-4ab6-823f-6f90c02fe1d0&expires=1&user_group=2&ssp=openx&bsw_param=4799ebae-c07a-47eb-9a10-229473514984&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=4799ebae-c07a-47eb-9a10-229473514984&gdpr=&gdpr_consent=&us_privacy=
Request Chain 525
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID} HTTP 302
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=1fd58f56d262241&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAMGUgzgp9NqQMCKJYuAAAAAAA&expiration=1704871535&nuid={OX_USER_ID}&is_secure=true
Request Chain 527
  • https://x.bidswitch.net/sync?ssp=fmx&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_custom_parameter=4799ebae-c07a-47eb-9a10-229473514984 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_custom_parameter=4799ebae-c07a-47eb-9a10-229473514984 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=d0ed4363-df13-4f7a-8249-2029c42d9b27&user_group=1&ssp=fmx&bsw_param=4799ebae-c07a-47eb-9a10-229473514984 HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=4799ebae-c07a-47eb-9a10-229473514984&gdpr=&gdpr_consent=&us_privacy=
Request Chain 528
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=tPn2jnRyxI0t&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 529
  • https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent= HTTP 302
  • https://us.ck-ie.com/krshme82.gif?gdpr=0&gdpr_consent=[GDPR_CONSENT]&us_privacy=[CCPA]&coppa=[COPPA]&puid=8622de44-cb91-5797-bbc9-e0f20522a473
Request Chain 530
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=keoX7sHrS7uK503rxL4DtcW8GbSK5hi_weaGB45x
Request Chain 531
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=_wXDy6gr-NxQ8pAod8v40PAQL9C5r9aMWlwcEhkKN_o&pi=sovrn&gdpr=0&gdpr_consent=
Request Chain 532
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=2338458340105893363&gdpr=0&gdpr_consent=
Request Chain 534
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=SDloZEJMWkhZUzNoQVNmU1RYT25hX1df&gdpr=0 HTTP 302
  • https://s0.2mdn.net/dot.gif?gdpr=0
Request Chain 539
  • https://cm-exchange.toast.com/bi/pixel?cm_mid=1285568805&toast_push HTTP 302
  • https://u.openx.net/w/1.0/sd?id=557557631&val=RIKFCUMH4PTWAD3174TN3USKA
Request Chain 540
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fu.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537106470%26val%3D[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https://u.openx.net/w/1.0/sd?id=537106470&val=[sas_uid]&cklb=1
Request Chain 543
  • https://ds.uncn.jp/ox/0/sync HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=540741011&val=v_4546b59f-30d5-4f39-ab8a-2e97f2c1778b
Request Chain 544
  • https://dmp.brand-display.com/cm/api/openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=539237773&val=62124e3e-ce99-3472-bdff3a01

537 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.normantranscript.com/
Redirect Chain
  • http://normantranscript.com/
  • https://www.normantranscript.com/
531 KB
78 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
7ba90db21beaf1556a38de2c69747ecc8c7ef6397dbaaf316c5a73ea1e874ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
25389
cache-control
public, max-age=10
content-encoding
gzip
content-length
78231
content-type
text/html; charset=UTF-8
date
Tue, 09 Jan 2024 00:22:16 GMT
etag
W/55e6dd40013c8d67c1e502c5b86f8d4d
last-modified
Tue, 09 Jan 2024 00:22:15 GMT
link
<https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
referrer-policy
strict-origin-when-cross-origin
vary
X-IPCountry, Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-loop
1
x-robots-tag
noarchive
x-tncms
1.72.4; app15; 0.77s; 6.2M
x-ua-compatible
IE=edge
x-vcache
HIT
x-xrds-location
https://www.normantranscript.com/tncms/xrds/
x-xss-protection
1; mode=block

Redirect headers

age
241
cache-control
public, max-age=300
content-encoding
gzip
content-length
1468
content-type
text/html; charset=UTF-8
date
Tue, 09 Jan 2024 07:21:22 GMT
link
<https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin
location
https://www.normantranscript.com/
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-loop
1
x-robots-tag
noarchive
x-tncms
1.72.4; app11; 0.01s; 1M
x-vcache
HIT
x-xrds-location
https://www.normantranscript.com/tncms/xrds/
x-xss-protection
1; mode=block
jquery.min.d6d18fcf88750a16d256e72626e676a6.js
bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 		98 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:25 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
168916
cross-origin-resource-policy
cross-origin
last-modified
Wed, 07 Jul 2021 20:09:22 GMT
x-vcache
MISS
server
cloudflare
etag
W/"60e609f2-1882c"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
842af23aa87aafc7-NRT
expires
Fri, 29 Nov 2024 07:50:07 GMT
user.js
www.normantranscript.com/shared-content/art/tncms/user/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.normantranscript.com/shared-content/art/tncms/user/user.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
32209e964449881b7f2a21086506deccc49063673c2cfff6288598f843fc81c4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:22:30 GMT
content-encoding
gzip
last-modified
Thu, 04 Jan 2024 18:51:17 GMT
x-vcache
HIT
age
175
etag
W/"6596fe25-c46"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
accept-ranges
bytes
content-length
1437
service-worker-allowed
/
bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:25 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
168916
cross-origin-resource-policy
cross-origin
last-modified
Fri, 06 Sep 2019 14:16:03 GMT
x-vcache
MISS
server
cloudflare
etag
W/"5d726a23-9bd8"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
842af23aa87cafc7-NRT
expires
Wed, 01 Jan 2025 08:05:09 GMT
common.08a61544f369cc43bf02e71b2d10d49f.js
bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:25 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
221992
cross-origin-resource-policy
cross-origin
last-modified
Mon, 27 Nov 2023 14:35:14 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6564a922-841f"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
842af23aa86dafc7-NRT
expires
Thu, 28 Nov 2024 08:34:33 GMT
tnt.ee95c0b6f1daceb31bf5ef84353968c6.js
bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:25 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
168916
cross-origin-resource-policy
cross-origin
last-modified
Fri, 13 Oct 2023 13:11:31 GMT
x-vcache
MISS
server
cloudflare
etag
W/"65294203-2d77"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
842af23aa86fafc7-NRT
expires
Wed, 30 Oct 2024 06:39:09 GMT
application.3c64d611e594b45dd35b935162e79d85.js
bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92fe1cea3df8fc0e2a03f1c8d0099cb105c7d455ac8be20be165ce6bff558365
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:25 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
cross-origin-resource-policy
cross-origin
last-modified
Tue, 28 Nov 2023 17:50:05 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6566284d-1102"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
842af23aa877afc7-NRT
expires
Fri, 29 Nov 2024 09:24:13 GMT
tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js
bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		2 KB
928 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:25 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
221992
cross-origin-resource-policy
cross-origin
last-modified
Fri, 13 Oct 2023 13:11:31 GMT
x-vcache
MISS
server
cloudflare
etag
W/"65294203-9b8"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
842af23aa86eafc7-NRT
expires
Wed, 30 Oct 2024 06:54:38 GMT
bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 		107 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:25 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
221992
cross-origin-resource-policy
cross-origin
last-modified
Mon, 27 Nov 2023 14:35:12 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6564a920-1ac2e"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
842af23aa867afc7-NRT
expires
Thu, 28 Nov 2024 07:01:26 GMT
font-awesome.min.e5604f5bf47d3b8b5552d999180549d2.css
bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/ 		29 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/font-awesome.min.e5604f5bf47d3b8b5552d999180549d2.css
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da86bd7152e642596635cc8a1dff6472589807b284a613c544dfdf5f8eea0490
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:25 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
221992
cross-origin-resource-policy
cross-origin
last-modified
Thu, 09 Nov 2023 15:29:51 GMT
x-vcache
MISS
server
cloudflare
etag
W/"654cfaef-7257"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
842af23aa866afc7-NRT
expires
Wed, 27 Nov 2024 05:47:51 GMT
layout.9509b461cedc7767649ee83a5b35c177.css
bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 		154 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.9509b461cedc7767649ee83a5b35c177.css
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd2c680964b28dc283f3518e21720cd2f886e7bdb8d2f5b47809ef836c337d52
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:25 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
221992
cross-origin-resource-policy
cross-origin
last-modified
Mon, 27 Nov 2023 14:35:16 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6564a924-26683"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
842af23aa865afc7-NRT
expires
Wed, 27 Nov 2024 20:01:33 GMT
theme-basic.a7351649a9c39f0af7c6d288a87ef140.css
bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/ 		41 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/theme-basic.a7351649a9c39f0af7c6d288a87ef140.css
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20cb7e97cdd2bd5b3175038e3c8730a3d639c7b951f803d1cd215e662eea50f8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:25 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
221992
cross-origin-resource-policy
cross-origin
last-modified
Tue, 28 Nov 2023 17:50:09 GMT
x-vcache
MISS
server
cloudflare
etag
W/"65662851-a317"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
842af23aa863afc7-NRT
expires
Sat, 30 Nov 2024 09:28:24 GMT
site.css
bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/live/global/resources/styles/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/live/global/resources/styles/site.css?_dc=1503084731
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dfc1b003674e5e3f84da0d382d894decd8c16e77b3b0cee2ad7f8c94c2a51d0
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:25 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
221992
cross-origin-resource-policy
cross-origin
last-modified
Fri, 18 Aug 2017 19:32:11 GMT
x-vcache
MISS
server
cloudflare
etag
W/"599740bb-1728"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
842af23aa868afc7-NRT
expires
Thu, 28 Nov 2024 12:43:25 GMT
flex-card-promo-boxes.ed1a8e3c93ef8d80d23b903d016790fa.css
bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 		1 KB
604 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-card-promo-boxes.ed1a8e3c93ef8d80d23b903d016790fa.css
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b0256741fe94eceb488a73ce12f09f7e7ed179ecefbaeae216bf56e6a6511af
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:25 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
168916
cross-origin-resource-policy
cross-origin
last-modified
Tue, 28 Nov 2023 17:50:08 GMT
x-vcache
MISS
server
cloudflare
etag
W/"65662850-4a3"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
842af23aa86bafc7-NRT
expires
Sat, 30 Nov 2024 07:01:28 GMT
jquery-ui.css
bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/live/libraries/flex/components/site/resources/styles/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/live/libraries/flex/components/site/resources/styles/jquery-ui.css?_dc=1528903713
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d18e4c9257743b884550056599fd804fcfe96ea4b1267a5b58dfafee3ec1b50c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:25 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
cross-origin-resource-policy
cross-origin
last-modified
Wed, 13 Jun 2018 15:28:33 GMT
x-vcache
MISS
server
cloudflare
etag
W/"5b213821-3e62"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
842af23aa86cafc7-NRT
expires
Sat, 30 Nov 2024 07:02:29 GMT
tntslider.61e562ee97efb10698d15f5cee4962dc.css
bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/tntslider.61e562ee97efb10698d15f5cee4962dc.css
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3636b95d15f61f445c9454c7e75a8cd46c8d549a80d0595868280967bfc02d41
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:25 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
cross-origin-resource-policy
cross-origin
last-modified
Mon, 27 Nov 2023 14:35:16 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6564a924-1411"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
842af23aa86aafc7-NRT
expires
Wed, 27 Nov 2024 20:01:50 GMT
flex-utility-promo-designer.a27bf5e332f0dd667184ad38b7bf1638.css
bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-utility-promo-designer.a27bf5e332f0dd667184ad38b7bf1638.css
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1139a764a2eae949ca1358aa7a387a7d6812f277016c070e28279f2639da412
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:25 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
221992
cross-origin-resource-policy
cross-origin
last-modified
Tue, 28 Nov 2023 17:50:08 GMT
x-vcache
MISS
server
cloudflare
etag
W/"65662850-2021"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
842af23aa869afc7-NRT
expires
Sat, 30 Nov 2024 07:01:28 GMT
access.d7adebba498598b0ec2c.js
www.normantranscript.com/shared-content/art/tncms/api/ 		70 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.normantranscript.com/shared-content/art/tncms/api/access.d7adebba498598b0ec2c.js
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
8e683a0ae8fc37aeae8fd20643faef0341fe5cf01c30f25f41d6bad28b1a8365

Request headers

Referer
https://www.normantranscript.com/
Origin
https://www.normantranscript.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:22:06 GMT
content-encoding
gzip
last-modified
Wed, 06 Dec 2023 17:55:11 GMT
x-vcache
HIT
age
199
etag
W/"6570b57f-1164b"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
accept-ranges
bytes
content-length
29242
service-worker-allowed
/
tnt.ads.init.c2b9574823d0d16ffc6f20eef83f4232.js
bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/tnt.ads.init.c2b9574823d0d16ffc6f20eef83f4232.js
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e39d321532d4472593ff6110e51c09e688078726758971662ce3b1d26c78067
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:25 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
221992
cross-origin-resource-policy
cross-origin
last-modified
Thu, 09 Nov 2023 15:29:53 GMT
x-vcache
MISS
server
cloudflare
etag
W/"654cfaf1-2503"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
842af23aa872afc7-NRT
expires
Wed, 27 Nov 2024 05:55:38 GMT
tnt.ads.load.00f4c685fd5644c4d74a74b62e77e36b.js
bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/ 		893 B
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/tnt.ads.load.00f4c685fd5644c4d74a74b62e77e36b.js
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a4526cb39025408f18863bb357ed08947e1f952c5e5c17506d25cb1435f3e10
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:25 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
221991
cross-origin-resource-policy
cross-origin
last-modified
Tue, 28 Nov 2023 17:50:06 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6566284e-37d"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
842af23c7a22afc7-NRT
expires
Sat, 30 Nov 2024 07:21:17 GMT
tracking.js
www.normantranscript.com/shared-content/art/tncms/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.normantranscript.com/shared-content/art/tncms/tracking.js
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:23:18 GMT
content-encoding
gzip
last-modified
Thu, 04 Jan 2024 18:51:17 GMT
x-vcache
HIT
age
127
etag
W/"6596fe25-a3a"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
accept-ranges
bytes
content-length
1157
service-worker-allowed
/
admanager.js
www.normantranscript.com/shared-content/art/tncms-ad-manager/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.normantranscript.com/shared-content/art/tncms-ad-manager/admanager.js
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
52db5b2414b37d257bb787cbefab7cadfbc282169e377e94bf256cee3f0479e3

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:20:25 GMT
content-encoding
gzip
last-modified
Tue, 14 Nov 2023 14:16:03 GMT
x-vcache
HIT
age
299
etag
W/"65538123-9d42"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
accept-ranges
bytes
content-length
12840
service-worker-allowed
/
impressions.js
bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/ads/ 		84 B
208 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/ads/impressions.js?_dc=1704758723
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ebb5b743eb849a3347f8ef951f4ab7b5e9ff1c756a10040c6044fe3f1277303
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:25 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
cross-origin-resource-policy
cross-origin
last-modified
Tue, 09 Jan 2024 00:05:23 GMT
x-vcache
MISS
server
cloudflare
etag
W/"659c8dc3-54"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
842af23aa875afc7-NRT
expires
Wed, 08 Jan 2025 00:11:31 GMT
traffic.js
bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/ads/ 		1 KB
891 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/ads/traffic.js?_dc=1704695715
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df1fdbfee8b0f64b3a55b5542a7e2135ab0554ac00997dbd0b5009450ad3ea70
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:25 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
66260
cross-origin-resource-policy
cross-origin
last-modified
Mon, 08 Jan 2024 06:35:15 GMT
x-vcache
MISS
server
cloudflare
etag
W/"659b97a3-5eb"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
842af23aa879afc7-NRT
expires
Tue, 07 Jan 2025 06:40:30 GMT
settings.js
bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/ads/ 		3 KB
636 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/ads/settings.js?_dc=1519930195
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e99c298aed2e391077ca708a77eb5369cf9758ea39a80468c1d0e21f6b564bde
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:25 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
221992
cross-origin-resource-policy
cross-origin
last-modified
Thu, 01 Mar 2018 18:49:55 GMT
x-vcache
MISS
server
cloudflare
etag
W/"5a984b53-d15"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
842af23aa873afc7-NRT
expires
Thu, 28 Nov 2024 08:42:49 GMT
tnt.dynamic.navigation.2c31f97f685c80e6b8dde49bcd628fd6.js
bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		2 KB
836 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.dynamic.navigation.2c31f97f685c80e6b8dde49bcd628fd6.js
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7136c66ee0037c19d886ae33c804a00e61ea5f4a8850cff98c88c54e4263fa51
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:25 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
221991
cross-origin-resource-policy
cross-origin
last-modified
Thu, 09 Nov 2023 15:29:52 GMT
x-vcache
MISS
server
cloudflare
etag
W/"654cfaf0-6d1"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
842af23c7a23afc7-NRT
expires
Wed, 27 Nov 2024 11:47:21 GMT
jquery-ui.js
bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/live/libraries/flex/components/site/resources/scripts/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/live/libraries/flex/components/site/resources/scripts/jquery-ui.js?_dc=1469051915
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d7b78fae919a5cd81a06686f0af5a6ee02fdf1ca77e1345465b40bc4c3f01fe
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:25 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
cross-origin-resource-policy
cross-origin
last-modified
Wed, 20 Jul 2016 21:58:35 GMT
x-vcache
MISS
server
cloudflare
etag
W/"578ff40b-aad1"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
842af23aa870afc7-NRT
expires
Thu, 31 Oct 2024 08:37:34 GMT
tntslider.963435075b4f73d8d6f71cfdc577ff04.js
bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/tntslider.963435075b4f73d8d6f71cfdc577ff04.js
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0223bcc696052dd207c54b33d2f057ecbd158ff5c48e7471bd34ec3aef2fde0
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:26 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
cross-origin-resource-policy
cross-origin
last-modified
Fri, 08 Dec 2023 14:49:03 GMT
x-vcache
MISS
server
cloudflare
etag
W/"65732cdf-5834"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
842af23c7a24afc7-NRT
expires
Tue, 10 Dec 2024 16:01:51 GMT
tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 		207 B
294 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:25 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
221992
cross-origin-resource-policy
cross-origin
last-modified
Fri, 27 Oct 2023 21:37:40 GMT
x-vcache
MISS
server
cloudflare
etag
W/"653c2da4-cf"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
842af23aa874afc7-NRT
expires
Thu, 31 Oct 2024 09:29:34 GMT
css
fonts.googleapis.com/ 		13 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400|PT+Serif&display=swap
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
13a3d63f766a04d1b7bc24c1a3a3696225912b028db642a4473da2537c8c1fe9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 09 Jan 2024 07:25:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 09 Jan 2024 07:25:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 Jan 2024 07:25:25 GMT
fontawesome.568f3d1ab17b33ce05854081baadadac.js
bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		268 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.568f3d1ab17b33ce05854081baadadac.js
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7976a9dfe57f9ba6972420500782258da674fcc523c2def08bb6a84ce275c4b5
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:25 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
221990
cross-origin-resource-policy
cross-origin
last-modified
Mon, 27 Nov 2023 14:35:14 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6564a922-43130"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
842af23c7a25afc7-NRT
expires
Thu, 28 Nov 2024 12:43:27 GMT
flipptag.js
cdn-gateflipp.flippback.com/tag/js/ 		92 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1181297
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.163.24.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-163-24-100.hio52.r.cloudfront.net
Software
envoy /
Resource Hash
23e146c55ea04931177672b48bfb5ec0af5c26bfd51f6b7d536e8ef748d4431e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:26 GMT
content-encoding
gzip
via
1.1 4e7012bff211fc1604763d0935533d32.cloudfront.net (CloudFront)
server
envoy
x-amz-cf-pop
HIO52-P2
vary
Origin,Origin, Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
no-store
x-envoy-upstream-service-time
4
x-amz-cf-id
SWg1hGb8oriIKq7RXTZyrZFu2JWOrLEy2RYR6naDRxRJH0M_A7oJrw==
d4955710-4d88-0136-d0af-06a9ed4ca31b
tag.simpli.fi/sifitag/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.simpli.fi/sifitag/d4955710-4d88-0136-d0af-06a9ed4ca31b
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.87.122.136 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
136.122.87.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
d4cb91a1d316420d6c3e88ee1522801e1c73d1e2c5db2b3d6e423650a62e2deb

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:26 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
x-request-id
F6idCjIrlwjt2UZBbJNB
expires
Thu, 01 Jan 1970 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0ad03998f309afd3c3708f074cd29053f1e25d71bcf594af9930e33d02035a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29360
x-xss-protection
0
server
cafe
etag
776 / 19731 / m202401020101 / config-hash: 6914489111508300537
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 09 Jan 2024 07:25:26 GMT
adb.1710310.min.js
prod.adspsp.com/ 		275 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.adspsp.com/adb.1710310.min.js
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.65.168.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-168-38.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0e0f3dfb7e41d5c5f8344b98d5278bfe1d083527c978230838a5530c252cbd4a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Mon, 08 Jan 2024 11:59:25 GMT
Content-Encoding
gzip
Via
1.1 09dbc1e23064a5307832656121fb572a.cloudfront.net (CloudFront)
Last-Modified
Wed, 07 Jun 2023 18:25:14 GMT
Server
AmazonS3
X-Amz-Cf-Pop
NRT57-P1
Age
69961
x-amz-server-side-encryption
AES256
ETag
W/"cf47b7b0a20824d432d7fc3e9305e31b"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
bOqhvS7wulh_srz-6qQOUCqUjp252BjrU6N3k-_kndnC88BuJSA40Q==
/
normantranscript-cnhi-pw.newsmemory.com/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://normantranscript-cnhi-pw.newsmemory.com/?meter&v=4&service=onstop
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.17.34.107 , United States, ASN10242 (USINTERNET, US),
Reverse DNS
Software
Apache /
Resource Hash
655989fe94ca275e0f40078619422fceb20039b9ebe0c68751beaa67e577c608

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 07:25:27 GMT
Server
Apache
Access-Control-Allow-Methods
GET, POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Keep-Alive
timeout=2, max=300
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Expires
Content-Length
6192
Expires
Tue, 9 Jan 2024 09:25:27 UTC
tracker.js
www.normantranscript.com/shared-content/art/stats/common/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.normantranscript.com/shared-content/art/stats/common/tracker.js
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:22:06 GMT
content-encoding
gzip
last-modified
Thu, 20 Jul 2023 14:44:35 GMT
x-vcache
HIT
age
199
etag
W/"64b94853-2200"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
accept-ranges
bytes
content-length
3224
service-worker-allowed
/
6279625be2e73.image.png
bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/assets/v3/media/d/66/d66982ca-cfc8-11ec-b0b8-bb64a51b5019/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/assets/v3/media/d/66/d66982ca-cfc8-11ec-b0b8-bb64a51b5019/6279625be2e73.image.png
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab7bae085144691daa9987b901107ff2b5fe2cdb738bb2d1f90ca643e870b12b
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:25 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
168915
cf-polished
origFmt=png, origSize=12843
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="6279625be2e73.webp"
content-length
7124
cf-bgj
imgq:85,h2pri
last-modified
Mon, 09 May 2022 18:50:03 GMT
server
cloudflare
x-vcache
MISS
etag
"6279625b-322b"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
842af23ab888afc7-NRT
expires
Thu, 19 Dec 2024 22:17:33 GMT
/
normantranscript-cnhi-pw.newsmemory.com/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://normantranscript-cnhi-pw.newsmemory.com/?meter&v=4
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.17.34.107 , United States, ASN10242 (USINTERNET, US),
Reverse DNS
Software
Apache /
Resource Hash
0a6369a1032f82fc4d7ba3fdfeecde2612012a931dd56cf5abc9f6656c33e99d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 07:25:27 GMT
Last-Modified
Thu, 17 Aug 2023 14:18:11 UTC
Server
Apache
ETag
892e4503ad86f0faf840aba78be98641
Access-Control-Allow-Methods
GET, POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Expires
Content-Length
4417
Keep-Alive
timeout=2, max=300
Expires
Tue, 9 Jan 2024 09:25:27 UTC
widgey-dug.php
japfg-trending-content.appspot.com/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://japfg-trending-content.appspot.com/widgey-dug.php?s=10223&v=1&q=3&i=1
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:818::2014 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
b2f142d0b789ec668d7c9277e3999831bd8a46e777bb327204cbf9febaf7716e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:26 GMT
content-encoding
gzip
via
1.1 google
server
nginx
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
get.js
cdn.cityspark.com/wid/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cityspark.com/wid/get.js
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:247:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (tka/8993) /
Resource Hash
2e4346aa7f0340066dfb5aa361ff449a438a172d5432719cd405e876a0d7b439

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 09 Jan 2024 07:25:26 GMT
content-encoding
gzip
content-md5
8ouzdXeMpGxUBMAUF/mhkg==
age
21259
x-cache
HIT
content-length
1002
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 10 Mar 2023 18:25:29 GMT
server
ECAcc (tka/8993)
etag
"0x8DB2194D3ACD75C+gzip"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
b270f653-f01e-004f-629b-428959000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2014-02-14
thenormantranscript.js
static.cnhionline.com/cnhi/data/premiumads/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cnhionline.com/cnhi/data/premiumads/thenormantranscript.js
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.174.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-174-208.compute-1.amazonaws.com
Software
Apache/2.2.34 (Amazon) /
Resource Hash
4b45f85715e89b0a95850020a18d42b06b2ebaadc6af1db18fc42a8f1677b679

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 07:25:26 GMT
Last-Modified
Mon, 08 Jan 2024 14:15:00 GMT
Server
Apache/2.2.34 (Amazon)
ETag
"e80b2db5-d02-60e6fd2bca100"
Content-Type
text/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
3330
5879-RTJ-Summer-Packages-300x250.gif
static.cnhionline.com/ksherman/images/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.cnhionline.com/ksherman/images/5879-RTJ-Summer-Packages-300x250.gif
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.174.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-174-208.compute-1.amazonaws.com
Software
Apache/2.2.34 (Amazon) /
Resource Hash
53812a70761bb5417aaff5e06ab44c32dde8504c6aa903d4a85c2620b850b879

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 07:25:26 GMT
Last-Modified
Tue, 06 Jun 2023 16:18:39 GMT
Server
Apache/2.2.34 (Amazon)
ETag
"805b540-edcd-5fd785f418f52"
Content-Type
image/gif
Access-Control-Allow-Origin
http://template1.cnhionline.com
Connection
close
Accept-Ranges
bytes
Content-Length
60877
index.js
cdn.viafoura.net/entry/ 		46 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/entry/index.js
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c4:1400:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06dab1aec38a24a4278e4107e18b2500f118e6a7897d41135c111aa9e6680ab4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
aG3seF3kXMLh6jy6qFgZJudJrKm5RwC.
content-encoding
br
via
1.1 824e6beeecb84e4058f4ad4873041b2c.cloudfront.net (CloudFront)
date
Tue, 09 Jan 2024 07:17:08 GMT
x-amz-cf-pop
NRT57-C2
age
499
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 11 Dec 2023 20:16:34 GMT
server
AmazonS3
etag
W/"45e0fb924328dd1beea8be74d8c7d376"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public,max-age=600,s-max-age=60
x-amz-cf-id
6ruf7JJUKFVzMlNHl3O9V-xgPZqYlF3MkXOkzXKermVFmRaHIkwMrg==
tnt.ads.core.70d412172f30735865838caa3d6f42a0.js
bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.core.70d412172f30735865838caa3d6f42a0.js
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a23c44de48fb21cbcd562cdf009d5d3049c6e064dea597c2e00f4539487909d
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:25 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
221991
cross-origin-resource-policy
cross-origin
last-modified
Thu, 09 Nov 2023 15:29:55 GMT
x-vcache
MISS
server
cloudflare
etag
W/"654cfaf3-35a7"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
842af23c7a1bafc7-NRT
expires
Wed, 27 Nov 2024 07:07:53 GMT
sticky-kit.cd42d35abf643b0a78798fe03bf6bc83.js
bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/sticky-kit.cd42d35abf643b0a78798fe03bf6bc83.js
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47220c4c850d2a71293522af7071da5706951e1cecc6dddce7bc78343f48de1e
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:25 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
221991
cross-origin-resource-policy
cross-origin
last-modified
Thu, 09 Nov 2023 15:29:53 GMT
x-vcache
MISS
server
cloudflare
etag
W/"654cfaf1-1010"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
842af23c7a1dafc7-NRT
expires
Sat, 09 Nov 2024 06:03:49 GMT
tnt.regions.b44801b45845a81b995eeaad12f4f276.js
bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.regions.b44801b45845a81b995eeaad12f4f276.js
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c4711683ed6f2d79b7aebeb5f9d00be743a943159bdb57faf129412ed1de94c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:25 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
221991
cross-origin-resource-policy
cross-origin
last-modified
Mon, 27 Nov 2023 14:35:13 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6564a921-1021"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
842af23c7a1fafc7-NRT
expires
Thu, 28 Nov 2024 06:36:48 GMT
dmp.reactive.f21a39a840fa65b4d17399310c9dbb30.js
bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ 		1 KB
748 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/dmp.reactive.f21a39a840fa65b4d17399310c9dbb30.js
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12ad3b3f691f918a13388d3af7b87e4986459f032632c91df7884f19fd43fa46
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:25 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
168916
cross-origin-resource-policy
cross-origin
last-modified
Tue, 28 Nov 2023 17:50:05 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6566284d-5a6"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
842af23c7a20afc7-NRT
expires
Sat, 30 Nov 2024 07:08:16 GMT
promo_popup.251d9baed77bb7d7e50212b336162059.js
bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ 		1 KB
734 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/promo_popup.251d9baed77bb7d7e50212b336162059.js
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abca570d68e4d643d2db448f8c1ea05d3f52494fe08453657316a5a1054a556d
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:25 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
221991
cross-origin-resource-policy
cross-origin
last-modified
Fri, 27 Oct 2023 21:37:38 GMT
x-vcache
MISS
server
cloudflare
etag
W/"653c2da2-5e8"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
842af23c7a21afc7-NRT
expires
Fri, 01 Nov 2024 06:20:20 GMT
gtm.js
www.googletagmanager.com/ 		234 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
07dd999818dc382e4091fdaca3a7257f181e6b3ba4bef8d68ee480699d709bef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80387
x-xss-protection
0
last-modified
Tue, 09 Jan 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 09 Jan 2024 07:25:25 GMT
/
www.normantranscript.com/_services/v1/client_ip_info/ 		81 B
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.normantranscript.com/_services/v1/client_ip_info/
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/shared-content/art/tncms-ad-manager/admanager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
59f7cb4d5bb7dc9e4f67d4ffcf0effeedca278c2a8633757e33cade6956b4865

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:25 GMT
cache-control
private, max-age=3600
content-length
81
content-type
application/json
hucWYtYmXNDY8Xvn6T1ArabvKrJjfzlY-MI07JbSCPWxMglTzVaXTxl
bandborder.com/v2/0/ 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bandborder.com/v2/0/hucWYtYmXNDY8Xvn6T1ArabvKrJjfzlY-MI07JbSCPWxMglTzVaXTxl
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:636d::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ee1df9f8edf3cb7748bbd64e0212284add875f40398a4d93e854ca5a6a83f4df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Tue, 09 Jan 2024 07:25:26 GMT
x-datacenter
gce-asia-east1
etag
"b0a28babcfaa19845d228a691c57750656d5764e20f6a7e10ae4b0f8305c5faf"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-asia-east1-spot-bvvt
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
1072352451
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
kdyIMpHoBepDvLJ-zKjlT8qnnsq2Q5hf7SqEsXmmobXwjE0D42NAaaGgoWjBpqiXbjy6Wlm3g
bandborder.com/v2/0/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bandborder.com/v2/0/kdyIMpHoBepDvLJ-zKjlT8qnnsq2Q5hf7SqEsXmmobXwjE0D42NAaaGgoWjBpqiXbjy6Wlm3g
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:636d::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
b0b34e19a5874e87ba4e68b3b13dd8876ea1c67179cb8be6ee371f98e4e544ff
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
gzip
via
1.1 google
date
Tue, 09 Jan 2024 07:25:26 GMT
x-datacenter
gce-asia-east1
etag
"1280f562b1c41f286b0bb98e00e1f2631ab55b1b7962073cde79c24a2c5f75c7"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-asia-east1-spot-bvvt
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
1072352451
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
tracker.gif
www.normantranscript.com/shared-content/art/stats/common/ 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.normantranscript.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=1704785125836160012001177672364045&tnms_dt=normantranscript.com%20%7C%20my%20paper%2C%20my%20town&tnms_upage=1&tnms_do=www.normantranscript.com&tnms_uri=/&tnms_ref=&rt=1704785125840
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:25 GMT
last-modified
Thu, 16 Oct 2008 20:11:25 GMT
x-vcache
MISS
age
0
etag
"48f79fed-0"
content-type
image/gif
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
0
gtm.js
www.googletagmanager.com/ 		201 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K8STNV
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
74e577137c6ee8977bbbb628d420191b260e0a911928afff54c929fb68371171
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73263
x-xss-protection
0
last-modified
Tue, 09 Jan 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 09 Jan 2024 07:25:26 GMT
truncated
/ 		73 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
sdk.js
connect.facebook.net/en_US/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
80ae87b5cb04548db680c3732340f44298d0855bcf61965c5904c0a528f0a5a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 09 Jan 2024 07:25:26 GMT
content-md5
zg4MSxoxvBnYaYlrg1AxSw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1692
reporting-endpoints
x-fb-debug
e1U9eiqj1HVcf/OiJdQb8g3BCXz9WebeRfV4SnyPcDoLorrB5jJF3NWsf5386flLSosQr1PclVt72RhChFd1cg==
x-fb-content-md5
faa6d187dccabd13e09c14f5ec402d89
cross-origin-opener-policy
same-origin-allow-popups
etag
"aa74229b0a24469781f23295dca0fcf2"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Tue, 09 Jan 2024 07:35:40 GMT
truncated
/ 		75 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400|PT+Serif&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.normantranscript.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 00:33:38 GMT
x-content-type-options
nosniff
age
543107
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Jan 2025 00:33:38 GMT
EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v18/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400|PT+Serif&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.normantranscript.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 22:07:45 GMT
x-content-type-options
nosniff
age
206260
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33116
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:52:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 Jan 2025 22:07:45 GMT
65280135c10c7.preview.jpg
bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/assets/v3/editorial/4/8a/48aaf359-7f3c-5390-9e9f-4c3854f72be0/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/assets/v3/editorial/4/8a/48aaf359-7f3c-5390-9e9f-4c3854f72be0/65280135c10c7.preview.jpg?crop=840%2C473%2C0%2C13&resize=150%2C84&order=crop%2Cresize
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95cd4ef53ea8e9098b48e232e83a491ad8b7bb31eeb8977d027c843f038a724c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:26 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=3059
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="65280135c10c7.webp"
content-length
2068
cf-bgj
imgq:85,h2pri
last-modified
Thu, 12 Oct 2023 14:22:45 GMT
server
cloudflare
x-vcache
MISS
etag
"318c1962912a41d2ed8bd60e6d986cbb"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
842af23ceabdafc7-NRT
expires
Sat, 30 Nov 2024 11:54:20 GMT
632f8165ab876.image.jpg
bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/assets/v3/editorial/5/57/5574d87c-3c56-11ed-a33c-e79e6067005e/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/assets/v3/editorial/5/57/5574d87c-3c56-11ed-a33c-e79e6067005e/632f8165ab876.image.jpg?crop=1765%2C993%2C0%2C90&resize=150%2C84&order=crop%2Cresize
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17f3f1e442916f4ee773faee97bb40da28819a488a2873de13a398d7e39f9873
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:26 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
degrade=85, origSize=8247, status=webp_bigger
cross-origin-resource-policy
cross-origin
cf-bgj
imgq:85,h2pri
last-modified
Sat, 24 Sep 2022 22:15:04 GMT
server
cloudflare
x-vcache
MISS
etag
"2a94b759a7d0f2532f93b7797c4ddc4d"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
842af23ceabeafc7-NRT
expires
Wed, 08 Jan 2025 00:23:15 GMT
659c5653f0483.image.jpg
bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/assets/v3/editorial/a/d5/ad55b0ac-5a4e-526c-8a95-438fb3582204/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/assets/v3/editorial/a/d5/ad55b0ac-5a4e-526c-8a95-438fb3582204/659c5653f0483.image.jpg?crop=1637%2C921%2C0%2C172&resize=150%2C84&order=crop%2Cresize
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c85ba5f8f07fe3f4b4f23b47d9dd7a8e01a583ca7cc1e3b78ba460eea75dff55
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:26 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=3390
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="659c5653f0483.webp"
cf-bgj
imgq:85,h2pri
last-modified
Mon, 08 Jan 2024 20:08:52 GMT
server
cloudflare
x-vcache
MISS
etag
"8774bf9bd15d5b42a0defb553f160d1f"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
842af23ceabfafc7-NRT
expires
Tue, 07 Jan 2025 20:50:01 GMT
6598f64a77a1d.image.jpg
bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/assets/v3/editorial/1/31/131eea84-ac5e-11ee-b4c3-6f031b53abac/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/assets/v3/editorial/1/31/131eea84-ac5e-11ee-b4c3-6f031b53abac/6598f64a77a1d.image.jpg?crop=960%2C540%2C0%2C370&resize=200%2C113&order=crop%2Cresize
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e01093f59fe5203f1089da90e7d711f974e37120201157ee9c4e5fde99957787
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:26 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
origSize=7036, status=webp_bigger
cross-origin-resource-policy
cross-origin
content-length
6889
cf-bgj
imgq:85,h2pri
last-modified
Sat, 06 Jan 2024 06:42:18 GMT
server
cloudflare
x-vcache
MISS
etag
"a119a43052cc5766a16b85f74a524079"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
842af23ceac1afc7-NRT
expires
Tue, 07 Jan 2025 15:02:30 GMT
632f8165ab876.image.jpg
bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/assets/v3/editorial/5/57/5574d87c-3c56-11ed-a33c-e79e6067005e/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/assets/v3/editorial/5/57/5574d87c-3c56-11ed-a33c-e79e6067005e/632f8165ab876.image.jpg?crop=1765%2C993%2C0%2C90&resize=750%2C422&order=crop%2Cresize
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a86ef6cc7845f5cf0225b375fb73818b60d423b0f2d55bbba1cc5f209bf2aa6
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:26 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
origSize=69325, status=webp_bigger
cross-origin-resource-policy
cross-origin
cf-bgj
imgq:85,h2pri
last-modified
Sat, 24 Sep 2022 22:15:04 GMT
server
cloudflare
x-vcache
MISS
etag
"dc8cfb00cc8f6bbd0eb245dc4d95668b"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
842af23ceac2afc7-NRT
expires
Wed, 08 Jan 2025 00:23:22 GMT
659c5653f0483.image.jpg
bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/assets/v3/editorial/a/d5/ad55b0ac-5a4e-526c-8a95-438fb3582204/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/assets/v3/editorial/a/d5/ad55b0ac-5a4e-526c-8a95-438fb3582204/659c5653f0483.image.jpg?resize=300%2C232
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
246604eb76a4cadd037f9058d8c320c0d9035bde0fc86be2714569b67f98a70d
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:26 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
origSize=14245, status=webp_bigger
cross-origin-resource-policy
cross-origin
cf-bgj
imgq:85,h2pri
last-modified
Mon, 08 Jan 2024 20:08:52 GMT
server
cloudflare
x-vcache
MISS
etag
"27778a572927736e66c73996e1046c4f"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
842af23ceac4afc7-NRT
expires
Tue, 07 Jan 2025 20:50:01 GMT
65984507d5eed.image.jpg
bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/assets/v3/editorial/d/fd/dfdafa14-abf4-11ee-96ef-9f17d287a605/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/assets/v3/editorial/d/fd/dfdafa14-abf4-11ee-96ef-9f17d287a605/65984507d5eed.image.jpg?resize=150%2C100
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47a46e39967c6be675a05764b6451ebda57b54a489c26ea67545b3343a218af8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:26 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
origSize=4014, status=webp_bigger
cross-origin-resource-policy
cross-origin
content-length
3844
cf-bgj
imgq:85,h2pri
last-modified
Fri, 05 Jan 2024 18:05:59 GMT
server
cloudflare
x-vcache
MISS
etag
"2b74103f946b02dbe0cc6fa131e1ee87"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
842af23ceac5afc7-NRT
expires
Tue, 07 Jan 2025 22:53:31 GMT
65983085e30e9.image.jpg
bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/assets/v3/editorial/a/a6/aa6bb9ba-abe8-11ee-a184-ef68359b4b81/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/assets/v3/editorial/a/a6/aa6bb9ba-abe8-11ee-a184-ef68359b4b81/65983085e30e9.image.jpg?resize=150%2C119
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eb242462bb529ec1328dea9169bb812b1c87f5b98188dd9b9e857d9666864d1
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:26 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=34423
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="65983085e30e9.webp"
cf-bgj
imgq:85,h2pri
last-modified
Fri, 05 Jan 2024 16:38:30 GMT
server
cloudflare
x-vcache
MISS
etag
"b3c0f41afbf13a9297936449d129639d"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
842af23ceac6afc7-NRT
expires
Sat, 04 Jan 2025 16:46:34 GMT
6596dbecbf8d7.image.jpg
bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/assets/v3/editorial/b/eb/beb6b788-ab1d-11ee-8cf6-8b6c8d601a1e/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/assets/v3/editorial/b/eb/beb6b788-ab1d-11ee-8cf6-8b6c8d601a1e/6596dbecbf8d7.image.jpg?resize=150%2C110
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13600829c9b194d07d3d3a311185c1c7df33d30f5f66541bf1ccf5d256cff799
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:26 GMT
strict-transport-security
max-age=604800
cf-cache-status
MISS
last-modified
Thu, 04 Jan 2024 16:25:16 GMT
x-vcache
MISS
server
cloudflare
etag
"bd5be6957517ff78693d7d66b3f655e0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
x-robots-tag
noarchive
cf-ray
842af23ceac7afc7-NRT
expires
Wed, 08 Jan 2025 07:25:26 GMT
6598f64a77a1d.image.jpg
bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/assets/v3/editorial/1/31/131eea84-ac5e-11ee-b4c3-6f031b53abac/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/assets/v3/editorial/1/31/131eea84-ac5e-11ee-b4c3-6f031b53abac/6598f64a77a1d.image.jpg?resize=150%2C200
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c0977a72f5e6e5b6c02b9e9d51245d3b1f524322c937de89b9d6f4f6bea0e3f
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:26 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
origSize=8637, status=webp_bigger
cross-origin-resource-policy
cross-origin
content-length
8487
cf-bgj
imgq:85,h2pri
last-modified
Sat, 06 Jan 2024 06:42:18 GMT
server
cloudflare
x-vcache
MISS
etag
"768d4c90e695d06ce9a9b1e0e461fd0c"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
842af23cfacdafc7-NRT
expires
Wed, 08 Jan 2025 05:52:38 GMT
6597424bd2220.image.jpg
bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/assets/v3/editorial/d/d0/dd056ae4-ab5a-11ee-b6e8-87761d9ad71f/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/assets/v3/editorial/d/d0/dd056ae4-ab5a-11ee-b6e8-87761d9ad71f/6597424bd2220.image.jpg?resize=150%2C200
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
484a2c231ca4227f88d0be909fbe709df8b8a731862773340680addc199643be
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:26 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
origSize=9418, status=webp_bigger
cross-origin-resource-policy
cross-origin
cf-bgj
imgq:85,h2pri
last-modified
Thu, 04 Jan 2024 23:42:04 GMT
server
cloudflare
x-vcache
MISS
etag
"efee36eff9e618d99877b18a0d39cc92"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
842af23cfaceafc7-NRT
expires
Sat, 04 Jan 2025 01:33:28 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.170.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-170-54.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 06:52:38 GMT
content-encoding
gzip
via
1.1 49b964f897a5e1c9f9d0e182630ef7ca.cloudfront.net (CloudFront), 1.1 5937fca00485f2f0f4c9df4dd6632614.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:11 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2, NRT12-C3
age
1969
x-amz-server-side-encryption
AES256
etag
W/"bab82e5d8801f394c1ef53a45dc29542"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
TXO4lhurGngNNo2f_0oaKEWEPhdIRijDigJvfEQ4FY52DGOUHVQm6Q==
/
geo.adspsp.com/ 		4 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geo.adspsp.com/
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24db:1a00:1e:7118:9c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0d4bb6b61deb52bb379f579fc94a35e91bd1f6e85db6b5bba4962f5600b73c86

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 09 Jan 2024 07:25:26 GMT
via
1.1 37d6a7866914f4479b2ebf8191aa9a4c.cloudfront.net (CloudFront)
x-amz-cf-pop
LAX50-P3
content-length
4
x-amz-cf-id
am1-5ajH9omJvuEGXN4eeju_osmwTeWfhmxjiqiAVOItyTF8oJ29Qw==
x-cache
Miss from cloudfront
/
adspsp.com/pt/1710310/19/1/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/1710310/19/1/?a=2,aX0,7S9I3Z5wjH&aa=&b=&e=&c=https%3A%2F%2Fwww.normantranscript.com%2F&d=&f=1.lr611o05.1T1vg&g=1T1yk&u=f0278789:lim1hwav:3i2&v=18g.xc.0.1ts.1.0&m=z&rnd=1704785126066
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.196.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-196-6.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 09 Jan 2024 06:42:49 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2557
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 09 Jan 2024 08:42:49 GMT
gtm.js
www.googletagmanager.com/ 		182 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6aab36c8b292d9d6f5c7ad710dce0f570f081ba35b3c157abda994e3b66bda47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65899
x-xss-protection
0
last-modified
Tue, 09 Jan 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 09 Jan 2024 07:25:26 GMT
gtm.js
www.googletagmanager.com/ 		226 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d442ab76d2dd07e68e77023c140f40de20506c59184bd0fdc97a390223ef70f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71809
x-xss-protection
0
last-modified
Tue, 09 Jan 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 09 Jan 2024 07:25:26 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/ 		436 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 13:14:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
65432
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140253
x-xss-protection
0
server
cafe
etag
11435206252018266965
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 07 Jan 2025 13:14:54 GMT
sdk.js
connect.facebook.net/en_US/ 		297 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=25157842d2f119531dd827367445980e
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d746157f0657127a29352a836700fab4a5fb5ea3b2196161dcee931fae9cde2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.normantranscript.com/
Origin
https://www.normantranscript.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 09 Jan 2024 07:25:26 GMT
content-md5
j4T+typv3vkd83E7CAg09g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86868
reporting-endpoints
x-fb-debug
KJjn5ODC6wNaHZqlpW/cpWMx5sGIXkgDJx+Vc68NOESGfjom4Nm2WGNXgylDcnstHQk1/iy9qlqFsFyDtXWYgg==
x-fb-content-md5
19931324b27e5060ee3e144d49757ba9
cross-origin-opener-policy
same-origin-allow-popups
etag
"d08701220554537a4cc83932adbf0f78"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Wed, 08 Jan 2025 07:02:02 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.170.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-170-54.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 03:36:52 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 792d1dfcd0e864258cddb08b00eca5d8.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT12-C3
age
13714
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
xY5Q7AvLhkfVSrtGwxGT0wFenjU_iAfkdgPS37AoaXJ81fBrfyKfUQ==
js
www.googletagmanager.com/gtag/ 		271 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7YYJFLQXWS&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8STNV
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
54889344c7b8ae13314e43536fc7f0ac512090cc273fb50f25f3a1fe1619056e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92420
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 09 Jan 2024 07:25:26 GMT
js
www.googletagmanager.com/gtag/ 		271 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0KMP6SXSW1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8STNV
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c160919e1dbaeddc953c2cc9012d7d8b1f56a94904276b0b96e5c42804478819
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92420
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 09 Jan 2024 07:25:26 GMT
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800e:21:46d:7e81:55ff:4c12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:26 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 16 Jan 2024 07:25:26 GMT
chartbeat.js
static.chartbeat.com/js/ 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2142:c00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 21:17:25 GMT
content-encoding
gzip
via
1.1 5fd303e4294789c9f7d3efeddb26eaf4.cloudfront.net (CloudFront)
last-modified
Thu, 21 Dec 2023 01:03:21 GMT
server
nginx
x-amz-cf-pop
NRT57-C3
age
36481
etag
W/"65838ed9-9630"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
jO5MPaVe5vZGYQNEh-o5SuwhNUCCb2fTSsu1IvObA6eh8F7YRw65DQ==
expires
Tue, 09 Jan 2024 21:17:25 GMT
publisher:getClientId
ampcid.google.com/v1/ 		77 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
652b0f995e04ec831d8f49b9b1d8e0af931d5a5cb209c2802c5cf032dcf28cef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Jan 2024 07:25:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.normantranscript.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97
x-xss-protection
0
dcd5d0a6-3ce6-11e8-89c0-d7cdf39ea644.png
bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/custom/image/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/custom/image/dcd5d0a6-3ce6-11e8-89c0-d7cdf39ea644.png
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6147e229280b1f919a5ae67ecfdf040fa1939dd3fb131556d8e8431199b5547
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:26 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
168916
cf-polished
origFmt=png, origSize=11174
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="dcd5d0a6-3ce6-11e8-89c0-d7cdf39ea644.webp"
content-length
5604
cf-bgj
imgq:85,h2pri
last-modified
Tue, 10 Apr 2018 17:44:48 GMT
server
cloudflare
x-vcache
MISS
etag
"5accf810-2ba6"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
842af23f2d04afc7-NRT
expires
Fri, 06 Dec 2024 17:51:59 GMT
64f8dce00372b.image.jpg
bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/assets/v3/editorial/2/fe/2fe5fd32-4cf1-11ee-9eb4-e70ffd0e0465/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/assets/v3/editorial/2/fe/2fe5fd32-4cf1-11ee-9eb4-e70ffd0e0465/64f8dce00372b.image.jpg?resize=300%2C200
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90eb11bae851d7d825972550b988d515a61827205ba391c4af7e5cf804b92b63
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:26 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
origSize=12450, status=webp_bigger
cross-origin-resource-policy
cross-origin
cf-bgj
imgq:85,h2pri
last-modified
Wed, 06 Sep 2023 20:11:12 GMT
server
cloudflare
x-vcache
MISS
etag
"6e0eb5f86650cf8b89cf74935c260ee0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
842af23f2d06afc7-NRT
expires
Tue, 07 Jan 2025 15:02:31 GMT
659449bc48dca.image.jpg
bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/assets/v3/editorial/6/17/6175d86c-a995-11ee-a4cd-131ad856393a/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/assets/v3/editorial/6/17/6175d86c-a995-11ee-a4cd-131ad856393a/659449bc48dca.image.jpg?resize=150%2C128
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbe6a4debf74c5c92f7498df66f45284983080208f0ea969cef1c20d41ee99df
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:26 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
origSize=4508, status=webp_bigger
cross-origin-resource-policy
cross-origin
content-length
4331
cf-bgj
imgq:85,h2pri
last-modified
Tue, 02 Jan 2024 17:37:00 GMT
server
cloudflare
x-vcache
MISS
etag
"c692dfcd848632b0590543d91a7735fa"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
842af23f2d09afc7-NRT
expires
Thu, 02 Jan 2025 07:54:43 GMT
658c981260a13.image.jpg
bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/assets/v3/editorial/7/ad/7adaf110-a4ff-11ee-b959-e3a8199ea4cf/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/assets/v3/editorial/7/ad/7adaf110-a4ff-11ee-b959-e3a8199ea4cf/658c981260a13.image.jpg?resize=150%2C150
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2134f17ea7a803a1aeac4bb650ab45f0de6092a4683c9c11935a821e616193a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:26 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
origSize=4620, status=webp_bigger
cross-origin-resource-policy
cross-origin
content-length
4410
cf-bgj
imgq:85,h2pri
last-modified
Wed, 27 Dec 2023 21:33:06 GMT
server
cloudflare
x-vcache
MISS
etag
"46316eb6fe6d693b4c9a418b8f44dcab"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
842af23f2d0bafc7-NRT
expires
Sat, 28 Dec 2024 21:35:07 GMT
analytics.min.js
cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 		108 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.40.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-40-29.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dac08fd3eb7d2adf333d36ea5e35d4f4dc25c7dd705cbf99682707b2d95f9031

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
v4gxLFp6LN_bb5C9d7c7Yd6l6kCPxU1z
content-encoding
gzip
via
1.1 4da2bc835e000996f0b384c9db0412cc.cloudfront.net (CloudFront)
date
Tue, 09 Jan 2024 07:25:26 GMT
x-amz-cf-pop
NRT20-C1
age
95
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 05 Dec 2023 14:57:24 GMT
server
AmazonS3
etag
W/"b2b7a401bd4f0de0145925b43c4e7c21"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
dXxZjNJx25a_RKVtrwfcXiwsJD4yUHMIEKXwIzS0UzY0mQGq8d8nVA==
publisher:getClientId
ampcid.google.co.jp/v1/ 		3 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.co.jp/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Jan 2024 07:25:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.normantranscript.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
collect
www.google-analytics.com/g/ 		0
177 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-7YYJFLQXWS&gtm=45je4130v9105969367z871570408&_p=1704785125843&gcd=11l1l1l1l1&dma=0&cid=2123531324.1704785126&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704785126&sct=1&seg=0&dl=https%3A%2F%2Fwww.normantranscript.com%2F&dt=normantranscript.com%20%7C%20my%20paper%2C%20my%20town&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2797
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7YYJFLQXWS&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.normantranscript.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
destination
www.googletagmanager.com/gtag/ 		259 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-4T2EB147B8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0KMP6SXSW1&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3946ab5d921940ec1a7785bc190bdc71a16bc2e970000601d6fafb460ddc814
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89870
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 09 Jan 2024 07:25:26 GMT
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-0KMP6SXSW1&gtm=45je4130v9101195655z871570408&_p=1704785125843&gcd=11l1l1l1l1&dma=0&cid=2123531324.1704785126&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704785126&sct=1&seg=0&dl=https%3A%2F%2Fwww.normantranscript.com%2F&dt=normantranscript.com%20%7C%20my%20paper%2C%20my%20town&en=page_view&_fv=1&_ss=1&tfd=2831
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0KMP6SXSW1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.normantranscript.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
settings
cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/settings
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.40.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-40-29.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eec1d339b9dac9ef9991e418a6fd71c2cf953d77ed1597ed68f82fcc12bf7767

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
8wBdC1fvjthSTrFspxDO4VzVvdAFdrfL
content-encoding
gzip
via
1.1 e8cc67dac801883a467c565f16878d92.cloudfront.net (CloudFront)
date
Tue, 09 Jan 2024 07:12:29 GMT
x-amz-cf-pop
NRT20-C1
age
778
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 09 Oct 2023 16:01:47 GMT
server
AmazonS3
etag
W/"b1f2fbddf3135863ad45acc993d27497"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
x-amz-cf-id
O5bq47wlILbHktN3sn84AzjumOdOAUSV8sK1rPwfa9NLc1ERG8ktag==
nLPwoydMoLLFHJokgSzIEFIGLyxBM3H8kif7HwK9KXEvvSLlfsPhnM6QRqiX70RpDoY5NLunpBYuKcWA7SkJ4LBKaUIAYFp-hEHut1g_vJnZJMCh2kcI=s42-p-rj-l68-e365
lh3.googleusercontent.com/ 		1001 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/nLPwoydMoLLFHJokgSzIEFIGLyxBM3H8kif7HwK9KXEvvSLlfsPhnM6QRqiX70RpDoY5NLunpBYuKcWA7SkJ4LBKaUIAYFp-hEHut1g_vJnZJMCh2kcI=s42-p-rj-l68-e365
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
885abd095038d0b26ddf25b2d8dcb7821d1fcf71206af595bd9856b9219eaf89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 05:15:55 GMT
x-content-type-options
nosniff
age
7771
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1001
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=7776000, no-transform
timing-allow-origin
*
expires
Mon, 08 Apr 2024 05:15:55 GMT
YzDxv227MQoR4uz5uj2c0Ye_muXZ3Bz5-57yzNldflXd5TRtkYl8SbWK-wKW05aEHbo9GC_WJ7MZYfaSKHHX3pyehyhGljgbs6LNH-7tfloa_y_WJv9fKA=s42-p-rj-l68-e365
lh3.googleusercontent.com/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/YzDxv227MQoR4uz5uj2c0Ye_muXZ3Bz5-57yzNldflXd5TRtkYl8SbWK-wKW05aEHbo9GC_WJ7MZYfaSKHHX3pyehyhGljgbs6LNH-7tfloa_y_WJv9fKA=s42-p-rj-l68-e365
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f2133ed0543fce742aa776af79c83a913943c27b4e39d8dedcec894581fb010f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 05:21:01 GMT
x-content-type-options
nosniff
age
7465
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1194
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=7776000, no-transform
timing-allow-origin
*
expires
Mon, 08 Apr 2024 05:21:01 GMT
MAohlCgf5BJ3C0fBtuJkluatjm9Nph6XruJmtyK33DiV3b1tJsLxzn7QMbmEBdgponbqoR8zj-YuP6DAUzOg6l0EZoFlHnODMvsf27oNxZGH7rvpZO10HQ=s42-p-rj-l68-e365
lh3.googleusercontent.com/ 		972 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/MAohlCgf5BJ3C0fBtuJkluatjm9Nph6XruJmtyK33DiV3b1tJsLxzn7QMbmEBdgponbqoR8zj-YuP6DAUzOg6l0EZoFlHnODMvsf27oNxZGH7rvpZO10HQ=s42-p-rj-l68-e365
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e99a8b2bb16e002eba81a971ff71f7eabe04c12b03cbadcfd13e3b448a8b4ebd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 05:11:06 GMT
x-content-type-options
nosniff
age
8060
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
972
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=7776000, no-transform
timing-allow-origin
*
expires
Mon, 08 Apr 2024 05:11:06 GMT
sprite_icons_6dc7d94.png
www.justapinch.com/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.justapinch.com/images/sprite_icons_6dc7d94.png
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.10.17 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
17.10.211.130.bc.googleusercontent.com
Software
nginx /
Resource Hash
48ea5787f01c0678de86c7861e830f03a3163a2d3a25ddb8fe3b343725dfeabd

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 22:09:46 GMT
via
1.1 google
last-modified
Fri, 24 Nov 2023 04:30:31 GMT
server
nginx
age
551740
x-who
gcloud-web-2
content-type
image/png
cache-control
max-age=31536000,public
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22292
expires
Wed, 01 Jan 2025 22:09:46 GMT
tzeJn0FsUUbQ0l-mcDy5RfyNDsxk-sTAZ1lNF3v6uwyevHyG5p-eEJUMUDLz0fWsq_tjoyjFlrh-aoCrk03o2xQhBKXZ=w300-h170-p-rj-l75
lh3.googleusercontent.com/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/tzeJn0FsUUbQ0l-mcDy5RfyNDsxk-sTAZ1lNF3v6uwyevHyG5p-eEJUMUDLz0fWsq_tjoyjFlrh-aoCrk03o2xQhBKXZ=w300-h170-p-rj-l75
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
26dd7e9b07a8f0d0622bb594a9af1f9ba33d65999bec26bc573e1f4c27c9a4a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 06:48:53 GMT
x-content-type-options
nosniff
age
2193
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19846
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 10 Jan 2024 06:48:53 GMT
E1KT4MfeAVhVMLi-7NN4DvnYz9TT145rkhFbYL0fsbH44KNeLMAKUuwfVkoC1ltMHCV04CHsDh9DFN_Vs8bWdMa8S16kx33YI1zGNffx5A=w300-h170-p-rj-l75
lh3.googleusercontent.com/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/E1KT4MfeAVhVMLi-7NN4DvnYz9TT145rkhFbYL0fsbH44KNeLMAKUuwfVkoC1ltMHCV04CHsDh9DFN_Vs8bWdMa8S16kx33YI1zGNffx5A=w300-h170-p-rj-l75
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
b7f7467c6c06a52e49133e22bf159ae2fe9819521717d96c492a5efcbb031e03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 06:47:54 GMT
x-content-type-options
nosniff
age
2252
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13791
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 10 Jan 2024 06:47:54 GMT
Dmd6LVW-hEMfngDf6stnLFUYrUBLJeL2vehRfvlvwCSbfpgjOw89IDZkd7OgT6hvbSzz_kSSqxccA4mBdTCakYYg87zHcQ=w300-h170-p-rj-l75
lh3.googleusercontent.com/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/Dmd6LVW-hEMfngDf6stnLFUYrUBLJeL2vehRfvlvwCSbfpgjOw89IDZkd7OgT6hvbSzz_kSSqxccA4mBdTCakYYg87zHcQ=w300-h170-p-rj-l75
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
4e20971ca76f3f3491aaaeb9ed361796ced1576fcfb42bda856bdde4070df29b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 06:39:46 GMT
x-content-type-options
nosniff
age
2740
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12826
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 10 Jan 2024 06:39:46 GMT
gtm.js
www.googletagmanager.com/ 		147 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MNNWDH2
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
949e13f62530b313295b0926a35f686051cf5998af5a7e484fce9849c7a88f54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55182
x-xss-protection
0
last-modified
Tue, 09 Jan 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 09 Jan 2024 07:25:26 GMT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
541df9709e639a31e400f0b9d0255d2b096ec4cefefe496c38450b96f6e7ff0e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
collect
www.google-analytics.com/j/ 		3 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=719282103&t=pageview&_s=1&dl=https%3A%2F%2Fwww.normantranscript.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=normantranscript.com%20%7C%20my%20paper%2C%20my%20town&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgUABAAQCACAAI~&jid=1659455181&gjid=618422148&cid=2123531324.1704785126&tid=UA-54716522-7&_gid=1171950.1704785126&_slc=1&gtm=45He4130n71PDQV3Nv72758733&cd2=editorial&cd3=flex&cd4=flex-editorial&cd5=no&cd6=Large%3A%20Desktop%20computers.&cd8=200&cd9=No&cd10=No&cd12=No&cd13=https%3A%2F%2Fwww.normantranscript.com%2F&cd15=3.155.0&cd16=No&cd17=Page%20View&cm1=768&gcd=11l1l1l1l1&dma=0&z=1383336398
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.normantranscript.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-54716522-7&cid=2123531324.1704785126&jid=1659455181&gjid=618422148&_gid=1171950.1704785126&_u=YCDAgUABAAQCAGAAI~&z=207540885
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c13::9c Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 09 Jan 2024 07:25:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.normantranscript.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=719282103&t=pageview&_s=1&dl=https%3A%2F%2Fwww.normantranscript.com%2F&ul=en-us&de=UTF-8&dt=normantranscript.com%20%7C%20my%20paper%2C%20my%20town&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgUABAAQCAGAAIAB~&jid=1054487391&gjid=277264185&cid=2123531324.1704785126&tid=UA-3850501-15&_gid=1171950.1704785126&_slc=1&gtm=45He4130n71K8STNVv71570408&cd2=1704785126182.my1e26qd&cd3=2024-01-09T16%3A25%3A26.182%2B09%3A00&gcd=11l1l1l1l1&dma=0&z=1757761016
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.normantranscript.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-3850501-15&cid=2123531324.1704785126&jid=1054487391&gjid=277264185&_gid=1171950.1704785126&_u=YCDAgUABAAQCAGAAIAB~&z=1071480867
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c13::9c Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 09 Jan 2024 07:25:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.normantranscript.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=719282103&t=pageview&_s=1&dl=https%3A%2F%2Fwww.normantranscript.com%2F&ul=en-us&de=UTF-8&dt=normantranscript.com%20%7C%20my%20paper%2C%20my%20town&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgUABAAQCAGAAIAB~&jid=1334283157&gjid=1338911578&cid=2123531324.1704785126&tid=UA-2313981-1&_gid=1171950.1704785126&_slc=1&gtm=45He4130n71K8STNVv71570408&gcd=11l1l1l1l1&dma=0&z=1166248905
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.normantranscript.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2313981-1&cid=2123531324.1704785126&jid=1334283157&gjid=1338911578&_gid=1171950.1704785126&_u=YCDAgUABAAQCAGAAIAB~&z=530778944
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c13::9c Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 09 Jan 2024 07:25:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.normantranscript.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=719282103&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.normantranscript.com%2F&ul=en-us&de=UTF-8&dt=normantranscript.com%20%7C%20my%20paper%2C%20my%20town&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Section&ea=Load&el=homepage&ev=1&_u=YCDAgUABAAQCAGAAIAB~&jid=&gjid=&cid=2123531324.1704785126&tid=UA-3850501-15&_gid=1171950.1704785126&gtm=45He4130n71K8STNVv71570408&gcd=11l1l1l1l1&dma=0&z=832565373
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Jan 2024 22:58:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
30423
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/
Redirect Chain
  • https://idsync.rlcdn.com/712559.gif?partner_uid=d213e357-e49b-477e-a56c-7df40e06b16d
  • https://idsync.rlcdn.com/1000.gif?memo=CO--KxIwCiwIARD5vAoaJGQyMTNlMzU3LWU0OWItNDc3ZS1hNTZjLTdkZjQwZTA2YjE2ZBAAGg0I5unzrAYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=0c1648657875c6306212d3ef449ee5e03516a293c5344ffed214c5d7feaea2c9791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAwYzE2NDg2NTc4NzVjNjMwNjIxMmQzZWY0NDllZTVlMDM1MTZhMjkzYzUzNDRmZmVkMjE0YzVkN2ZlYWVhMmM5NzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAwYzE2NDg2NTc4NzVjNjMwNjIxMmQzZWY0NDllZTVlMDM1MTZhMjkzYzUzNDRmZmVkMjE0YzVkN2ZlYWVhMmM5NzkxNDI2YjU0MTdkY2UyMRAAGgwI5unzrAYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=847d2774-5191-4ab3-991e-b90b9f0eb740
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=847d2774-5191-4ab3-991e-b90b9f0eb740
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:27 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Tue, 09 Jan 2024 07:25:27 GMT
via
1.1 google
strict-transport-security
max-age=31536000
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/458249.gif?partner_uid=847d2774-5191-4ab3-991e-b90b9f0eb740
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
1449.jsx
cdn-p.cityspark.com/wid/ 		63 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-p.cityspark.com/wid/1449.jsx?b=1704785126418&on=aHR0cHM6Ly93d3cubm9ybWFudHJhbnNjcmlwdC5jb20v&callback=jsonp1449
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:9001::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b9c73af1d7ce6deb846fea3f08ad7c0c7cdb591d3389944c2b8e75d7c90b0b7e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Tue, 09 Jan 2024 09:25:26 GMT
date
Tue, 09 Jan 2024 07:25:26 GMT
content-encoding
gzip
strict-transport-security
max-age=0
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=7200
x-proxy-cache
HIT
ajs-destination.bundle.13362ca512563a10e34d.js
cdn.segment.com/analytics-next/bundles/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.13362ca512563a10e34d.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.40.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-40-29.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e4fde2a7e2da4eb11065a29f03b7f68566665515cf79bf4841168b46508dda5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 21:08:38 GMT
x-amz-version-id
p6tk_itArJhm1.zmwaH5aXhODx_TUmzt
content-encoding
br
via
1.1 4da2bc835e000996f0b384c9db0412cc.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT20-C1
age
4702609
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 15 Nov 2023 20:12:01 GMT
server
AmazonS3
etag
W/"0dec480089dae7da1834489f95aca4e7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
q4ghxxkazWckQB5IsGJob3io1Kh_mEIyercpRVAp0QBr3m9X5pNePQ==
schemaFilter.bundle.f63551a29dc1697f71b6.js
cdn.segment.com/analytics-next/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.f63551a29dc1697f71b6.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.40.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-40-29.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 08:14:40 GMT
x-amz-version-id
nmmjrJ5kSBzgea7DgNlVWuS7gPlyPng_
content-encoding
br
via
1.1 4da2bc835e000996f0b384c9db0412cc.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT20-C1
age
5785847
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 03 Nov 2023 08:06:50 GMT
server
AmazonS3
etag
W/"2a359f6227308e4ee31623f9381ae1d7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
drWEwCuyR-AYYwiwEi8ES7o_6PZZzrdeseQ1jjr0dWAwllN4MrTKzw==
collect
analytics.google.com/g/ 		0
260 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-4T2EB147B8&gtm=45je4130v887101457z8861227858&_p=1704785125843&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=2123531324.1704785126&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=normantranscript.com%20%7C%20my%20paper%2C%20my%20town&dl=https%3A%2F%2Fwww.normantranscript.com%2F&sid=1704785126&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.canonical_url=https%3A%2F%2Fwww.normantranscript.com%2F&epn.townnews_crm_group_id=13&ep.generator=BLOX&ep.generator_version=1.72.4&tfd=2943
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80f::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.normantranscript.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4T2EB147B8&cid=2123531324.1704785126&gtm=45je4130v887101457z8861227858&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c13::9c Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.normantranscript.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.jp/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-4T2EB147B8&cid=2123531324.1704785126&gtm=45je4130v887101457z8861227858&aip=1&dma=0&gcd=11l1l1l1l1&z=376014608
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
beacons
p.flipp.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p.flipp.com/beacons
Requested by
Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1181297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-66.nrt20.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Tue, 09 Jan 2024 07:25:26 GMT
via
1.1 a4bb14f10759ac627f121fe429448a42.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT20-C2
vary
Origin
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.normantranscript.com
access-control-allow-credentials
true
x-amz-cf-id
-w3cHyvAmDLlmRc67y3o62wuq2J-g_Ey8GUzS3-mIVTdv6H-J6uTNA==
p
api.segment.io/v1/ 		21 B
180 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.160.151.220 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-160-151-220.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.normantranscript.com
date
Tue, 09 Jan 2024 07:25:26 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
js
www.googletagmanager.com/gtag/ Frame CC4C 		223 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-39CWM68PTE&l=cswDataLayer
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b19687dfccddb020d5dfe9645e3e4ae12758d1fdefefd7cd6ef53ad378fcec3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80773
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 09 Jan 2024 07:25:26 GMT
WidgetTemplate.min.css
cdn-p.cityspark.com/cdn/widget/ Frame CC4C 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-p.cityspark.com/cdn/widget/WidgetTemplate.min.css?v=5
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:9001::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
66e7656dc57ecf05b433ebae0948744b817616f643cc85099147f0cf89f21bba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Tue, 09 Jan 2024 09:25:26 GMT
date
Tue, 09 Jan 2024 07:25:26 GMT
content-encoding
gzip
strict-transport-security
max-age=0
last-modified
Fri, 08 Dec 2023 19:36:08 GMT
server
Microsoft-IIS/10.0
etag
"1da2a0dca6e2185"
x-powered-by
ASP.NET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=7200
x-proxy-cache
HIT
angular.min.js
cdn.jsdelivr.net/combine/npm/jquery@3.3.1,npm/slick-carousel@1.8.1,npm/angular@1.2.32/ Frame CC4C 		233 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/combine/npm/jquery@3.3.1,npm/slick-carousel@1.8.1,npm/angular@1.2.32/angular.min.js
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d227fc8d96c990b39a45dcc150fd5865c7eea4bcba1993e5c0d697ef18186017
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 09 Jan 2024 07:25:26 GMT
age
2241219
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
84345
x-served-by
cache-fra-eddf8230123-FRA, cache-nrt-rjtf7700066-NRT
etag
W/"3a3d1-mQhO7M4PisJK9aOZxo7KSLWf0fo"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
widgetcombined2.min.js
cdn-p.cityspark.com/cdn/widget/ Frame CC4C 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-p.cityspark.com/cdn/widget/widgetcombined2.min.js?v=11
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:9001::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
92463b9d2cd139c4a84d9e0a7c4bdb6a2f6623eb7e0fe6614afbfc441e94fd99
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Tue, 09 Jan 2024 09:25:26 GMT
date
Tue, 09 Jan 2024 07:25:26 GMT
content-encoding
gzip
strict-transport-security
max-age=0
last-modified
Fri, 01 Dec 2023 16:43:43 GMT
server
Microsoft-IIS/10.0
etag
"1da24758b701231"
x-powered-by
ASP.NET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=7200
x-proxy-cache
HIT
p-uq0GLFySb_d1T.gif
pixel.quantserve.com/pixel/ Frame CC4C 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-uq0GLFySb_d1T.gif
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800e:21:46d:7e81:55ff:4c12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:26 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
truncated
/ Frame CC4C 		297 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
063fb28b8ff592dc368b419fc355502c77fb9fcdff50af9418a1b482025aa5d7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
icomoon.woff
cdn-p.cityspark.com/cdn/widget/fonts/ Frame CC4C 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn-p.cityspark.com/cdn/widget/fonts/icomoon.woff?-35bf
Requested by
Host: cdn-p.cityspark.com
URL: https://cdn-p.cityspark.com/cdn/widget/WidgetTemplate.min.css?v=5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:9001::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ab4c432dc5313ff43167b911b6be0742a49eb52ccc520124e9a6104e81f72c27
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://cdn-p.cityspark.com/cdn/widget/WidgetTemplate.min.css?v=5
Origin
https://www.normantranscript.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Tue, 09 Jan 2024 09:25:26 GMT
date
Tue, 09 Jan 2024 07:25:26 GMT
strict-transport-security
max-age=0
last-modified
Fri, 01 Dec 2023 16:43:43 GMT
server
Microsoft-IIS/10.0
etag
"1da24758b700e5c"
x-powered-by
ASP.NET
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=7200
accept-ranges
bytes
content-length
2012
x-proxy-cache
HIT
ajax-loader.gif
cdn-p.cityspark.com/cdn/widget/ Frame CC4C 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-p.cityspark.com/cdn/widget/ajax-loader.gif
Requested by
Host: cdn-p.cityspark.com
URL: https://cdn-p.cityspark.com/cdn/widget/WidgetTemplate.min.css?v=5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:9001::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn-p.cityspark.com/cdn/widget/WidgetTemplate.min.css?v=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Tue, 09 Jan 2024 09:25:26 GMT
date
Tue, 09 Jan 2024 07:25:26 GMT
strict-transport-security
max-age=0
last-modified
Fri, 01 Dec 2023 16:43:43 GMT
server
Microsoft-IIS/10.0
etag
"1da24758b7019d2"
x-powered-by
ASP.NET
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=7200
accept-ranges
bytes
content-length
4178
x-proxy-cache
HIT
8I8A9l64kE21tehPhZrVtA.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame CC4C 		208 KB
208 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/8I8A9l64kE21tehPhZrVtA.medium.png
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:9001::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e88f4cfa08aa00ee532ce905e24cd09b775c0617ca822210747e8fa52e8664e8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Tue, 09 Jan 2024 07:25:26 GMT
strict-transport-security
max-age=0
content-md5
avaZzWaPxX3t9iZDQjZpEQ==
content-length
212672
x-ms-lease-status
unlocked
last-modified
Sat, 09 Sep 2023 08:37:52 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DBB1100E7655BD
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
07f873fe-801e-0078-7361-1e9e49000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Thu, 11 Jan 2024 07:25:26 GMT
OWT1y0Red0SoF1Y5kyLssw.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame CC4C 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/OWT1y0Red0SoF1Y5kyLssw.medium.png
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:9001::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
163cebeaefb32392ad45d89fe283332c010549639467fc75b2a720a23ffe6d43
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Tue, 09 Jan 2024 07:25:26 GMT
strict-transport-security
max-age=0
content-md5
M+H0CjMNXwORJv/wPairBQ==
content-length
3802
x-ms-lease-status
unlocked
last-modified
Sun, 25 Jun 2023 00:27:06 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB7512E7DD9C3E
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
53923a35-601e-0070-3c73-1f8446000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Thu, 11 Jan 2024 07:25:26 GMT
aRLbiJ9rs0eB72H2qEZw4g.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame CC4C 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/aRLbiJ9rs0eB72H2qEZw4g.medium.png
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:9001::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
66d155b879d2692f6967e60ba36158650bbe309b57da05d3966248f6050b5b81
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Tue, 09 Jan 2024 07:25:26 GMT
strict-transport-security
max-age=0
content-md5
pVeMLuOzj4k0VpLCuhNm1g==
content-length
4822
x-ms-lease-status
unlocked
last-modified
Tue, 07 Nov 2023 17:48:04 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DBDFB9B175CA78
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
754c5e7c-f01e-004d-803a-2cf25d000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Thu, 11 Jan 2024 07:25:26 GMT
PQg44BKISkmXRnHTOykTXw.medium.jpg
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame CC4C 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/PQg44BKISkmXRnHTOykTXw.medium.jpg
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:9001::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ccd5b61e7f52bc9216c948f99825c6f6fdc8510dc8e6169f217bbb5e1f9b81a1
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Tue, 09 Jan 2024 07:25:26 GMT
strict-transport-security
max-age=0
content-md5
KbAnuPW18JyLc7yGaIdf5A==
content-length
47987
x-ms-lease-status
unlocked
last-modified
Thu, 23 Nov 2023 19:25:06 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DBEC59E6718713
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
7deadc61-601e-005f-5276-31898d000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Thu, 11 Jan 2024 07:25:26 GMT
fZSESUbKHUi2mV2XahxOAA.medium.jpg
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame CC4C 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/fZSESUbKHUi2mV2XahxOAA.medium.jpg
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:9001::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
eda805dc6626b5deba39b024011953c9abe5082dcb897e2b03ce5ab2946777b3
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Tue, 09 Jan 2024 07:25:26 GMT
strict-transport-security
max-age=0
content-md5
hV+u35w/jO8TXhdP4XOfRA==
content-length
24577
x-ms-lease-status
unlocked
last-modified
Mon, 18 Dec 2023 21:53:56 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC0013D57230CD
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
e38c2203-701e-0031-6621-32dca2000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Thu, 11 Jan 2024 07:25:26 GMT
NSjcYet9DkW9GwlJPaNKfQ.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame CC4C 		166 KB
167 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/NSjcYet9DkW9GwlJPaNKfQ.medium.png
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:9001::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a7b17783fd3d49f11aae189304333e7dd6405d8e60102e3022b5c23f3cf9dca0
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Tue, 09 Jan 2024 07:25:26 GMT
strict-transport-security
max-age=0
content-md5
AMTMQRLT//46HB7I+8zsSQ==
content-length
170337
x-ms-lease-status
unlocked
last-modified
Fri, 15 Dec 2023 12:55:50 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DBFD6D2A7FBA61
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
76c3e675-001e-0076-5c04-39b7f9000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Thu, 11 Jan 2024 07:25:26 GMT
bgna2kZ-UUy_SIdJdAMh4A.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame CC4C 		129 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/bgna2kZ-UUy_SIdJdAMh4A.medium.png
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:9001::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
aba1ce5341ce84b5199ebbc58553591f717bfb073b347c0b727567d897d19bd3
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-proxy-cache
REVALIDATED
x-ms-blob-type
BlockBlob
date
Tue, 09 Jan 2024 07:25:26 GMT
strict-transport-security
max-age=0
content-md5
ma44s5aNh4JT1Fk9VlJDWg==
content-length
132446
x-ms-lease-status
unlocked
last-modified
Fri, 08 Dec 2023 06:24:04 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DBF7B646CB6DF6
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
561aa6ee-a01e-0040-5008-393a89000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Thu, 11 Jan 2024 07:25:26 GMT
lF-CrtGJwkmLBeQZvDSlng.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame CC4C 		140 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/lF-CrtGJwkmLBeQZvDSlng.medium.png
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:9001::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
cc6e5734072f66432efad80d834dd3cde9ec56d233c170a1bb382b732fe74ead
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Tue, 09 Jan 2024 07:25:26 GMT
strict-transport-security
max-age=0
content-md5
GfflkCDO+Q80xWeMMrfkYQ==
content-length
143461
x-ms-lease-status
unlocked
last-modified
Sat, 09 Sep 2023 08:37:53 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DBB1100F39D6CC
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
f3a76488-401e-0015-24c9-1e2a02000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Thu, 11 Jan 2024 07:25:26 GMT
WR9LZtFFR0S6igRV6-hEzQ.medium.jpg
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame CC4C 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/WR9LZtFFR0S6igRV6-hEzQ.medium.jpg
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:9001::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
18fb162102a2c652e37038cb260f3df0620ac41dca46ffa7f63ec53fef6a92c8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-proxy-cache
REVALIDATED
x-ms-blob-type
BlockBlob
date
Tue, 09 Jan 2024 07:25:26 GMT
strict-transport-security
max-age=0
content-md5
ZReWKHgGbw74n1YpuXdaug==
content-length
35120
x-ms-lease-status
unlocked
last-modified
Tue, 19 Dec 2023 03:00:03 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC003E98E8DC56
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
7877c9db-301e-0030-27de-33837e000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Thu, 11 Jan 2024 07:25:26 GMT
lCmfx48KM0S-yvBQpr6toQ.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame CC4C 		194 KB
194 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/lCmfx48KM0S-yvBQpr6toQ.medium.png
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:9001::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
698fe2efc10b4b26dfef0265968c4ef6f11f8e902934fda1f9b242874cada90b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Tue, 09 Jan 2024 07:25:26 GMT
strict-transport-security
max-age=0
content-md5
fFogPKTdeGkLesc/Dg/4tg==
content-length
198373
x-ms-lease-status
unlocked
last-modified
Tue, 21 Nov 2023 00:46:47 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DBEA2B577AD723
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
acb25522-901e-0074-40c0-1f0941000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Thu, 11 Jan 2024 07:25:26 GMT
aa5bfa61-658d-4e5c-8c9b-146f36f52107.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame CC4C 		104 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/aa5bfa61-658d-4e5c-8c9b-146f36f52107.medium.png
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:9001::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f629522460d3571c15128bc851095794b7e587d98b6bf31ccc15a7afc1e7c000
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Tue, 09 Jan 2024 07:25:26 GMT
strict-transport-security
max-age=0
content-md5
/3qSaxoDCRLXTGI0D1OThQ==
content-length
106813
x-ms-lease-status
unlocked
last-modified
Fri, 18 Oct 2013 00:36:01 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D099B127F9B09F
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
0df33ea0-c01e-0056-4238-f5cc5e000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Thu, 11 Jan 2024 07:25:26 GMT
0lt9gUbuoUaieboWowzV4w.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame CC4C 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/0lt9gUbuoUaieboWowzV4w.medium.png
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:9001::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d985831880b545602ce6024aea996faaecaae7452c840ab45ff427083b7251cc
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Tue, 09 Jan 2024 07:25:26 GMT
strict-transport-security
max-age=0
content-md5
68B4gfq/4YlT/HvyAjyAjg==
content-length
3595
x-ms-lease-status
unlocked
last-modified
Thu, 04 Jan 2024 21:31:25 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC0D6C810DE982
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
87fc19a4-801e-0047-1767-3f56ea000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Thu, 11 Jan 2024 07:25:26 GMT
c3ab6a6e-cce4-4cd5-9a06-5b881b93894e.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame CC4C 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/c3ab6a6e-cce4-4cd5-9a06-5b881b93894e.medium.png
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:9001::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4b70b6b73e26c213b3c79ccddbce2ac9fac27d4c047963f2b84816c828b1ab0f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Tue, 09 Jan 2024 07:25:26 GMT
strict-transport-security
max-age=0
content-md5
M7u08c1fE9fnewJXl44TIw==
content-length
55922
x-ms-lease-status
unlocked
last-modified
Fri, 18 Oct 2013 00:52:01 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D099B363C0CCB3
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
aaf6107d-901e-0074-4e94-280941000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Thu, 11 Jan 2024 07:25:26 GMT
2d041618-a4c8-4cad-9abb-b4dd089182a5.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame CC4C 		115 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/2d041618-a4c8-4cad-9abb-b4dd089182a5.medium.png
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:9001::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b50a4b9bfb96a776b168e0fa287f80d268eddebf56355685ff316772db90398e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Tue, 09 Jan 2024 07:25:26 GMT
strict-transport-security
max-age=0
content-md5
wdhyWHEvV2fOzrTbS+ZTqg==
content-length
118106
x-ms-lease-status
unlocked
last-modified
Fri, 18 Oct 2013 08:01:02 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D099EF52A0C282
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
21bfe4bc-b01e-003e-3fe5-35aace000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Thu, 11 Jan 2024 07:25:26 GMT
9587fbe0-2248-421c-91ba-c80c07c0bcc8.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame CC4C 		122 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/9587fbe0-2248-421c-91ba-c80c07c0bcc8.medium.png
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:9001::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
45348bc8e86424e6810773fa6a3fb6e3564d85aeaf5ac106a785005f2ffe0131
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Tue, 09 Jan 2024 07:25:26 GMT
strict-transport-security
max-age=0
content-md5
wxtDR2b2uvpZRxbOVQS4eQ==
content-length
124508
x-ms-lease-status
unlocked
last-modified
Sun, 11 May 2014 22:54:56 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D13B8329D401D9
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
4692ed9a-001e-0066-1c70-287291000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Thu, 11 Jan 2024 07:25:26 GMT
p-uq0GLFySb_d1T.gif
pixel.quantserve.com/pixel/ Frame CC4C 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-uq0GLFySb_d1T.gif
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/combine/npm/jquery@3.3.1,npm/slick-carousel@1.8.1,npm/angular@1.2.32/angular.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800e:21:46d:7e81:55ff:4c12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 09 Jan 2024 07:25:26 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
50a6bf9e-2e04-48d8-9da3-bf7857460c69
config.aps.amazon-adsystem.com/configs/ 		564 B
839 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/50a6bf9e-2e04-48d8-9da3-bf7857460c69
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.86.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-86-87.nrt12.r.cloudfront.net
Software
CloudFront /
Resource Hash
355a18fb2a2fadb1e1f9105046645857414a05674a949f464f72cea8d5ffbc06

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 06:39:47 GMT
via
1.1 f67b404dafeed4f2768866a5304e91b2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
NRT12-C2
age
2739
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
564
x-amz-cf-id
ymxvasT6fvImRT6PrI75toAlSq0USAxiZOrZoezf6mFE6cjseyb0Sw==
config
c.amazon-adsystem.com/cdn/prod/ 		0
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.normantranscript.com&pubid=50a6bf9e-2e04-48d8-9da3-bf7857460c69
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.170.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-170-54.nrt12.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 02:30:02 GMT
via
1.1 5937fca00485f2f0f4c9df4dd6632614.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
NRT12-C3
age
17723
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.normantranscript.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
TZa6cgHBaJUG4GARgTm6XTbOmHQhiRMjDBN5bvKdgFtXd20GmQfDVA==
rules-p-eb6rW8CarLDWY.js
rules.quantcount.com/ 		160 B
641 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-eb6rW8CarLDWY.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2066:d800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c99eeb0ffc836cfbaf142f6a4cc3efcb826d3c112d52bbaa079cc982b773bc1a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:17:37 GMT
via
1.1 0105a4369151fac4adac04600c77e566.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT12-C5
age
470
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 16:26:57 GMT
server
AmazonS3
etag
"ea52eb301590b357d6e197d77eac3ab0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
2yGk9mh04OnnAiP1kCvsMGDY1W4WI1DTxT7p6CEL76ytIrdHZf32Gw==
J9oVQ43j22g
www.youtube.com/embed/ Frame 188B 		93 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/J9oVQ43j22g?enablejsapi=1&origin=https://www.normantranscript.com
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80f::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
82962e8c8a6f3e66956446a352aca8fd7a486e40f507a8efbea55e29e00dac53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.normantranscript.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Tue, 09 Jan 2024 07:25:26 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=ja for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/normantranscript.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80f::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0271e782d0e49674121fe3f5e703dfbff44ed8de8b8625a006eeb4a9702724d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=ja for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Tue, 09 Jan 2024 07:25:26 GMT
659c5e1f650bf.preview.jpg
bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/assets/v3/editorial/3/b6/3b60256e-9a8d-5698-b1a9-0f111ad4731e/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/assets/v3/editorial/3/b6/3b60256e-9a8d-5698-b1a9-0f111ad4731e/659c5e1f650bf.preview.jpg?resize=156%2C200
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fbec58b96bf733df6bd682cfc5de88c9cd2e6d5bf8b7354334400a9cfecc785
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:26 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=5600
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="659c5e1f650bf.webp"
content-length
5096
cf-bgj
imgq:85,h2pri
last-modified
Mon, 08 Jan 2024 20:42:07 GMT
server
cloudflare
x-vcache
MISS
etag
"ebbe22ded010e7c336fcf87264a2d0aa"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
842af241ffa7afc7-NRT
expires
Tue, 07 Jan 2025 20:49:14 GMT
6599dd110ad87.preview.jpg
bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/assets/v3/editorial/6/01/6013f269-def0-5e28-b079-28fa4552fbc4/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/assets/v3/editorial/6/01/6013f269-def0-5e28-b079-28fa4552fbc4/6599dd110ad87.preview.jpg?resize=155%2C200
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5217f89b1e314cb675e0ab6f682307406ce503ffc175b3974188691ae573fba
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:26 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
161903
cf-polished
qual=85, origFmt=jpeg, origSize=5925
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="6599dd110ad87.webp"
cf-bgj
imgq:85,h2pri
last-modified
Sat, 06 Jan 2024 23:06:57 GMT
server
cloudflare
x-vcache
MISS
etag
"2241fa3977673979453c41579f3bf927"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
842af241ffacafc7-NRT
expires
Sun, 05 Jan 2025 23:13:42 GMT
6599dd11f01b5.preview.jpg
bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/assets/v3/editorial/9/99/999d038d-6842-583e-bee7-9bb636afd1b2/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/assets/v3/editorial/9/99/999d038d-6842-583e-bee7-9bb636afd1b2/6599dd11f01b5.preview.jpg?resize=156%2C200
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc46cc9f9487c7f546ad49445500404b4a5e618da338164b7f4e2da60b627d0a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:26 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
origSize=8721, status=webp_bigger
cross-origin-resource-policy
cross-origin
content-length
8582
cf-bgj
imgq:85,h2pri
last-modified
Sat, 06 Jan 2024 23:06:58 GMT
server
cloudflare
x-vcache
MISS
etag
"1b5db45250f7934c237c202a60882d5d"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
842af241ffaeafc7-NRT
expires
Sun, 05 Jan 2025 23:13:42 GMT
65972f53d6e7d.preview.jpg
bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/assets/v3/editorial/2/a9/2a9a5722-59d2-51fb-b482-3d4fbdd255f7/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/assets/v3/editorial/2/a9/2a9a5722-59d2-51fb-b482-3d4fbdd255f7/65972f53d6e7d.preview.jpg?resize=151%2C200
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e6606b439e178ee697a783de0b3dd9d05aec5fa3ce69956881cf6bc5d310201
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:26 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
origSize=6215, status=webp_bigger
cross-origin-resource-policy
cross-origin
content-length
6032
cf-bgj
imgq:85,h2pri
last-modified
Thu, 04 Jan 2024 22:21:08 GMT
server
cloudflare
x-vcache
MISS
etag
"d33a8b55e780430f2825aa341561e227"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
842af241ffb1afc7-NRT
expires
Fri, 03 Jan 2025 22:23:51 GMT
65966e2434eda.preview.jpg
bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/assets/v3/editorial/b/ab/babcbfcd-7d32-52b8-8e21-c440a41a0ddb/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/assets/v3/editorial/b/ab/babcbfcd-7d32-52b8-8e21-c440a41a0ddb/65966e2434eda.preview.jpg?resize=140%2C200
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1be31d0e6163ca9064822b0ca7103f7281905197bc443e7e7976a983facae94
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:26 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=4743
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="65966e2434eda.webp"
content-length
4024
cf-bgj
imgq:85,h2pri
last-modified
Thu, 04 Jan 2024 08:36:52 GMT
server
cloudflare
x-vcache
HIT
etag
"ab274faa3062fcf07e3c441ba89e53dc"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
842af241ffb3afc7-NRT
expires
Fri, 03 Jan 2025 08:46:53 GMT
truncated
/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c15de2b5340a556c099e0154a767d50bd42c3713fe89bd5c2369def7d93767bf

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
img/png
collect
www.google-analytics.com/g/ Frame CC4C 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-39CWM68PTE&gtm=45je4130v9122458175&_p=1704785126537&gcd=11l1l1l1l1&dma=0&cid=200918507.1704785127&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dp=%2Fwidget%2Fthenormantranscript%2F1449%2FNorman%20Transcript%20Events%2F2a13a1083a49a%2F&sid=1704785126&sct=1&seg=0&dl=https%3A%2F%2Fwww.normantranscript.com%2F&dr=https%3A%2F%2Fwww.normantranscript.com%2F&dt=WidgetTemplate&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.page_hostname=p.cityspark.com&tfd=232
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-39CWM68PTE&l=cswDataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.normantranscript.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2
api.viafoura.co/v2/www.normantranscript.com/bootstrap/ 		7 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.normantranscript.com/bootstrap/v2
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/entry/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4846:1f:94ea:f868:81bf Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
77530470f30a86f2d41db8e9482dd4f0425445e9e2c8c80f68744070c6d98dbb

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-instance-id
i-0472b46e6b46a203e
pragma
no-cache
date
Tue, 09 Jan 2024 07:25:27 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.normantranscript.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Tue, 09 Jan 2024 07:25:27 GMT
www-player.css
www.youtube.com/s/player/4fd50162/ Frame 188B 		358 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4fd50162/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/J9oVQ43j22g?enablejsapi=1&origin=https://www.normantranscript.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80f::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
297e0f30f226251ffb228a10a6b60b773fae836463e2d686b1df6b20f602b0cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.youtube.com/embed/J9oVQ43j22g?enablejsapi=1&origin=https://www.normantranscript.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 05:31:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
93254
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47439
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 02:44:34 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 07 Jan 2025 05:31:12 GMT
embed.js
www.youtube.com/s/player/4fd50162/player_ias.vflset/ja_JP/ Frame 188B 		53 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4fd50162/player_ias.vflset/ja_JP/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/J9oVQ43j22g?enablejsapi=1&origin=https://www.normantranscript.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80f::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
095b1ef40bb7748f61e916b607ea03ed8ba6675219789a0b07f7b9ed3c26555b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.youtube.com/embed/J9oVQ43j22g?enablejsapi=1&origin=https://www.normantranscript.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 08:24:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
514856
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16528
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 02:44:34 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 02 Jan 2025 08:24:30 GMT
www-embed-player.js
www.youtube.com/s/player/4fd50162/www-embed-player.vflset/ Frame 188B 		322 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/J9oVQ43j22g?enablejsapi=1&origin=https://www.normantranscript.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80f::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1691b9fe6668e680bc136a8a6bdaf2cceb06382166d6be799c295cf621ba365e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.youtube.com/embed/J9oVQ43j22g?enablejsapi=1&origin=https://www.normantranscript.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 08:24:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
514856
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98534
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 02:44:34 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 02 Jan 2025 08:24:30 GMT
base.js
www.youtube.com/s/player/4fd50162/player_ias.vflset/ja_JP/ Frame 188B 		2 MB
772 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4fd50162/player_ias.vflset/ja_JP/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/J9oVQ43j22g?enablejsapi=1&origin=https://www.normantranscript.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80f::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
352b2a476b02629ee9b7c5eac9e330956540025df13c88698ad925af49de5b28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.youtube.com/embed/J9oVQ43j22g?enablejsapi=1&origin=https://www.normantranscript.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 08:24:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
514856
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
790224
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 02:44:34 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 02 Jan 2025 08:24:30 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		195 B
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.normantranscript.com%2F&pid=b12PsA4jrK5ZT&cb=0&ws=1600x1200&v=23.1211.1645&t=1200&slots=%5B%7B%22sd%22%3A%22adb_leaderboard_atf%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22thenormantranscript%2Ftotalaudience%22%7D%2C%7B%22sd%22%3A%22adb_mediumRectangle_btf1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22thenormantranscript%2Ftotalaudience%22%7D%2C%7B%22sd%22%3A%22adb_mediumRectangle_atf%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22thenormantranscript%2Ftotalaudience%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=50a6bf9e-2e04-48d8-9da3-bf7857460c69&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.201.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-201-30.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
80d965eb342fe979d3ba43adb9b68475485c814c7f6309922692b2af09845d69

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:26 GMT
via
1.1 26fbf72f65adab1c08d1a9eed7e17cae.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
NRT57-P3
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.normantranscript.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
195
x-amz-cf-id
O9HYeUKTAtqVDKqPpVg5ynOTaYTYp-FQjb1Xw0BaT1anPYO0S3F85Q==
error
pixel.quantcount.com/tag/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.quantcount.com/tag/error
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800e:21:6c50:dbee:bef5:203d , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 09 Jan 2024 07:25:27 GMT
access-control-allow-headers
Accept, Accept-Language, Content-Type, Content-Language
content-length
0
access-control-allow-methods
POST, OPTIONS
pixel;r=1882820645;rf=0;a=p-eb6rW8CarLDWY;url=https%3A%2F%2Fwww.normantranscript.com%2F;uht=2;fpan=1;fpa=P0-1822333331-1704785126657;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;...
pixel.quantserve.com/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1882820645;rf=0;a=p-eb6rW8CarLDWY;url=https%3A%2F%2Fwww.normantranscript.com%2F;uht=2;fpan=1;fpa=P0-1822333331-1704785126657;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=normantranscript.com;dst=0;et=1704785126819;tzo=-540;ogl=type.website%2Curl.https%3A%2F%2Fwww%252Enormantranscript%252Ecom%2F%2Cimage.https%3A%2F%2Fbloximages%252Echicago2%252Evip%252Etownnews%252Ecom%2Fnormantranscript%252Ecom%2Fcontent%2Ftncms%2F%2Cimage%3Awidth.600%2Cimage%3Aheight.319%2Ctitle.normantranscript%252Ecom%20%7C%20my%20paper%252C%20my%20town%2Csite_name.Norman%20Transcript;ses=bf019db2-b93e-4a24-8f14-28c443f01e9d;mdl=
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800e:21:46d:7e81:55ff:4c12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 09 Jan 2024 07:25:26 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
www-widgetapi.js
www.youtube.com/s/player/4fd50162/www-widgetapi.vflset/ 		216 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4fd50162/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80f::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d772756f7f30b155def5b4c539d7883b69134c27e64be72d6e2fd98b37718843
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 08:26:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
514763
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68492
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 02:44:34 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 02 Jan 2025 08:26:03 GMT
/
adspsp.com/pt/1710310/1/2/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/1710310/1/2/?a=2,a2lr611qegPHxdYpLFAE,7S9I3Z5wjH&aa=01CihRyu.gN&b=1//3-2^k8`2i.qy`6y:4@540161672^k8`2i.qy`6y,5@11747827^k8`2i.qy`6y,6@6708^k8`2i,10@206470^k8`2i,33@kweVjHUGArBG6hf26MQludWF^qy`6y,33@Wzw8PTIjiCweyzaXnMKNHN27^k8`2i_5^8c`6y.8c`go:4@540161676^8c`6y,5@11747850^8c`6y,10@206473^8c`6y,33@QelwClNwBTEkTmmySB7CPYkI^8c`6y_4^8c`6y.8c`go:4@540161675^8c`6y.8c`go,5@11747838^8c`6y.8c`go,6@6708^8c`go,10@206472^8c`6y,10@206472^8c`go,33@0rzKSepXgqC5dUuQI3ZJy4I0^8c`go,33@6dS25Ty7ddFE8mVv0Zcann5W^8c`6y&bu=U296dd8e7ef475d,adb_leaderboard_atf,%2F9869277%2Fcnhi%2Fthenormantranscript%2Ftotalaudience&bu=U32f8fc4e0e8369,adb_mediumRectangle_btf1,%2F9869277%2Fcnhi%2Fthenormantranscript%2Ftotalaudience&bu=U4ff9017041e222,adb_mediumRectangle_atf,%2F9869277%2Fcnhi%2Fthenormantranscript%2Ftotalaudience&e=&c=https%3A%2F%2Fwww.normantranscript.com%2F&d=&f=1.lr611o05.1T1vg&g=1T2jw&u=f0278789:lim1hwav:3i2&v=18g.xc.0.6po.1.0&m=z&rnd=1704785126834
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.196.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-196-6.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
v1
btlr.sharethrough.com/universal/ 		496 B
681 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.117.82 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-117-82.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
da6e09b9db1512aa3e0dda1cae911c3283ba82cf1036e0f42db5f0272c50e9ae

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Jan 2024 07:25:27 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.normantranscript.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
306
v1
btlr.sharethrough.com/universal/ 		486 B
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.117.82 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-117-82.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
edabefc4a9829f06cc7de4af3f3e73eaca127a1a5bba26870446c23c6b10197c

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Jan 2024 07:25:27 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.normantranscript.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
305
v1
btlr.sharethrough.com/universal/ 		760 B
828 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.117.82 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-117-82.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
cabe9557308e3a13eae86f2b87be762fe34e5de0d1bf0a18f65d156d1df781b5

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Jan 2024 07:25:27 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.normantranscript.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
453
v1
btlr.sharethrough.com/universal/ 		633 B
783 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.117.82 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-117-82.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6aa494447f3b0b73a05eb32e516d4ae9cd74a39d5c27a2aaeec627c82e0299ef

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Jan 2024 07:25:27 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.normantranscript.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
409
v1
btlr.sharethrough.com/universal/ 		571 B
750 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.117.82 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-117-82.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
d5b384efea0a5a1a7ac9274d542c7ca9592c7665d1e16b067f801caa957e3a7d

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Jan 2024 07:25:27 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.normantranscript.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
376
pbjs
htlb.casalemedia.com/openrtb/ 		38 B
680 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=206470
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecfa0f1a6b047f7b62901c8292d5ab6a29b5327acdc0a1cc2b05b7f1cbb2b4be

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F4VJw2HyEa0Jr%2Bd%2Bl%2BG%2BzI93GoJyezwjR%2BdBe58x5c4zV8a7XtkWRWOY1teqkhojqJxee2YegUM%2B5Sprqs3iCjJJowl4sQbiR0krUCTSIcXuLAsCKEfLz7v4IfqeSvY%2BFe69470x"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.normantranscript.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
842af242cdeaaffd-NRT
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
cdb
bidder.criteo.com/ 		0
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.44.0&cb=16813899654&lsavail=1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.normantranscript.com
date
Tue, 09 Jan 2024 07:25:26 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
arj
cnhi-d.openx.net/w/1.0/ 		175 B
588 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cnhi-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.normantranscript.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-540&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=956f6c18-124f-40b3-aa93-f90246528beb%2C37a969b0-705f-4a13-bd4b-c351330dc7cb%2C164692f6-607d-4a56-8b44-c992df4c5fad&nocache=1704785126840&sua=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%7D&gdpr_consent=&gdpr=0&aus=728x90%2C970x250%7C300x250%2C300x600%7C300x250%2C300x600&divids=adb_leaderboard_atf%2Cadb_mediumRectangle_btf1%2Cadb_mediumRectangle_atf&aucs=%252F9869277%252Fcnhi%252Fthenormantranscript%252Ftotalaudience%2523adb_leaderboard_atf%2C%252F9869277%252Fcnhi%252Fthenormantranscript%252Ftotalaudience%2523adb_mediumRectangle_btf1%2C%252F9869277%252Fcnhi%252Fthenormantranscript%252Ftotalaudience%2523adb_mediumRectangle_atf&auid=540161672%2C540161676%2C540161675&aumfs=50%2C50%2C50
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
55b133a4c0c031b61df5e33c9d3dc5845590ed3cc4ff4eee80a47f0705a00b5d

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:27 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.normantranscript.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		366 B
936 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.179 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
9e376f2f667dc414fbb123cc230df7ec0f4633ef0c8eb360e973d65988c9bfc3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:27 GMT
an-x-request-uuid
077080b8-9cb9-44a9-a526-475f12ce925a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.normantranscript.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
146.70.201.212; 146.70.201.212; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
366
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
skeleton.gif
static.adsafeprotected.com/ 		43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?adunitid=pqxovk&adnum=492471
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2163:3600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 17:29:44 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront)
x-amz-cf-pop
HIO50-C1
age
2469344
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
v3l_1tytH23qZYx_bT1gFzB4dnr1w0HHisLz0KAKwCJKfpoFossz4A==
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=cnhi.com&p=%2F&u=CY8f12CKAhu9IEX5o&d=normantranscript.com&g=34377&g0=thenormantranscript&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=9165&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.normantranscript.com%2F&b=3395&t=DJ-osaInbWvC6b3IenNv-dNnVOJ&V=143&i=normantranscript.com%20%7C%20my%20paper%2C%20my%20town&tz=-540&sn=1&sv=D7ybVvCipF7ttscp0hwYtvBo39EE&sr=external&sd=1&im=061b2ffa&_
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.83.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-83-82.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 09 Jan 2024 07:25:27 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
id
googleads.g.doubleclick.net/pagead/ Frame 188B
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/J9oVQ43j22g?enablejsapi=1&origin=https://www.normantranscript.com
Protocol
H2
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11b82cecfd07afec721855a27971b252588132cdaa39cba64f8f3487e00bb177
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 09 Jan 2024 07:25:27 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 188B 		29 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2006 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:15:51 GMT
x-content-type-options
nosniff
age
576
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 Jan 2024 07:30:51 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:818::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 09 Jan 2024 07:25:27 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 188B 		87 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/ja_JP/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:818::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4102ae3280be0b8e48f58421b5fe7ca55835bb2ecdc2844c36420a4df081fa87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Tue, 09 Jan 2024 07:25:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41003
x-xss-protection
0
remote.js
www.youtube.com/s/player/4fd50162/player_ias.vflset/ja_JP/ Frame 188B 		117 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4fd50162/player_ias.vflset/ja_JP/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/ja_JP/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80f::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf8d3fa14b5d47adf87dd8d04c38bc21ed32ee69120e25bc97ba9e051a150c52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.youtube.com/embed/J9oVQ43j22g?enablejsapi=1&origin=https://www.normantranscript.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 08:24:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
514856
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33721
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 02:44:34 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 02 Jan 2025 08:24:31 GMT
sLx6qsRU46GEe0D3YqweyWcV0efz1f9DxDQkuEUxY-c.js
www.google.com/js/th/ Frame 188B 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/sLx6qsRU46GEe0D3YqweyWcV0efz1f9DxDQkuEUxY-c.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/ja_JP/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0bc7aaac454e3a1847b40f762ac1ec96715d1e7f3d5ff43c43424b8453163e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 07:26:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
518328
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19840
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Jan 2025 07:26:39 GMT
sddefault.webp
i.ytimg.com/vi_webp/J9oVQ43j22g/ Frame 188B 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/J9oVQ43j22g/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/J9oVQ43j22g?enablejsapi=1&origin=https://www.normantranscript.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2016 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0cd38dba0d957333cd373f3720f3c464ae4f11e7b4a4b05f336307badc85b1d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:10:30 GMT
x-content-type-options
nosniff
age
897
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18898
x-xss-protection
0
server
sffe
etag
"1704173927"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 09 Jan 2024 09:10:30 GMT
liveView.php
live.primis.tech/live/ 		47 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=105129&cbuster=1704785127081&pubUrl=https%3A%2F%2Fwww.normantranscript.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221e:e000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0aef24482aa52dfa1ffd5b0ff672eb4720c79d551b24ebdb00e333b4a4d9c351

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:26 GMT
content-encoding
gzip
via
1.1 9bd7c2eb9edb3030488f847c2b13f76c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
KIX50-P2
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
He2Rb6DwjWDmqItia_STy_wLhXfUfbqt4a7s0JUwXORZu2MczCdOMw==
config.js
cdn.confiant-integrations.net/yjsuMg1kkWeWHf5qo2WHhexYOVs/gpt_and_prebid/ 		126 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/yjsuMg1kkWeWHf5qo2WHhexYOVs/gpt_and_prebid/config.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNNWDH2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:90a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f81e0dddd996992e9b1eef330fa1dd556d2336c6eee267ebc1ff0b7c585f42a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 09 Jan 2024 07:13:19 GMT
server
cloudflare
x-amz-request-id
AB2E59P2RMMP7RBW
age
658
etag
W/"ed8be615b788beab3ecb50f3827bf5be"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
842af2445d09afca-NRT
alt-svc
h3=":443"; ma=86400
x-amz-id-2
uBCSg3bAZUJUMZ2rRfl3BMydaYCOBbXVyy40ucg7iOynMY7fXVhe+jyW2HEcYMxy01iyNBU3Yu4=
truncated
/ Frame 188B 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
kBWBJS7FpLYLbaH24ySn9lBx5UkjOEOPgmbbcAeHtYIVW2BFaZ01ZAZjnRpRcRQcRVUHUUKT=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 188B 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/kBWBJS7FpLYLbaH24ySn9lBx5UkjOEOPgmbbcAeHtYIVW2BFaZ01ZAZjnRpRcRQcRVUHUUKT=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/J9oVQ43j22g?enablejsapi=1&origin=https://www.normantranscript.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
68d87b31fdd2f187a610cd3d2be726163098788393b36fcd86c6a857d2f6c6f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 04:20:16 GMT
x-content-type-options
nosniff
age
11111
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4689
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 10 Jan 2024 04:20:16 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 188B 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/J9oVQ43j22g?enablejsapi=1&origin=https://www.normantranscript.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 06:58:31 GMT
x-content-type-options
nosniff
age
347216
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 Jan 2025 06:58:31 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 188B 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/J9oVQ43j22g?enablejsapi=1&origin=https://www.normantranscript.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 23:16:56 GMT
x-content-type-options
nosniff
age
374911
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Jan 2025 23:16:56 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		195 B
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.normantranscript.com%2F&pid=b12PsA4jrK5ZT&cb=1&ws=1600x1200&v=23.1211.1645&t=1200&slots=%5B%7B%22sd%22%3A%22adb_mediumRectangle_btf2_flex%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22thenormantranscript%2Ftotalaudience%22%7D%2C%7B%22sd%22%3A%22adb_leaderboard_mid%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22thenormantranscript%2Ftotalaudience%22%7D%2C%7B%22sd%22%3A%22adb_mediumRectangle_btf3_flex%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22thenormantranscript%2Ftotalaudience%22%7D%2C%7B%22sd%22%3A%22adb_leaderboard_btf%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22thenormantranscript%2Ftotalaudience%22%7D%2C%7B%22sd%22%3A%22adb_floorboard%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22thenormantranscript%2Frichmedia%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=50a6bf9e-2e04-48d8-9da3-bf7857460c69&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.201.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-201-30.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
34d3c6a74f2f31ebc5f688af092fa4e6c55f6951e3a5e92e264589b6b1d4af3b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:26 GMT
via
1.1 26fbf72f65adab1c08d1a9eed7e17cae.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
NRT57-P3
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.normantranscript.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
195
x-amz-cf-id
l_Nf8bwvMGBe8wrTKZlP23Q-BZceuYjdreBNBVWO8FEFSormCwF4eQ==
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:818::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 09 Jan 2024 07:25:27 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 188B 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/ja_JP/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:818::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9aa6d9a63772c706b73ddbad4fdbe60f9c9bf2c5592a25880e85b48a4a4ba287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Tue, 09 Jan 2024 07:25:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
/
adspsp.com/pt/1710310/1/2/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/1710310/1/2/?a=2,a2lr611qegPHxdYpLFAE,7S9I3Z5wjH&aa=01CihRyu.gN&b=2//5-6^8c`6y.8c`go:4@540161677^8c`6y,5@11747857^8c`6y,10@206474^8c`6y,33@RdDNDHspumwjeZ0rUNnd0pI3^8c`6y_14^k8`2i.qy`6y:4@540161674^k8`2i.qy`6y,5@12812950^k8`2i.qy`6y,6@6708^k8`2i,6@6708^qy`6y,10@213819^k8`2i,10@213819^qy`6y,33@ccVECva4DSFcmufUCsC4hRze^qy`6y,33@RhAhHL3X0jLoZaEznwQUyb71^k8`2i,172@CNHI^k8`2i.qy`6y_7^8c`6y.8c`go:4@540161678^8c`6y.8c`go,5@11747862^8c`6y.8c`go,6@6708^8c`go,10@206475^8c`6y,10@206475^8c`go,33@dud0WW7nNOo36hYmTXQelFuy^8c`6y,33@GHSbYsaobKCFcdXjiEKcq6Z3^8c`go_3^k8`2i:4@540161673^k8`2i,5@11747832^k8`2i,6@6708^k8`2i,6@6708^qy`6y,10@206471^k8`2i,10@206471^qy`6y,33@PDDWminnzbApknGlqgkxpZCm^k8`2i,172@CNHI^k8`2i_11^qy`2i.k8`2i:4@540327076^qy`2i.k8`2i,5@11908123^qy`2i.k8`2i,6@6708^k8`2i,6@6708^qy`2i,10@302372^k8`2i,10@302373^qy`2i,33@4toHxb5i3eKGPsfolJ10gLL8^k8`2i,33@ZKnbpUBWqDmzqbvOMugL6P14^qy`2i&bu=U437129712f5ca35,adb_mediumRectangle_btf2_flex,%2F9869277%2Fcnhi%2Fthenormantranscript%2Ftotalaudience&bu=U466a466e8718a55,adb_leaderboard_mid,%2F9869277%2Fcnhi%2Fthenormantranscript%2Ftotalaudience&bu=U47b5bcee3def621,adb_mediumRectangle_btf3_flex,%2F9869277%2Fcnhi%2Fthenormantranscript%2Ftotalaudience&bu=U486e41c87c3e4d1,adb_leaderboard_btf,%2F9869277%2Fcnhi%2Fthenormantranscript%2Ftotalaudience&bu=U49dc833a349efc1,adb_floorboard,%2F9869277%2Fcnhi%2Fthenormantranscript%2Frichmedia&e=&c=https%3A%2F%2Fwww.normantranscript.com%2F&d=&f=1.lr611o05.1T1vg.2T2k7&g=2T2v5&u=f0278789:lim1hwav:3i2&v=18g.xc.0.6zs.1.0&m=z&rnd=1704785127238
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.196.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-196-6.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
prebid
bids.concert.io/bids/ 		22 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bids.concert.io/bids/prebid
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.126.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.126.117.34.bc.googleusercontent.com
Software
Google Frontend / Express
Resource Hash
55aabd4f133660977420281f291a1ed0c58714a47679738bdaad2e8d59c31004

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Jan 2024 07:25:28 GMT
via
1.1 google
x-lat-long
35.609197,139.730336
x-powered-by
Express
x-region
JP
x-city
Shinagawa City
x-cipher-suite
1301
content-length
22
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-response-time
732.336ms
x-tls-version
TLSv1.3
server
Google Frontend
etag
W/"16-6cDG702lpKxhI09DG03JuPCfUBY"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.normantranscript.com
x-cloud-trace-context
56ff37aae5ab25ddec05ad2a3f6c30ac/10141800631695121122
access-control-allow-credentials
true
x-region-subdivision
JP13
pbjs
htlb.casalemedia.com/openrtb/ 		39 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=206474
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ac5edcb9ae69565b769808cfe4eac00defaf66a6f15f07cc9092c77ef1b3526

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CcNNQ7tG3T49vrcnJ7eX5pDYpOmd9pJ8NofbWhd4hDYxyDU69xy9fbGrOwAcIUGcvLgpaEREdEPUVKY8S6yWNy3naQyWfuR3kP6aVtK1IgpJ00xxSFX6xMQ51pkQ7tRz1%2FTPd4L9"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.normantranscript.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
842af24548bcaffd-NRT
alt-svc
h3=":443"; ma=86400
content-length
39
expires
0
arj
cnhi-d.openx.net/w/1.0/ 		175 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cnhi-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.normantranscript.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-540&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=2b0f3c25-cad1-451f-a925-5c6daabc465e%2C4f97aae6-3aef-4cf5-9f31-6b8d7ad59a6c%2Cf819646d-71d3-44f3-a66d-5c800c442714%2C5ec92cfb-624a-4d6d-9868-783b5496641d%2Cdd4bcdcd-fa32-422d-91f7-1e5b5b42a0f5&nocache=1704785127242&sua=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%7D&gdpr_consent=&gdpr=0&aus=300x250%2C300x600%7C728x90%2C970x250%7C300x250%2C300x600%7C728x90%7C970x90%2C728x90&divids=adb_mediumRectangle_btf2_flex%2Cadb_leaderboard_mid%2Cadb_mediumRectangle_btf3_flex%2Cadb_leaderboard_btf%2Cadb_floorboard&aucs=%252F9869277%252Fcnhi%252Fthenormantranscript%252Ftotalaudience%2523adb_mediumRectangle_btf2_flex%2C%252F9869277%252Fcnhi%252Fthenormantranscript%252Ftotalaudience%2523adb_leaderboard_mid%2C%252F9869277%252Fcnhi%252Fthenormantranscript%252Ftotalaudience%2523adb_mediumRectangle_btf3_flex%2C%252F9869277%252Fcnhi%252Fthenormantranscript%252Ftotalaudience%2523adb_leaderboard_btf%2C%252F9869277%252Fcnhi%252Fthenormantranscript%252Frichmedia%2523adb_floorboard&auid=540161677%2C540161674%2C540161678%2C540161673%2C540327076&aumfs=50%2C50%2C50%2C50%2C50
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
2fbc10e16e9384c6f4b0fa46680c89b8d73f5c272ebae1758d70a85bc696ce2e

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:27 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.normantranscript.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		594 B
859 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.179 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
95a489fbeb19799c23f7e1eaf7a33dfb5b11e9d84aea469183532ce37e6afb37
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:27 GMT
content-encoding
gzip
an-x-request-uuid
405a5bad-d17c-4838-a933-b94d0431188a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.normantranscript.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
146.70.201.212; 146.70.201.212; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
btlr.sharethrough.com/universal/ 		643 B
781 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.117.82 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-117-82.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
211210d86c4464e05cff3fd6e81bdabc01f867f421b58dae107e303eaf729f1d

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Jan 2024 07:25:27 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.normantranscript.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
406
v1
btlr.sharethrough.com/universal/ 		619 B
769 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.117.82 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-117-82.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
fb9a1063cffa29e113b1cedbe8b0dd20fe7ca44e016828775893dba977014e50

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Jan 2024 07:25:27 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.normantranscript.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
394
v1
btlr.sharethrough.com/universal/ 		585 B
757 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.117.82 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-117-82.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
8e429746559df6094ea6f6f9df774073a22685d233877a00867550317cd21577

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Jan 2024 07:25:27 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.normantranscript.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
382
v1
btlr.sharethrough.com/universal/ 		498 B
688 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.117.82 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-117-82.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
1ba6f98b55dbd4daee23962aeff7775ed48ede7d12d8134dabae34a4d88b088c

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Jan 2024 07:25:27 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.normantranscript.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
313
v1
btlr.sharethrough.com/universal/ 		551 B
716 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.117.82 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-117-82.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
b5e658cbfac283a4d47e96d45ce03e0b2a7d71f2b4e33f9109ce6d2357d51c2f

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Jan 2024 07:25:27 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.normantranscript.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
341
v1
btlr.sharethrough.com/universal/ 		439 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.117.82 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-117-82.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
c9a5dae3162a4eb28317f33c2f3c4272c24c88a6a072a75e638b5f9573442893

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Jan 2024 07:25:27 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.normantranscript.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
280
v1
btlr.sharethrough.com/universal/ 		508 B
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.117.82 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-117-82.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
28ec26c776da41d6544fbe506dcad63aae6519f8b46ad0b9c9964560bd55aabd

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Jan 2024 07:25:27 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.normantranscript.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
343
v1
btlr.sharethrough.com/universal/ 		417 B
652 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.117.82 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-117-82.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
59f8712d636ce9a4925aa0f58d97dd89715441e4d01caf74ddbbc6262dd228ad

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Jan 2024 07:25:27 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.normantranscript.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
277
cdb
bidder.criteo.com/ 		0
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.44.0&cb=25922539064&lsavail=1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.normantranscript.com
date
Tue, 09 Jan 2024 07:25:27 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
iu3
s.amazon-adsystem.com/ Frame 9217
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-Azerion_n-baidu_n-Beeswax_ox-db5_smrt
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-Azerion_n-baidu_n-Beeswax_ox-db5_smrt&dcc=t
365 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-Azerion_n-baidu_n-Beeswax_ox-db5_smrt&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
277f75dffe72f9c7a8e666c710bc932d1675da3329854edd9d86545c748d934c
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.normantranscript.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
365
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 09 Jan 2024 07:25:27 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
N2HS7R893FS2YKMBSD23

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Tue, 09 Jan 2024 07:25:27 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-Azerion_n-baidu_n-Beeswax_ox-db5_smrt&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
YMTN67X9M5ZGPPAT3PTP
ads
securepubads.g.doubleclick.net/gampad/ 		142 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=106974496560352&correlator=4351546556738601&eid=31077976%2C31080297&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=9869277%2Ccnhi%2Cthenormantranscript%2Cweatherhousead%2Clargevideoplayer%2Creveal%2Ctotalaudience&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5%2C%2F0%2F1%2F2%2F6%2C%2F0%2F1%2F2%2F6%2C%2F0%2F1%2F2%2F6&prev_iu_szs=120x60%2C120x60%2C120x60%2C1x1%2C1x1%2C728x90%7C970x250%2C300x250%2C300x250%7C300x600&ifi=1&sfv=1-0-40&fsbs=1%2C1%2C1%2C1%2C1%2C1%2C1%2C1&ists=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704785127277&lmt=1704759735&adxs=145%2C1190%2C1350%2C150%2C150%2C120%2C120%2C1180&adys=72%2C4022%2C4022%2C8977%2C8977%2C176%2C1831%2C427&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C3%7C4%7C0%7C5%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.normantranscript.com%2F&vis=1&psz=433x0%7C300x0%7C300x0%7C1360x734%7C1360x734%7C1360x50%7C300x10%7C300x10&msz=120x0%7C120x0%7C120x0%7C1x-1%7C1310x0%7C1360x40%7C300x0%7C300x0&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=2123531324.1704785126&ga_sid=1704785127&ga_hid=719282103&ga_fc=true&dlt=1704785125375&idt=759&prev_scp=pos%3Datf%26adb_imp%3D1%7Cpos%3Dbtf1%26adb_imp%3D1%7Cpos%3Dbtf2%26adb_imp%3D1%7Cadb_imp%3D1%7Cadb_imp%3D1%7Cpos%3Datf%26amznbid%3D2%26amznp%3D2%26adb_imp%3Dlzyes%2C1%26adb_bdr%3Dnone%7Cpos%3Dbtf1%26amznbid%3D2%26amznp%3D2%26adb_imp%3Dlzno%2C1%26adb_bdr%3Dnone%7Cpos%3Datf%26amznbid%3D2%26amznp%3D2%26adb_imp%3Dlzyes%2C1%26adb_bdr%3Dnone&cust_params=section%3Dhomepage&adks=3820754921%2C256282515%2C256282516%2C4049892917%2C2937619446%2C3944135043%2C2636544630%2C1574365208&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b7d1c70e7f5b4c6e57077123537f6002f64bdcf9df8314eaefd083469e4ba17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:27 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22192
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,-2,6459321091,4546508615,4546028776
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,-2,138459989994,138260249438,138260249495
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.normantranscript.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d631796cb912d060e1c81f291b4f78a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 18CA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d631796cb912d060e1c81f291b4f78a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81c::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.normantranscript.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 09 Jan 2024 07:25:27 GMT
expires
Wed, 08 Jan 2025 07:25:27 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 188B 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/ja_JP/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Jan 2024 07:25:27 GMT
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202310231203/ 		264 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/yjsuMg1kkWeWHf5qo2WHhexYOVs/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:90a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Oct 2023 16:04:16 GMT
server
cloudflare
x-amz-request-id
NKF3QSH0JFSB55DB
age
5046323
etag
W/"866ce4ef9ef41c261f6060e4f642bb88"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
842af245ae42afca-NRT
alt-svc
h3=":443"; ma=86400
x-amz-id-2
lRM3YxOLbhEN2JagsLSzZms7dwMJSYPyCsgQcqljcTXpAoPGUSVQkmjwgyDqSZFQsHs4xKtyHX4=
diberp-tcx-v7.13.0.js
www.americanhometownmedia.com/static/ 		328 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.58.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.58.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c02ccf4ffd38f6e1602a17e22029a37e1827a19cc5b202d5268c4f9c9336a38d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 10:40:19 GMT
content-encoding
gzip
age
247508
x-guploader-uploadid
ABPtcPrmCiltOzvOyelnvcVkHml7dJEGg6fnOddYuz2VynKuUMz80cAzbcBIGCWt3oucSo8KTeDn0YtbGsQG-KmbuhUd4u4LMSYB
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104504
last-modified
Mon, 29 Aug 2022 14:20:21 GMT
server
UploadServer
etag
"f085c7609fb7c47fb72fd768d721373e"
vary
Accept-Encoding,Origin
x-goog-generation
1661782821233427
x-goog-hash
crc32c=qwVX7w==, md5=8IXHYJ+3xH+3L9do1yE3Pg==
content-type
text/javascript
cache-control
public, max-age=31536000
x-goog-stored-content-length
104504
accept-ranges
bytes
expires
Sun, 05 Jan 2025 10:40:19 GMT
/
adspsp.com/pt/1710310/11/3/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/1710310/11/3/?a=2,a2lr611qegPHxdYpLFAE,7S9I3Z5wjH&aa=01CihRyu.gN&b=0,1,2,3,4,5:6,7,,5J:8,9,,5O:a,b,,1X:c,d,,4X:e,f,,7q:e,g,,7q&b=0,1,8,h,i,5:6,j,,5J:8,k,,5O:c,l,,4X:e,m,,7q&b=0,1,6,n,o,5:6,p,,5M:8,q,,5O:a,b,,1Y:c,r,,4X:c,r,,4X:e,s,,7q:e,t,,7q&bi=1,A15e1c7636632bd7,2,U296dd8e7ef475d,adb_leaderboard_atf,%2F9869277%2Fcnhi%2Fthenormantranscript%2Ftotalaudience,4,540161672,5,11747827,6,6708,10,206470,33,kweVjHUGArBG6hf26MQludWF,Wzw8PTIjiCweyzaXnMKNHN27,U32f8fc4e0e8369,adb_mediumRectangle_btf1,540161676,11747850,206473,QelwClNwBTEkTmmySB7CPYkI,U4ff9017041e222,adb_mediumRectangle_atf,540161675,11747838,206472,0rzKSepXgqC5dUuQI3ZJy4I0,6dS25Ty7ddFE8mVv0Zcann5W&e=&c=https%3A%2F%2Fwww.normantranscript.com%2F&d=&f=1.lr611o05.1T1vg.2T2k7&g=2T2x9&u=f0278789:lim1hwav:3i2&v=18g.xc.0.75c.1.0&m=z&rnd=1704785127314
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.196.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-196-6.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
generate_204
www.youtube.com/ Frame 188B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?yzH_VQ
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/J9oVQ43j22g?enablejsapi=1&origin=https://www.normantranscript.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80f::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.youtube.com/embed/J9oVQ43j22g?enablejsapi=1&origin=https://www.normantranscript.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
all
notifications.viafoura.co/v5/notifications/00000000-0000-4000-8000-ccf03dc2fd3e/ 		36 B
230 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://notifications.viafoura.co/v5/notifications/00000000-0000-4000-8000-ccf03dc2fd3e/all
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/entry/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.227.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-227-39.compute-1.amazonaws.com
Software
/
Resource Hash
b6dc85459fbb9d03f478d91eae99e6627e04c8f805b08e4b97423ffbc3870d9d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://www.normantranscript.com
date
Tue, 09 Jan 2024 07:25:27 GMT
content-encoding
gzip
access-control-allow-credentials
true
content-length
59
content-type
application/json; charset=utf-8
liveView.php
live.primis.tech/live/ Frame BFCA 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=105129&cbuster=1704785127081&pubUrl=https%3A%2F%2Fwww.normantranscript.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1&cbuster=1704785127&pubUrlAuto=https%3A%2F%2Fwww.normantranscript.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105129&cbuster=1704785127081&pubUrl=https%3A%2F%2Fwww.normantranscript.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221e:e000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
78bf72d4f4eafed73c424067e1c479bc0b41533f1ed6e503ffa2656e08131edc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:27 GMT
content-encoding
gzip
via
1.1 9bd7c2eb9edb3030488f847c2b13f76c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
KIX50-P2
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
wQC1ibcAjsiyNrwJpMyydHG_RptknYk4Uz1ZYu68L_BGROlNe0xmig==
cast_sender.js
www.gstatic.com/eureka/clank/120/ Frame 188B 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/120/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 16:05:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55208
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14705
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 15:04:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Tue, 09 Jan 2024 16:05:19 GMT
44362eddca9f8ecdda15e460419ebdac126d7a1feb57ca
bandborder.com/submit/fb1bfe/ 		299 B
326 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bandborder.com/submit/fb1bfe/44362eddca9f8ecdda15e460419ebdac126d7a1feb57ca
Requested by
Host: bandborder.com
URL: https://bandborder.com/v2/0/hucWYtYmXNDY8Xvn6T1ArabvKrJjfzlY-MI07JbSCPWxMglTzVaXTxl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:636d::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0fc95a4154bb5d8b3c2f37ce62f147ff7b8502de6322c9e8fe4d872505dc35e0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Tue, 09 Jan 2024 07:25:27 GMT
via
1.1 google
x-buildnumber
1072352451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
299
x-datacenter
gce-asia-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.normantranscript.com
x-hostname
fen-hoothoot-asia-east1-spot-bvvt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Tue, 09 Jan 2024 07:25:26 GMT
deflate.min.js
live.primis.tech/main/js/ Frame BFCA 		13 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/main/js/deflate.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105129&cbuster=1704785127081&pubUrl=https%3A%2F%2Fwww.normantranscript.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1&cbuster=1704785127&pubUrlAuto=https%3A%2F%2Fwww.normantranscript.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:221e:e000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
407a567abfabf78843c1dfe24457bb650325d8f93e9396a00ce686172756244f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:27 GMT
content-encoding
gzip
via
1.1 c8ced8ee22fad477549815ea371867b2.cloudfront.net (CloudFront)
last-modified
Tue, 15 Aug 2023 09:50:11 GMT
server
nginx
x-amz-cf-pop
KIX50-P2
etag
W/"64db4a53-3217"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
FTanP3Gyf2HFLGtyCG1FuyUb4ER4qTNqPeP8KdPRA5RWZWwqillCsQ==
omweb-v1.min.js
live.primis.tech/content/omid/static/ Frame BFCA 		39 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/omid/static/omweb-v1.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105129&cbuster=1704785127081&pubUrl=https%3A%2F%2Fwww.normantranscript.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1&cbuster=1704785127&pubUrlAuto=https%3A%2F%2Fwww.normantranscript.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:221e:e000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
01172e9ac9330920e66e282d2d77ed1ae863bbab08aec27b168e8d3c82d50c18

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:26 GMT
content-encoding
gzip
via
1.1 c8ced8ee22fad477549815ea371867b2.cloudfront.net (CloudFront)
last-modified
Mon, 07 Aug 2023 08:33:09 GMT
server
nginx
x-amz-cf-pop
KIX50-P2
etag
W/"64d0ac45-9c3c"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
eOdUlPTec3Yw097N6C5Bttu8bHkkcrkEfwSApxhjPec6GxuhQXNiHA==
omid-session-client-v1.js
live.primis.tech/content/omid/static/ Frame BFCA 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/omid/static/omid-session-client-v1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105129&cbuster=1704785127081&pubUrl=https%3A%2F%2Fwww.normantranscript.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1&cbuster=1704785127&pubUrlAuto=https%3A%2F%2Fwww.normantranscript.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:221e:e000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0804a138d2373d667829f97ef1789c8563ed2730275ef0a6aba5facb75b29a85

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:27 GMT
content-encoding
gzip
via
1.1 c8ced8ee22fad477549815ea371867b2.cloudfront.net (CloudFront)
last-modified
Mon, 07 Aug 2023 08:33:09 GMT
server
nginx
x-amz-cf-pop
KIX50-P2
etag
W/"64d0ac45-1013e"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
tC4nDeDCnil9TxBUQ4SfBsO-hg4dF72WIO0jt2KlCK4Zs59d_h8tQA==
hls.0.12.4_3.min.js
live.primis.tech/content/video/hls/ Frame BFCA 		258 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105129&cbuster=1704785127081&pubUrl=https%3A%2F%2Fwww.normantranscript.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1&cbuster=1704785127&pubUrlAuto=https%3A%2F%2Fwww.normantranscript.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:221e:e000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:27 GMT
content-encoding
gzip
via
1.1 c8ced8ee22fad477549815ea371867b2.cloudfront.net (CloudFront)
last-modified
Wed, 23 Mar 2022 12:48:40 GMT
server
nginx
x-amz-cf-pop
KIX50-P2
etag
W/"623b1728-409bc"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
AUWkOIkcIh_Ud1g9qqM4yg5Q7vUH6ZaohCl1usqnvac0IwAtJmbmjA==
expires
Wed, 08 Jan 2025 07:25:27 GMT
prebidVid.7.16.0_19.min.js
live.primis.tech/content/prebid/ Frame BFCA 		552 KB
276 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105129&cbuster=1704785127081&pubUrl=https%3A%2F%2Fwww.normantranscript.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1&cbuster=1704785127&pubUrlAuto=https%3A%2F%2Fwww.normantranscript.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:221e:e000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9bbc75a0a2b151cd0d0695a5e2096cb0655302daecb12241849319087b419f46

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:27 GMT
content-encoding
gzip
via
1.1 c8ced8ee22fad477549815ea371867b2.cloudfront.net (CloudFront)
last-modified
Thu, 14 Dec 2023 13:16:47 GMT
server
nginx
x-amz-cf-pop
KIX50-P2
etag
W/"657b003f-8a1f4"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
0qlyzOnEVfoPm8kQ0rNNq8lNVbJJ9cnvWnm3R2s8DiwqADrGPUsF7A==
expires
Wed, 08 Jan 2025 07:25:27 GMT
liveVideo.php
live.primis.tech/live/ Frame BFCA 		633 KB
245 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D30312D30395F30397D7B7331353038393436337D7B433136367D7B53643364334C6D3576636D3168626E52795957357A59334A7063485175593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=2001%3Aac8%3A40%3A1e%3A%3A2e&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.129+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1704785127&csuuid=659cf4e72c63f&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.normantranscript.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=0&gdprConsent=&contentFeedId=&geoLati=35.6164&geoLong=139.7425&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.normantranscript.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105129&cbuster=1704785127081&pubUrl=https%3A%2F%2Fwww.normantranscript.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1&cbuster=1704785127&pubUrlAuto=https%3A%2F%2Fwww.normantranscript.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:221e:e000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
865525990fe55a62560434349db37168481f0182b78d673686837d27aa9fdc49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:27 GMT
content-encoding
gzip
via
1.1 c8ced8ee22fad477549815ea371867b2.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
KIX50-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
uQFUNug21LHTWjhzu30qzGKDUx0_VvOaUPPs-GB2NTE17MTC7PwTTQ==
66e7db0ec66f9b9e26b27e332d7fb403e4c17e46f83
bandborder.com/e36724210/ 		3 B
29 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bandborder.com/e36724210/66e7db0ec66f9b9e26b27e332d7fb403e4c17e46f83
Requested by
Host: bandborder.com
URL: https://bandborder.com/v2/0/hucWYtYmXNDY8Xvn6T1ArabvKrJjfzlY-MI07JbSCPWxMglTzVaXTxl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:636d::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Tue, 09 Jan 2024 07:25:27 GMT
via
1.1 google
x-buildnumber
1072352451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-asia-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.normantranscript.com
x-hostname
fen-hoothoot-asia-east1-spot-bvvt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Tue, 09 Jan 2024 07:25:26 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame CD8B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZ_jQPAPEPeaKKnoquz-dmUyKsuxaYw51pSuorH5wwzHnyIGX7X-tsIoUWmkLKGPkR95FwARjU6A0T-4ZZGri2Xb9Zbjp4tR71ZqK5hQyRVVfDfAcNPpVSeFs3gMtOVwhzFbGpPNkO4l_0F99xUuSqtG8WjhTZRWL33mLKwh6ZmyYDA8ujVLWkB_v4UBx7DkMZqAnAHVcMELzRmj9iY2_xzppfXUaCmwfy5v5FeAuiI8YDIcGu7miHjT1mZ8O8J8Ujoja2w0AfXRX7wKj1oNzS0f4TAA7HLlf7UYN7g-01MZBIYppc7I7iVW199lqhR-SWevXzypjSzFpwEq3aBQIPn5NjQZxjcyImjXyFoILCpXhaguW3atX-GFglbmbXdtivX3e5VwHZ-f02_pL3rfpvi2SILTZGpE7W&sai=AMfl-YQBe7981mEDgM49mgFZrwllisjwIfQg7sQP7O3xm4afI7aradBFn-E9T1KGhupU9C8AHidihnoLuA5Ygcef_3JQXB79G6fAMP3hIaOTUZbLYLGP7lyEFdeUhiDVhTbRrSEoOJcHWzzF0RJRJe_EHtPI&sig=Cg0ArKJSzFhMuBzzApGQEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 09 Jan 2024 07:25:27 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/ Frame CD8B 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 20:49:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
38159
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Jan 2024 20:49:28 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame CD8B 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704717871404979"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Jan 2024 07:25:27 GMT
18307748133012792520
tpc.googlesyndication.com/simgad/ Frame CD8B 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/18307748133012792520
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06c8415b23b653a57a7ed63581eaf397ede027ae2252c29eb485b79e423c0eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Tue, 09 Jan 2024 07:25:27 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22462
x-xss-protection
0
last-modified
Tue, 09 May 2023 18:39:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 08 Jan 2025 07:25:27 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8E78 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMJLkZZSkuiAkNvIAnxDbjzdKzNuhTxcQ23BjI8m4vaQDyXA-GVGF35q919vYzgbJoecMID86yS1In942SF4-rfWsfj1avSR7VwaU4_mrD3uTUsV2eXBGkU5Qg_qf6As-H3YQ6_E5AWjcVbCDGhnMWxIHTjgA5W-ADrjV6nUlFISLqdt5JPRycdo8XqTkzTgq0hMZ9hfiJKyMh0mhMuajPHWy5mjSzR6OKAxJCKYrXlBGY8QZJR6o44egu0mTXbdHH-ws9lLgK8lkkOr0tWjPwxQucRdLmLngr0OzC7oZPs5DI5k1KEp-ezoGzIzcV8w2FQlnT22BzC6-AmXyXFCo6SFvlMNK0vaN7r0b21xdqKT-7UzoqAesikrzEOOJeqzB0JCry_AoeYwYF3ikPv0CA5F9IQrEQ-5DzjsG86MROiLdNB_etR3w&sai=AMfl-YTkb3NnbOHqrCnSHThjw58-uTjBKi4q4OkDmYlJ_7uJPmrMDsOYn2GNZlbaXGQog4dZ9MLOfOpGBnqxsL4d1g6dhDhFjWkl0gLVw91k1cSRTVf4JuTF1vCCCJy9zgbpkqxNKNeYzzMwakM2PkSPxueU&sig=Cg0ArKJSzLb7WMCzZIUXEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 09 Jan 2024 07:25:27 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/ Frame 8E78 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 20:49:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
38159
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Jan 2024 20:49:28 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 8E78 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704717871404979"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Jan 2024 07:25:27 GMT
6515262723969441314
tpc.googlesyndication.com/simgad/ Frame 8E78 		108 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6515262723969441314
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a41bd7159c8860f14829ed9beb02a24e7946983e5ab1ab81bf8924e87b341561
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Mon, 06 Jan 2025 12:35:06 GMT
date
Sun, 07 Jan 2024 12:35:06 GMT
x-content-type-options
nosniff
age
154221
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110929
x-xss-protection
0
last-modified
Sat, 16 Feb 2019 22:37:19 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
view
securepubads.g.doubleclick.net/pcs/ Frame 7BBD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNSB04NilxqliKLd7GZ8LqExocHIYGWmxBG59682Z4RBUfIyCvO5ewgmATVHmxh8kXAbcx3WIiyRkz7nYFPgT4SGyIpyVFyugBb5zHrf8ppj9U8npf7fX5j1UDg1GQ9Bjj6WUetE3az48H37Qudm91J87lfOvy6LtOcqyITtiac0ZGLUCI1M3jtwcO0OoCohlT4Z00eIige_jFJUmf_uyYRPeO1dzn1QVGxCJ5QO18a9R_Xy_u39qcm06oUi-0CGewcCjVreee-d5Lqide-3uE0aOFd6uG7VZj1ew3aHIt-2hIVBKGK_qduepTuSkyxyy3jS-y6s_7zVpJ2JbxGNojmBCoNVGLmfs_t2WwQk-wSdoAWXllDhysYDzQUP7p5EqiZ4D6h4OiOEBYm82gLCG82F_rY0MbaFW0gsPE5EknqNlmMr9uxfw&sai=AMfl-YQV3nN-uDN7Qgq8nQLI5v-qLXhr0uilcCgHYPaAOD-ybrEsmc4s3BNjWwqLwmzQnqSMGEjlZX7v01CNHiE2-QlamJ1J_4ZCOmX9GHxyXBgzbyV00U0ifjbTNrqq4TiRvF_OKR2OK3_jNgxJQCufUDrZ&sig=Cg0ArKJSzGMVf2ui-xDDEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 09 Jan 2024 07:25:27 GMT
6515262723969441314
tpc.googlesyndication.com/simgad/ Frame 7BBD 		108 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6515262723969441314
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a41bd7159c8860f14829ed9beb02a24e7946983e5ab1ab81bf8924e87b341561
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Mon, 06 Jan 2025 12:35:06 GMT
date
Sun, 07 Jan 2024 12:35:06 GMT
x-content-type-options
nosniff
age
154221
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110929
x-xss-protection
0
last-modified
Sat, 16 Feb 2019 22:37:19 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/ Frame 7BBD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 20:49:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
38159
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Jan 2024 20:49:28 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 7BBD 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704717871404979"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Jan 2024 07:25:27 GMT
truncated
/ Frame CD8B 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
022e244c2aed7385ac1397b379db22d45ac98bf91cae1df06449cf48482ca1b6

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8E78 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b68fecbd3f031c2f5c7576e91e308647b9236e4bc4a736555aa00863ed4a0d01

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 7BBD 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d05f4734a0d6e06216db33ffca5a4d992cc9aa830bca1020c29871dcd313dea0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
/
adspsp.com/pt/1710310/12/2/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/1710310/12/2/?a=2,a2lr611qegPHxdYpLFAE,7S9I3Z5wjH&aa=01CihRyu.gN&b=2:1,2,1g5jth,1ggwkbp,1rlvi416,,2ytpo1v,k8`2i,1rlvi416,2ytpo1v,U296dd8e7ef475d,adb_leaderboard_atf,%2F9869277%2Fcnhi%2Fthenormantranscript%2Ftotalaudience&b=2:1,5,22h8pxy,10rpxnh,1rikkz8e,,236vghz,8c`6y,1rikkz8e,236vghz,U32f8fc4e0e8369,adb_mediumRectangle_btf1,%2F9869277%2Fcnhi%2Fthenormantranscript%2Ftotalaudience&b=2:1,4,22h8pxy,10rpxnh,1rikkz9z,,236l694,8c`6y,1rikkz9z,236l694,U4ff9017041e222,adb_mediumRectangle_atf,%2F9869277%2Fcnhi%2Fthenormantranscript%2Ftotalaudience&e=&c=https%3A%2F%2Fwww.normantranscript.com%2F&d=&f=1.lr611o05.1T1vg.2T2k7&g=2T3aq&u=f0278789:lim1hwav:3i2&v=18g.xc.0.77u.1.0&m=z&zi=adb_weather_atf,weatherhousead,0,adb_button_btf1,adb_button_btf2,adb_large-video,largevideoplayer,adb_reveal,reveal,adb_leaderboard_atf,totalaudience,2,U296dd8e7ef475d,adb_mediumRectangle_btf1,5,U32f8fc4e0e8369,adb_mediumRectangle_atf,4,U4ff9017041e222&z=0,1,2,2:.,1,120x0,bf,420.0,0,004o&z=3,1,2,2:.,1,120x0,bf,233q.0,26e,004o&z=4,1,2,2:.,1,120x0,bf,233q.0,26e,004o&z=5,6,2,2:.,1,1x1,bf,272w.0,65k,004o&z=7,8,2,2:.,1,1310x0,bf,272w.0,65k,004o&z=9,a,b,c:.,1,1360x130,bj,44c.0,k,004s&z=d,a,e,f:.,1,2,bj,21hc.0,k0,004s&z=g,a,h,i:.,1,2,bj,4ec.0,k,004s&rnd=1704785127800
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.196.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-196-6.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
/
normantranscript-cnhi-pw.newsmemory.com/ 		175 KB
176 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://normantranscript-cnhi-pw.newsmemory.com/?meter&ta_MACHINE_ID=892e4503ad86f0faf840aba78be98641&v=4&r=9075
Requested by
Host: normantranscript-cnhi-pw.newsmemory.com
URL: https://normantranscript-cnhi-pw.newsmemory.com/?meter&v=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.17.34.107 , United States, ASN10242 (USINTERNET, US),
Reverse DNS
Software
Apache /
Resource Hash
01086213890483c507b79ae1a7d227217142bbb41f6058b497ae2ebcc228c4ee

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 07:25:27 GMT
Last-Modified
Wed, 1 Nov 2023 21:35:07 UTC
Server
Apache
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Expires
Keep-Alive
timeout=2, max=299
Expires
Tue, 9 Jan 2024 09:25:28 UTC
view
securepubads.g.doubleclick.net/pcs/ Frame 7BBD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss60No0m4a2VGmazNywptDVz-U-xUgCn38-mK5f_G_dvH2-a4Z9nymLYnjoQqc8tgATBGMGGgCyAJNfS29usImjfs6Xc3W-4TGT8Vo9c4mTvQVo8wqEg-jHadOaYW4ENrKs96ZFHp7QAc_F8-LhSwkVjdhOb2smN0f6s2tnPX5yxP6q6XEzBWkFndgVfl_eHkLs4l9ow2ZGaf9f6B2tZhnADPlz_4bo_Ytu2lt0ojS5TnRiiAcWFUCnE9-RWSdyIo5fqT42MUSgIKUPkIyH1c7yQh2ds9ojiCvJbe2VX8I6tC9y12jtayNXEvzynXNWabR9x30RB1e0f9qPAP6XiwRoNcRD6ZbqlEx11WnzTaETER7_QCoJUSdo0_H0yC6cEyRcn-R_LrdC6K6wvdzrCVSZ9Kpn197gujWWPlw&sai=AMfl-YRKGdd-UvPbP9HtDdRooIDRted990JZHl3MnhRyEDlrOXV3o4c7dOUUoVEPrO93ID-bp81GdKTaW0kJbDi_Ry39H_7IGQPjv0KebITnJfSn9G0E6yFXeIsTDNzqJ86JxKuVdbEcZ_YX3bfkmhb04NYK&sig=Cg0ArKJSzMaD3BV_H3ZJEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 09 Jan 2024 07:25:27 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame CD8B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsup576YINZHqXKpnVVx1MBKTbSrYcR1rQwXk8CKc9ls0UNnwVW3_rmjMS4qPmsRgCvPkjSI60PgHU9r-n_CCQxjbuNhLUuKSomqJJ5NrB7milip31TYKSsG9jJIGuKDOOEMM4eAzf-ciGBHyfoIeeVzdapk4QDtX5qUa9smYEiRraT7Wx5NC9_zCybz7NRHn5Kz3YbM3jV91owVJozEnv-b_8ghfoF3kJqL_qNqBn4ZshiNRCmP6YkPilKiRWldQSR21gcDrEmlszLWPNRBZH6BkL60EDxfLmJ0S7IIuHajy7pz5y8vZTrp3w06Xl4gZOFLmMbRpItdQ2dLsbCcyk8CTJCcqDFP631iQEgmTsUpUTNpA4_LLfSPLGEWGabpHgpkKbhl3_kOqBOnyCAm_aV51_o27rOszwmlmZA&sai=AMfl-YQHWRCpQ6K8vl6ZzKjwMd1nrExoyjpQoOAkcYXcz8JOhJzz-j7hgTqIgnG42ofFY8r5qBSaenA5arOZilTK_kXxsjoqlv1VaKr_TSynheceIZwVa6kLPdqx0VL2R91EsvNPPfelRl6LtY1gC8Dt2okq&sig=Cg0ArKJSzDTj6CjbenQREAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 09 Jan 2024 07:25:27 GMT
ingest
i.viafoura.co/v3/www.normantranscript.com/ 		67 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.viafoura.co/v3/www.normantranscript.com/ingest?t=%7B%22view%22%3A%7B%22domain%22%3A%22www.normantranscript.com%22%2C%22siteUuid%22%3A%2200000000-0000-4000-8000-ccf03dc2fd3e%22%2C%22pageViews%22%3A1%2C%22outgoing%22%3A10%2C%22sessionStart%22%3A1704785127%2C%22isRecirculation%22%3Afalse%2C%22uniqueId%22%3A%22149ea268-3ffa-4dad-b2c8-cd09cfbaa710%22%2C%22firstVisit%22%3A1704785127%2C%22previousVisit%22%3A1704785127%2C%22currentVisit%22%3A1704785127%2C%22visitCount%22%3A1%2C%22referrerStart%22%3A1704785127%2C%22refVisitCount%22%3A1%2C%22ref%22%3A%7B%22medium%22%3A%22direct%22%2C%22source%22%3A%22%22%2C%22sharer_uuid%22%3A%22%22%2C%22terms%22%3A%22%22%7D%7D%2C%22meta%22%3A%7B%22domain%22%3A%22www.normantranscript.com%22%2C%22site%22%3A%2200000000-0000-4000-8000-ccf03dc2fd3e%22%2C%22section%22%3A%2200000000-0000-4000-8000-ccf03dc2fd3e%22%2C%22pageImage%22%3A%22https%3A%2F%2Fbloximages.chicago2.vip.townnews.com%2Fnormantranscript.com%2Fcontent%2Ftncms%2Fcustom%2Fimage%2Fccdfcfb2-9d11-11e9-a40f-c347810e33cd.jpg%3Fresize%3D600%252C319%22%2C%22ref%22%3A%7B%7D%2C%22vf%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.normantranscript.com%2F%22%2C%22path%22%3A%22%2F%22%2C%22title%22%3A%22normantranscript.com%20%7C%20my%20paper%2C%20my%20town%22%2C%22privilege%22%3A%22guest%22%2C%22page_type%22%3A%22website%22%2C%22page_description%22%3A%22%22%2C%22topics%22%3A%5B%22norman%20transcript%22%5D%2C%22amp%22%3Afalse%2C%22thirdparty_enabled%22%3Afalse%2C%22container_id%22%3A%22%22%7D%2C%22ua%22%3A%7B%22nl%22%3A%22en-US%22%2C%22nu%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.129%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%2C%22sd%22%3A24%2C%22vp%22%3A%221600x1200%22%2C%22dt%22%3A%22normantranscript.com%20%7C%20my%20paper%2C%20my%20town%22%2C%22de%22%3A%22UTF-8%22%2C%22dl%22%3A%22en%22%7D%2C%22rq%22%3A%2258ed960f-d14a-430c-a708-ad98b56dcabb%22%2C%22w%22%3A%5B%22vf-tray-trigger%22%5D%2C%22event_type%22%3A%22analytics.view_lite%22%7D
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.227.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-227-39.compute-1.amazonaws.com
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/png
date
Tue, 09 Jan 2024 07:25:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
67
expires
Fri, 01 Jan 1990 00:00:00 GMT
pr
s.amazon-adsystem.com/v3/ Frame 83AD 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-Azerion_n-baidu_n-Beeswax_ox-db5_smrt&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-Azerion_n-baidu_n-Beeswax_ox-db5_smrt&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
fac69c9d4b28d29c23ff87532b0f70ac7012eb7438ae72249d0bafe02c74afae
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-Azerion_n-baidu_n-Beeswax_ox-db5_smrt&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2732
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 09 Jan 2024 07:25:28 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
570MMWYRXWZQB8N76KSF
view
securepubads.g.doubleclick.net/pcs/ Frame 8E78 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsswb2sO2ZLUBDNotvv4yLUaJx3GLq0xMKgyY9hdfhOjfQ1cB6J0SP8ojC8af2FWs7F1x5KAhwji7ynkqDOg535Qk7rmrZShUbtDW5N0OmarVsCKkhzAoNTxSndgnfZXiJfkczdjDjausMe_x3fIN2eeEkTFGuYtpmX0peykVgyyg14nK93yYyOiYnaHjLqjycY4-1fFWrLgQN4bi5sAW9beL35L6_rr5riuGZjBPk0zGz5KUEMOIursh0MDvcwXaFE1HCptWsZLZ5wWu3M_2AI3SiVl6kDoHjrz5v9rEJLTUd8wRPhSO5ggzdMI2yDGQXAY4PGcHU22E3odmB2vkRCFsJRGPmkBK1bEDqy0Ix0dWPVuMOvLBIYrGcBeB9-vZT-SrnNOniWrGAKqSjeatPXzDyjCAWZKZDa8u_Q&sai=AMfl-YSCslNsPHs5BeA5p9DhlcwF2cPDmYxm-NVajaAC0KYe8uf-1SRPYDv1DfPdf1wAICnh8vQ3QLyo9JJfLuQP7KKPoUaQYQ4k1rEUaSUJu9lwwnd7JR8YGHCtUQKdX9EreY0FqVly3oKqL6rC03RPdUmI&sig=Cg0ArKJSzA7v3XRSNxxCEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 09 Jan 2024 07:25:28 GMT
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 Jan 2024 07:25:28 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		97 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
389f4afd84f02b4c34018b66efba9fa9cd4c80cc0aa34accdbf37ea76647ca17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 04 Jan 2024 12:38:38 GMT
server
nginx
etag
W/"6596a6ce-18434"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 Jan 2024 07:25:28 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		93 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=106974496560352&correlator=3206482525272053&eid=31077976%2C31080297&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=9869277%2Ccnhi%2Cthenormantranscript%2Ctotalaudience%2Crichmedia&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4&prev_iu_szs=300x250%2C728x90%7C970x250%2C300x250%7C300x600%2C728x90%7C970x250%2C728x90%7C970x90&ifi=9&sfv=1-0-40&fsbs=1%2C1%2C1%2C1%2C1&eri=1&sc=1&cookie=ID%3Dde2a601dec178db4%3AT%3D1704785127%3ART%3D1704785127%3AS%3DALNI_Mb1maAeSfDS8tLdWSYHpIqa8K1Wlw&gpic=UID%3D00000cd447ba646c%3AT%3D1704785127%3ART%3D1704785127%3AS%3DALNI_MbaEh6fV9tkmUWpCHLW99Zb0PzusQ&abxe=1&dt=1704785128091&lmt=1704759735&adxs=1180%2C8%2C1180%2C8%2C436&adys=4525%2C4494%2C6169%2C8462%2C1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=6%7C7%7C8%7C9%7C0&ucis=9%7Ca%7Cb%7Cc%7Cd&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.normantranscript.com%2F&vis=1&psz=300x10%7C1584x42%7C300x10%7C1584x52%7C1600x-1&msz=300x0%7C1584x0%7C300x0%7C1584x0%7C1600x-1&fws=4%2C4%2C4%2C4%2C516&ohw=300%2C1600%2C1600%2C1600%2C1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsmSuGYxzx1f5viYHLUNBX8nM9EOa5Wf_f3g-r13UbB_VOJmEXO37PgCm13hEjGkZW_umb2e5qOL0gMUo6djoNrn7Pg9LQ%2CAOrYGsnzzFafPG_RCfys24gw4ros1NVaqpJUFTLXYU891j2OGRNHeF453FVE32tpEDEyxqmOSMd-0OzvQK-qA6IYXuaA7sRUBuuGTbYGgps%2CAOrYGsl2qfH6qZoKzEKzLEo7aA5l1OHJDlqzIFHWe7XLJtARUnvYAHb42Ad_rMI3TcXYXJ5DE6F1rtv0Br0nTnrGiceWfm-BaePVdKXSRu0%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=2123531324.1704785126&ga_sid=1704785127&ga_hid=719282103&ga_fc=true&dlt=1704785125375&idt=759&prev_scp=pos%3Dbtf2%26amznbid%3D2%26amznp%3D2%26adb_imp%3Dlzno%2C1%26adb_bdr%3Dnone%7Cpos%3Dbtf2%26amznbid%3D2%26amznp%3D2%26adb_imp%3Dlzno%2C1%26adb_bdr%3Dnone%7Cpos%3Dbtf3%26amznbid%3D2%26amznp%3D2%26adb_imp%3Dlzno%2C1%26adb_bdr%3Dnone%7Cpos%3Dbtf%26amznbid%3D2%26amznp%3D2%26adb_imp%3Dlzno%2C1%26adb_bdr%3Dnone%7Camznbid%3D2%26amznp%3D2%26adb_imp%3Dlzyes%2C1%26adb_bdr%3Dnone&cust_params=section%3Dhomepage&adks=1877043977%2C3943759157%2C3496376406%2C3944136026%2C2455839085&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc6d298f372b332d655c89421d6f3b61bb749794a62d84b58444545bcf41fb84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:28 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19926
x-xss-protection
0
google-lineitem-id
4546508615,-2,4546508618,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138260249435,-2,138260249459,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.normantranscript.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
adspsp.com/pt/1710310/11/3/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/1710310/11/3/?a=2,a2lr611qegPHxdYpLFAE,7S9I3Z5wjH&aa=01CihRyu.gN&b=0,1,2,3,4,5:6,7,,8C:8,9,,3B:a,b,,59:c,d,,6B&b=0,1,e,f,g,5:6,h,,8D:8,i,,3C:2,j,,1F:2,j,,1F:a,k,,5a:a,k,,5a:c,l,,6B:c,m,,6B:n,o,,eQ&b=0,1,p,q,r,5:6,s,,8D:8,t,,3C:2,j,,1F:a,u,,5a:a,u,,5a:c,v,,6B:c,w,,6B&b=0,1,x,y,z,5:6,A,,8D:8,B,,3C:2,j,,1F:2,j,,1F:a,C,,5a:a,C,,5a:c,D,,6B:n,o,,eQ&b=0,1,E,F,G,H:6,I,,8D:8,J,,3C:2,j,,1F:2,j,,1F:a,K,,5a:a,L,,5a:c,M,,6B:c,N,,6B&bi=2,A72f886895d76fe4,6,U437129712f5ca35,adb_mediumRectangle_btf2_flex,%2F9869277%2Fcnhi%2Fthenormantranscript%2Ftotalaudience,4,540161677,5,11747857,10,206474,33,RdDNDHspumwjeZ0rUNnd0pI3,14,U466a466e8718a55,adb_leaderboard_mid,540161674,12812950,6708,213819,ccVECva4DSFcmufUCsC4hRze,RhAhHL3X0jLoZaEznwQUyb71,172,CNHI,7,U47b5bcee3def621,adb_mediumRectangle_btf3_flex,540161678,11747862,206475,dud0WW7nNOo36hYmTXQelFuy,GHSbYsaobKCFcdXjiEKcq6Z3,3,U486e41c87c3e4d1,adb_leaderboard_btf,540161673,11747832,206471,PDDWminnzbApknGlqgkxpZCm,11,U49dc833a349efc1,adb_floorboard,%2F9869277%2Fcnhi%2Fthenormantranscript%2Frichmedia,540327076,11908123,302372,302373,4toHxb5i3eKGPsfolJ10gLL8,ZKnbpUBWqDmzqbvOMugL6P14&e=&c=https%3A%2F%2Fwww.normantranscript.com%2F&d=&f=1.lr611o05.1T1vg.2T2k7&g=2T3j6&u=f0278789:lim1hwav:3i2&v=18g.xc.0.77u.1.0&m=z&rnd=1704785128103
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.196.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-196-6.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
ecm3
s.amazon-adsystem.com/ Frame 83AD
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=84b0cf7915
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=84b0cf7915
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-Azerion_n-baidu_n-Beeswax_ox-db5_smrt&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 07:25:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5DHP0RGCBCT5HC8253FC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Tue, 09 Jan 2024 07:24:54 GMT
via
1.1 304f6763e8e2c65d41e5e621780485fc.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
NRT57-C4
age
34
x-cache
Hit from cloudfront
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=84b0cf7915
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
ULgy0LG37cygXDIzEpEbBoR3ZZrLcuCoA3Q-mMNOb27jvPvPs09Lsg==
ecm3
s.amazon-adsystem.com/ Frame 83AD
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=4799ebae-c07a-47eb-9a10-229473514984
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=4799ebae-c07a-47eb-9a10-229473514984
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-Azerion_n-baidu_n-Beeswax_ox-db5_smrt&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 07:25:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GK4QAWCXW01FJY9FSMXJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=4799ebae-c07a-47eb-9a10-229473514984
Date
Tue, 09 Jan 2024 07:25:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame 83AD
Redirect Chain
  • https://ad.360yield.com/server_match?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dazerion.com%26id%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dazerion.com%26id%3D%7BPUB_USER_ID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=b79bfb06-55ed-49ef-994e-6362e287e295
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=b79bfb06-55ed-49ef-994e-6362e287e295
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-Azerion_n-baidu_n-Beeswax_ox-db5_smrt&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 07:25:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
M9Z345VXQVBB19GY7AHD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=b79bfb06-55ed-49ef-994e-6362e287e295
access-control-allow-origin
*
date
Tue, 09 Jan 2024 07:25:28 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
ecm3
s.amazon-adsystem.com/ Frame 83AD
Redirect Chain
  • https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=746ded22e48ffe542jgkeo00lr611rwy
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=746ded22e48ffe542jgkeo00lr611rwy
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-Azerion_n-baidu_n-Beeswax_ox-db5_smrt&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 07:25:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FJ5VWGGB0XK3NDS8CDWR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Tue, 09 Jan 2024 07:25:28 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=746ded22e48ffe542jgkeo00lr611rwy
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ecm3
s.amazon-adsystem.com/ Frame 83AD
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1
  • https://s.amazon-adsystem.com/ecm3?id=AAJgvU7LOeoAABPGHEehAA&ex=beeswax.com
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=AAJgvU7LOeoAABPGHEehAA&ex=beeswax.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-Azerion_n-baidu_n-Beeswax_ox-db5_smrt&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 07:25:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6708CY9TNK2VXKEQ7MKT
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?id=AAJgvU7LOeoAABPGHEehAA&ex=beeswax.com
Date
Tue, 09 Jan 2024 07:25:28 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
usermatch
ssum-sec.casalemedia.com/ Frame 82B6
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-Azerion_n-baidu_n-Beeswax_ox-db5_smrt&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a60b47078093749ed0a32bc8be85d6f96b8a44a48fe9580394b7c1b4304787c3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
842af24afbebaf7f-NRT
content-encoding
br
content-type
text/html
date
Tue, 09 Jan 2024 07:25:28 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4OranfGphQl6xjP0uO20mcyQugUvu%2BZ1oTd0tsJFRD4n7IfWfiETTeJhZ%2BoIsn2MAW8ndGvHcyb4d%2FhWiydGONrb6QsGmPRmifP%2Fnl8iiXRcy8PY78COi3hcCcTVzxnuWuNYd%2B8nCmAaig%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
842af24ade75affd-NRT
content-length
0
date
Tue, 09 Jan 2024 07:25:28 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XBWSYQL1FekitpNGGPWfjmC3Brnn9j9KqWd%2FoBQ9GD4n9Fo9%2BEHSdkTtE008t9oVkPlLwC96oqmmg3%2BA07k%2BN7L%2BBVAw6RDzG1U0OAnLpWQX4eAqRGBUvNaoCOn9dUbnvjLfXAUsdWNwtA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
match.sharethrough.com/jwumXNuB/v1/ Frame 261B 		888 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-Azerion_n-baidu_n-Beeswax_ox-db5_smrt&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.138.179.14 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-138-179-14.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
142ad077636af03318572fb61f37727c7c7eff7d0b4726a105cc549047841950

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-length
888
date
Tue, 09 Jan 2024 07:25:28 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C2FC 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-Azerion_n-baidu_n-Beeswax_ox-db5_smrt&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.39.216.189 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-216-189.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=54974
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 09 Jan 2024 07:25:28 GMT
expires
Tue, 09 Jan 2024 22:41:42 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 4C08 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-Azerion_n-baidu_n-Beeswax_ox-db5_smrt&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.149.60 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-149-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 09 Jan 2024 07:25:28 GMT
ETag
"20524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame 4076
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1LM0ZEV0xkRTJ1SXguS3ZOWUZGVmtpVWo3Z0xSOG5oYX5B
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1LM0ZEV0xkRTJ1SXguS3ZOWUZGVmtpVWo3Z0xSOG5oYX5B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-Azerion_n-baidu_n-Beeswax_ox-db5_smrt&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 09 Jan 2024 07:25:28 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
P65QBNF8E44HYY2XR74H

Redirect headers

age
0
content-length
0
date
Tue, 09 Jan 2024 07:25:28 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1LM0ZEV0xkRTJ1SXguS3ZOWUZGVmtpVWo3Z0xSOG5oYX5B
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.94
strict-transport-security
max-age=31536000
cm
u.openx.net/w/1.0/ Frame 3F4D 		199 B
213 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-Azerion_n-baidu_n-Beeswax_ox-db5_smrt&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
151
content-type
text/html
date
Tue, 09 Jan 2024 07:25:28 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame CA74
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=4995439349706841471&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=4995439349706841471&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-Azerion_n-baidu_n-Beeswax_ox-db5_smrt&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 09 Jan 2024 07:25:28 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
8GCCJV9Z8RH5Q10MA6EP

Redirect headers

content-length
0
date
Tue, 09 Jan 2024 07:25:28 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=4995439349706841471&gdpr=0&gdpr_consent=
usync.js
eus.rubiconproject.com/ Frame 4C08 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.149.60 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-149-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
266cb8d6ad0b7d739e730a1b76d3560c5b10c75f92c42a6a8aced675a84f1829

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 07:25:28 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Jan 2024 21:37:43 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=51135
Connection
keep-alive
Content-Length
10965
Expires
Tue, 09 Jan 2024 21:37:43 GMT
khaos.json
token.rubiconproject.com/ Frame 4C08 		7 B
775 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
187e82019178d54b7a252bfda4b0880c
Expires
0
PugMaster
image6.pubmatic.com/AdServer/ Frame C2FC 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=25071468&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f00f1907b14f2dd4d72b8f04f2718a2e55fd7e43327f58389e32870b8b7f75ac

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 09 Jan 2024 07:25:28 GMT
content-length
1545
content-type
text/html; charset=UTF-8
rum
dsum-sec.casalemedia.com/ Frame 82B6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://match.adsrvr.org/track/cmb/casale?
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=5e1cdb2f-412b-4a5e-93a4-04564d7f3206&expiration=1707377128&gdpr=0&gdpr_consent=
43 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=5e1cdb2f-412b-4a5e-93a4-04564d7f3206&expiration=1707377128&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xiJ1otqWBpqWCa2z4LGXKeN8YI8TJu9YuiWe623s%2Bn8XxiWFBFzPlyn532eGqHmvDP0Ab4elDsI6elJz7ll9JVuUsV%2B8ji%2BtnehEaCYO1cyYYqt8rSWGXSpI3q4gRM8Z4BDFOTJHBVqpLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
842af24b8f20affd-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=5e1cdb2f-412b-4a5e-93a4-04564d7f3206&expiration=1707377128&gdpr=0&gdpr_consent=
date
Tue, 09 Jan 2024 07:25:28 GMT
server
Kestrel
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 82B6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZZz06Og13FvJmt7L2nqK1gAAFUUAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIrBo2u6saXq3nKYcJQdTis&google_cver=1
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIrBo2u6saXq3nKYcJQdTis&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c4JOxiqU3XdAHNtzk5C8YXJQKGSv5svkvAv9kgnHUWlcIInS2CkwT0c1jByP0PLwlCJv2vLC2awX%2BZYF7Vf88hgy2VfbZJpB7IbXelzOfTuJl0VTAwlkQnasxgnClDBAz7rCqH5qMpsqJA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
842af24b8c74af7f-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIrBo2u6saXq3nKYcJQdTis&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 82B6 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZZz06Og13FvJmt7L2nqK1gAAFUUAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 07:25:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FX174FAPQ8X4YTFW6X0A
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
35759
i6.liadm.com/s/ Frame 82B6
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZz06Og13FvJmt7L2nqK1gAA%265445&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZZz06Og13FvJmt7L2nqK1gAA%265445&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=cbe2a8d0085d4799b74f8e1060b9f021
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=7001959693255496791
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
  • https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=5e1cdb2f-412b-4a5e-93a4-04564d7f3206
  • https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=5e1cdb2f-412b-4a5e-93a4-04564d7f3206
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=5e1cdb2f-412b-4a5e-93a4-04564d7f3206
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
2600:1f18:ed:550f:27fd:18e1:959d:33af Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 07:25:30 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=5e1cdb2f-412b-4a5e-93a4-04564d7f3206
Date
Tue, 09 Jan 2024 07:25:29 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
1
rum
dsum-sec.casalemedia.com/ Frame 82B6
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4119655931738379351
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4119655931738379351
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n0Rjjmi6UW52ryYbGYXwUs%2BFkpYxSgK2SFLIqh%2B4cxqufIZV76AHe6ZdKBcPdNa4Hg1%2FqsvMZsmKE6Z9zoRPTRDHgZX3gC3d6FlNmYa38N5IbuwhdKualhKpbfyqmxjY5z%2FDSQ1Uhc92Rw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
842af24f98c0af7f-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4119655931738379351
pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 82B6
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=index_exchange
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=206&external_user_id=ZZz06MCo5tIAAFmFULYAAAAA
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=206&external_user_id=ZZz06MCo5tIAAFmFULYAAAAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EhM4e8Gz8ROMTEfu4Pd56l96L%2F45Dn2eJJg6FN5wWit%2BIxJCTTuH3Ih%2F4lwz%2Fa3fOil4Qv9lHI75IHDqy1M%2FiRdSN%2FPVLdJRipoQ1vNTxtWPC2C5JtIH%2FoQy3jZ2lLlw1MCQyM2kNTcGgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
842af2502952af7f-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

X-SO-Cluster-ID
0
Date
Tue, 09 Jan 2024 07:25:28 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=index_exchange","cluster_id":0,"gdpr":false,"ipv4":"146.70.201.212","key":"ZZz06MCo5tIAAFmFULYAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad1016"}
X-SO-Key
ZZz06MCo5tIAAFmFULYAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad1016
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=206&external_user_id=ZZz06MCo5tIAAFmFULYAAAAA
Cache-Control
private
X-SO-HostName
m-ad1016.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
741
Content-Length
0
X-SO-LB-Hostname
a-tgng40014.dc2p.scaleout.jp
X-SO-IP
146.70.201.212
crum
dsum-sec.casalemedia.com/ Frame 82B6
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://b1sync.zemanta.com/usersync/index/?gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=2&us_privacy=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=smnb4j-Heqi0BKVqBVnq
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=smnb4j-Heqi0BKVqBVnq
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qvByWfpv6013HEV%2FMOoDjsk8cxOy6T047pc6OE5eVdeh8xnWFWr3Od8%2F9CtAk%2BcsOJOwrjW8JrwVyw6YltupD2pzaCybdD22Ql4q9DlwbsE7AUt%2FlPozU8CCHknKwp8W4%2F4vXviDp4apFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
842af24ff92caf7f-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 07:25:28 GMT
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=smnb4j-Heqi0BKVqBVnq
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 82B6
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=uNnJ0OjYlYWj1JPV7Y3di-yPx4qj1caB6NUGtpnv
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=uNnJ0OjYlYWj1JPV7Y3di-yPx4qj1caB6NUGtpnv
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z576V39K0JRtH%2BAyoF%2BjgURAFYjCFO8BjLi%2F1I2yioNwCuGGPwSQqlFM3gnG9hde4Le6jumHzFSdbE9Q%2FjaZ7LjB4sjVOnsRfuO3kxpKeG329OoNz0iyDwN5bo%2BBB3DMOt1d4CQ7PoEgsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
842af24becd5af7f-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=uNnJ0OjYlYWj1JPV7Y3di-yPx4qj1caB6NUGtpnv
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 82B6 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZZz06Og13FvJmt7L2nqK1gAAFUUAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 07:25:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
K3XJS18YAJTM1ETFT3J4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pd
jp-u.openx.net/w/1.0/ Frame 04AA 		904 B
790 B 		Document
General
Check archive.org
Download Go to
Full URL
https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
7ede13a3caf648dc412db9b9cfe868fb025077ca4e3a30daaa72a761b02235dd

Request headers

Referer
https://www.normantranscript.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
487
content-type
text/html
date
Tue, 09 Jan 2024 07:25:28 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame 268B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://api.primecaster.net/adlogue/api/sync/bidswitch?ssp_id=pubmatic
  • https://api.primecaster.net/adlogue/api/sync/bidswitch?ssp_id=pubmatic&uid-set=1
  • https://x.bidswitch.net/sync?dsp_id=191&user_id=mK7TAkolLQ1&expires=90&ssp=pubmatic&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4799ebae-c07a-47eb-9a10-229473514984&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4799ebae-c07a-47eb-9a10-229473514984&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 07:25:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Tue, 09 Jan 2024 07:25:28 GMT
Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4799ebae-c07a-47eb-9a10-229473514984&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 47E3
Redirect Chain
  • https://cr-p10.ladsp.com/cookiesender/10?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://cr-p10.ladsp.com/cookiesender/10?cr=true&https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AdQlnH0ALp6Bks8AED41yYvhzs8AAAGM7RyrOw
0
225 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AdQlnH0ALp6Bks8AED41yYvhzs8AAAGM7RyrOw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 01:34:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
date
Tue, 09 Jan 2024 07:25:28 GMT
expires
-1
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AdQlnH0ALp6Bks8AED41yYvhzs8AAAGM7RyrOw
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
pragma
no-cache
server
Logicad
via
1.1 591400b2958a6516fdef3d2bc0ac208e.cloudfront.net (CloudFront)
x-amz-cf-id
uXB90NCKqbBunG2Ks6bdz6unuerIux3xt4Dlz-r_eoPhIj17WmR3Qw==
x-amz-cf-pop
NRT57-C3
x-cache
Miss from cloudfront
ecm3
s.amazon-adsystem.com/ Frame 6497 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID3008DB03-8A32-4240-AC05-4F59925776EB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 09 Jan 2024 07:25:28 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
C17DQ0F3TGE12ASQRRFD
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C2FC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MAjbA4oyQkCsBU9Zkld26w%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
23.39.216.189 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-216-189.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:28 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=54974
accept-ranges
bytes
content-length
5622
expires
Tue, 09 Jan 2024 22:41:42 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame C2FC
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=3008DB03-8A32-4240-AC05-4F59925776EB
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=3008DB03-8A32-4240-AC05-4F59925776EB
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=25340944-7749-4ec2-8326-ce538a3d1a70%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=5e1cdb2f-412b-4a5e-93a4-04564d7f3206&ttd_puid=25340944-7749-4ec2-8326-ce538a3d1a70%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=5e1cdb2f-412b-4a5e-93a4-04564d7f3206&ttd_puid=25340944-7749-4ec2-8326-ce538a3d1a70%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:28 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=5e1cdb2f-412b-4a5e-93a4-04564d7f3206&ttd_puid=25340944-7749-4ec2-8326-ce538a3d1a70%2C%2C
date
Tue, 09 Jan 2024 07:25:28 GMT
server
Kestrel
content-length
359
qmap
sync.crwdcntrl.net/ Frame C2FC
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=3008DB03-8A32-4240-AC05-4F59925776EB&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=3008DB03-8A32-4240-AC05-4F59925776EB&gdpr=0&gdpr_consent=&ct=y
49 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=3008DB03-8A32-4240-AC05-4F59925776EB&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
52.77.13.91 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-13-91.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.13.16
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=3008DB03-8A32-4240-AC05-4F59925776EB&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.42.2.44
content-length
0
expires
0
info
uipglob.semasio.net/pubmatic/1/ Frame C2FC 		42 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=3008DB03-8A32-4240-AC05-4F59925776EB&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
119.9.108.180 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

uip-response-status
FallbackResponse
date
Tue, 09 Jan 2024 07:25:25 GMT
frontend-id
0
content-length
42
routing-server-id
1
content-type
image/gif
Pug
image2.pubmatic.com/AdServer/ Frame C2FC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzAwOERCMDMtOEEzMi00MjQwLUFDMDUtNEY1OTkyNTc3NkVC&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 01:18:33 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C2FC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEZky93RF7iQw6zOci4TOco&google_cver=1
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEZky93RF7iQw6zOci4TOco&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 01:20:13 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEZky93RF7iQw6zOci4TOco&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame C2FC 		43 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.142.175.23 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
23.175.142.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:28 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 08 Jan 2024 07:25:28 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C2FC
Redirect Chain
  • https://tg.socdm.com/rtb/sync?proto=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZZz06MCo5tAAAMtw5E4AAAAA
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZZz06MCo5tAAAMtw5E4AAAAA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 07:25:28 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

X-SO-Cluster-ID
0
Date
Tue, 09 Jan 2024 07:25:28 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync?proto=pubmatic","cluster_id":0,"gdpr":false,"ipv4":"146.70.201.212","key":"ZZz06MCo5tAAAMtw5E4AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40075"}
X-SO-Key
ZZz06MCo5tAAAMtw5E4AAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40075
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZZz06MCo5tAAAMtw5E4AAAAA
Cache-Control
private
X-SO-HostName
a-ad40075.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
a-tgng40012.dc2p.scaleout.jp
X-SO-IP
146.70.201.212
primisslate.css
live.primis.tech/content/video/css/ 		18 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/css/primisslate.css
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D30312D30395F30397D7B7331353038393436337D7B433136367D7B53643364334C6D3576636D3168626E52795957357A59334A7063485175593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=2001%3Aac8%3A40%3A1e%3A%3A2e&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.129+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1704785127&csuuid=659cf4e72c63f&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.normantranscript.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=0&gdprConsent=&contentFeedId=&geoLati=35.6164&geoLong=139.7425&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.normantranscript.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:221e:e000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5904191bceefb2eeb3a93b27faf9c6be9b3e7980c3e0b8683b76c2a7faa1baa8

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:28 GMT
content-encoding
gzip
via
1.1 c8ced8ee22fad477549815ea371867b2.cloudfront.net (CloudFront)
last-modified
Tue, 05 Dec 2023 09:01:01 GMT
server
nginx
x-amz-cf-pop
KIX50-P2
etag
W/"656ee6cd-47bd"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
rAoCUy_JqNYC7GwGVFkvDbhIEMgr6DA51AMJlRb7cn9xYBfU5e8K4A==
apstag.js
c.amazon-adsystem.com/aax2/ Frame BFCA 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D30312D30395F30397D7B7331353038393436337D7B433136367D7B53643364334C6D3576636D3168626E52795957357A59334A7063485175593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=2001%3Aac8%3A40%3A1e%3A%3A2e&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.129+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1704785127&csuuid=659cf4e72c63f&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.normantranscript.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=0&gdprConsent=&contentFeedId=&geoLati=35.6164&geoLong=139.7425&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.normantranscript.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.170.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-170-54.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 06:52:38 GMT
content-encoding
gzip
via
1.1 49b964f897a5e1c9f9d0e182630ef7ca.cloudfront.net (CloudFront), 1.1 5937fca00485f2f0f4c9df4dd6632614.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:11 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2, NRT12-C3
age
1971
x-amz-server-side-encryption
AES256
etag
W/"bab82e5d8801f394c1ef53a45dc29542"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
pc7ykHZIg1V6-_I92EoDGhgSvY3Zy4xEFdMijP4SNXff8VFf76i5dw==
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame BFCA 		93 B
915 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=793790479&pt=17&dpn=1&jsver=5.09&iiqidtype=2&iiqpcid=ffe1e76b-5a3c-488d-be1b-2bf341942233&iiqpciddate=1704785128268&iiqcallcount=0&iiqfailcount=0&iiqnodata=false&iiqlocalstorageenabled=true&tsrnd=34_1704785128269&cttl=43200000&rrtt=0&dud=0&abtg=A&iiqppcc=0&vrref=https%3A%2F%2Fwww.normantranscript.com%2F&ref=www.normantranscript.com
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D30312D30395F30397D7B7331353038393436337D7B433136367D7B53643364334C6D3576636D3168626E52795957357A59334A7063485175593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=2001%3Aac8%3A40%3A1e%3A%3A2e&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.129+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1704785127&csuuid=659cf4e72c63f&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.normantranscript.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=0&gdprConsent=&contentFeedId=&geoLati=35.6164&geoLong=139.7425&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.normantranscript.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.52.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-52-20.nrt20.r.cloudfront.net
Software
/
Resource Hash
507b8427be01574d8837c96034804ca25baeb27416c6f1d04ab2b2b298425bb4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:28 GMT
via
1.1 de58d3e5f27cc893179e2fca652d0404.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT20-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
pragma
no-cache
access-control-max-age
3600
vary
Origin
content-type
text/html
access-control-allow-origin
https://www.normantranscript.com
access-control-allow-methods
POST, GET
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id
pgJXVy2zmHvifzBvioeAiOiJzhyEOcJEKCPQMXjmswXcZDU3xlUxOg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame BFCA
Redirect Chain
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=176745&iiqidtype=2&iiqpcid=ffe1e76b-5a3c-488d-be1b-2bf341942233&iiqpciddate=1704785128268&tsrn...
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=176745&iiqidtype=2&iiqpcid=ffe1e76b-5a3c-488d-be1b-2bf341942233&iiqpciddate=1704785128268&tsr...
43 B
938 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=176745&iiqidtype=2&iiqpcid=ffe1e76b-5a3c-488d-be1b-2bf341942233&iiqpciddate=1704785128268&tsrnd=110_1704785128270&vrref=https%3A%2F%2Fwww.normantranscript.com%2F&jsver=5.09&ckls=true&ci=xDGfdaijDn&nc=false&trid=2031145816
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Server
18.65.185.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-71.nrt57.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
via
1.1 5383a3a3cc7bce128040f7b69eb4bc38.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P2
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
k0VdhanEaaS68qNByokocO3xLekTwRoKo4MiyUyidQSI41amNSoo3Q==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
via
1.1 5383a3a3cc7bce128040f7b69eb4bc38.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=176745&iiqidtype=2&iiqpcid=ffe1e76b-5a3c-488d-be1b-2bf341942233&iiqpciddate=1704785128268&tsrnd=110_1704785128270&vrref=https%3A%2F%2Fwww.normantranscript.com%2F&jsver=5.09&ckls=true&ci=xDGfdaijDn&nc=false&trid=2031145816
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
9fUHF0fZA_9VVQ8LXTARWspagzLfQKTQVdwjwxBmA4-HcvbffACoMA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
b2009f49-5421-a445-7cdb-2ab61d8d22bd
pr-bh.ybp.yahoo.com/sync/openx/ Frame 04AA 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/b2009f49-5421-a445-7cdb-2ab61d8d22bd?gdpr=0
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:da18:929:5a01:4f7c:de84:79b9:a7e6 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
openx
cs.nex8.net/cs/ Frame 04AA 		0
0
dds
rtb.openx.net/sync/ Frame 04AA
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=-ZFzMW0LjyKreHD0McPVTg==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H2
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 04AA 		43 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
220.150.223.50 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
50.223.150.220.in-addr.arpa
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 07:25:28 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
expires
-1
sd
us-u.openx.net/w/1.0/ Frame 04AA
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=7001959693255496791&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7001959693255496791&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7001959693255496791&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 04AA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=26c7f90d-c48d-360c-4d0c-3c43e2daeff4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=5e1cdb2f-412b-4a5e-93a4-04564d7f3206&ttd_puid=26c7f90d-c48d-360c-4d0c-3c43e2daeff4&gdpr=0&gdpr_consent=
43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=5e1cdb2f-412b-4a5e-93a4-04564d7f3206&ttd_puid=26c7f90d-c48d-360c-4d0c-3c43e2daeff4&gdpr=0&gdpr_consent=
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=5e1cdb2f-412b-4a5e-93a4-04564d7f3206&ttd_puid=26c7f90d-c48d-360c-4d0c-3c43e2daeff4&gdpr=0&gdpr_consent=
date
Tue, 09 Jan 2024 07:25:28 GMT
server
Kestrel
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 04AA
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZZz06MCo5tAAAMtw5GQAAAAA
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZZz06MCo5tAAAMtw5GQAAAAA
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Tue, 09 Jan 2024 07:25:28 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"146.70.201.212","key":"ZZz06MCo5tAAAMtw5GQAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad422"}
X-SO-Key
ZZz06MCo5tAAAMtw5GQAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad422
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZZz06MCo5tAAAMtw5GQAAAAA
Cache-Control
private
X-SO-HostName
m-ad422.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
a-tgng40012.dc2p.scaleout.jp
X-SO-IP
146.70.201.212
sd
jp-u.openx.net/w/1.0/ Frame 04AA
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AdQlnH0ALp6Bks8AED41yYvhzs8AAAGM7RyrhQ
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AdQlnH0ALp6Bks8AED41yYvhzs8AAAGM7RyrhQ
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
via
1.1 591400b2958a6516fdef3d2bc0ac208e.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
NRT57-C3
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AdQlnH0ALp6Bks8AED41yYvhzs8AAAGM7RyrhQ
cache-control
no-cache
content-length
0
x-amz-cf-id
-arWh3D6WzsVyt01o124h3xzVP_VkPjO5NC4adG6Mt7fKbMFcAK5tg==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 04AA 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGFhODJhYzctMGRmYS02OGE4LTU4ZWMtNjZmYTI4MzgyMTk0
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 04AA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHnvdu0Wkl74TKeZNA_vwRE&google_cver=1
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHnvdu0Wkl74TKeZNA_vwRE&google_cver=1
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHnvdu0Wkl74TKeZNA_vwRE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 95D3 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.normantranscript.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
7151
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 09 Jan 2024 07:25:28 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 24 Dec 2023 05:31:43 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
400, 71206
X-Served-By
cache-lga13626-LGA, cache-nrt-rjtf7700051-NRT
X-Timer
S1704785128.312839,VS0,VE0
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame BFCA 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.170.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-170-54.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 03:36:52 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 792d1dfcd0e864258cddb08b00eca5d8.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT12-C3
age
13716
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
gzY9lUOeP-j621tVtI7WOCYOMMTCKlJFWF78H4B2-g2K5Ec9LWDaJw==
bounce
ib.adnxs.com/ Frame 95D3
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
815 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Server
103.43.90.179 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
an-x-request-uuid
19d718b5-8f9b-4aa3-b2da-b92af6a70bd2
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
146.70.201.212; 146.70.201.212; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
an-x-request-uuid
1c2625e2-d1d0-4de5-aa2f-6c2867922e5b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control
no-store, no-cache, private
x-proxy-origin
146.70.201.212; 146.70.201.212; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 56BD 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.normantranscript.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
7151
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 09 Jan 2024 07:25:28 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 24 Dec 2023 05:31:43 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
400, 71207
X-Served-By
cache-lga13626-LGA, cache-nrt-rjtf7700051-NRT
X-Timer
S1704785128.489091,VS0,VE0
pd
jp-u.openx.net/w/1.0/ Frame 8F26 		958 B
550 B 		Document
General
Check archive.org
Download Go to
Full URL
https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
664a0b5d29e80da96dd3b49bde0ec7a8c8b9b18ddd9016361c24493ce8ebcf14

Request headers

Referer
https://www.normantranscript.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
531
content-type
text/html
date
Tue, 09 Jan 2024 07:25:28 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ixmatch.html
js-sec.indexww.com/um/ Frame 7164 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.normantranscript.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
212
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
842af24d2f43f64d-NRT
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 09 Jan 2024 07:25:28 GMT
expires
Tue, 09 Jan 2024 11:25:28 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 3561 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkTWYNAHE6yPgzsQt5Sru_H4X6XHKrTalG-eL9VlWfwlYQ_ytfm0oWp6Nhti8ZD89dWYnjqMYGfEVoFIWML3Rt7xdMSfENFkH3iHjOhtbW2p7_N96SoxDhxRg0NEnbKrQFlxAIiDipzwxqD7qQdRrKNlQAMJhU_tOwEIO2R3y-ljXDRwyuROMqI6d14brwDTiAF1-1kHAymkcyKYCvDNOhIc3JZOsTq7prU9SN2dI8wppGbMjIcRE4pXcr5VJetLm49ijb5XFAowCU59ubxJYGLubFiTMfaYINV8xBj9BiR4yvzKeqaPEPYEgK6G3zerTcHsnYk4U7mtN_rSQABlUNlsusJtucXaYx5H7ePddIAE3VE3Hw7KmSk4RaESl2vgDOJk4ZGgWIo-v7hwUrW6oKN8ji-LnPMOOpyfqXxkG1mb4SjuVRL6U&sai=AMfl-YSYFH_TezcM0uHbuX3ZCcF7v-NWTt076Z_kzBCXaoa33aRsB_OHX_N7RBVVf_iFFZsOW8qPBu64gqFmMSQL4FwuCP29jb6F_e8wI3hLk7L8Kcgn9eNcflBXWxaYMmQ&sig=Cg0ArKJSzHnDpBODx6qGEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/ Frame 3561 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 20:49:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
38160
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Jan 2024 20:49:28 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 3561 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704717871404979"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Jan 2024 07:25:28 GMT
5162135182230173113
tpc.googlesyndication.com/simgad/ Frame 3561 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5162135182230173113
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be210deb440885f06dafbb7ea741e0eb7f15a8d3a8b1b8ad3c778709fbac2aa2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Sun, 05 Jan 2025 07:48:20 GMT
date
Sat, 06 Jan 2024 07:48:20 GMT
x-content-type-options
nosniff
age
257828
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88298
x-xss-protection
0
last-modified
Sat, 16 Feb 2019 22:37:11 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
l
www.google.com/ads/measurement/ Frame 3561 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTwzM05crGon3L7bru0vXh4Dg_brGyMkxQ3eD6LpaOcThYB5fxgBWPKdHSuVH7cAbNm4B9uIHbVsoX0Eu--aY3BobhxrQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 2096 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssCf5U5tmJKDC_JZFZB8DJLWcyoCwOODtSmvcP6nHoVlJKYq8DARl3n4oDQPTxfkI7sIA8K1mj8uqwKMO3NaLunOFDOFdE2Dk1oH5wo53Gu3tQFkgPZ0epvDRdKuJ9vzgWSYOjQMvRVDPZhxWR98OD1joBrJ_069cMKHiKZ146cv5dL94L-ibd39LZyrWQBk6HetMIE0RzfHmh2fAivZA_w8ccRAEJIRXfKsiY2xeaxpV_oS04Nrx-mi3MGlN6IqSGttuPqoae0vjRcXQwrZtikRcjQYDij49eZtO1qy7DceuVyrIcIZVSLO_xbh21JFJE_3-tdav7_JyG3spaEP8vxV7R2bxCKZgd5pJVGHjwn5a2o5UQhWmLWPVqBIWX7KrZnda48wqWUI0nahhp3XyP7SZLYf4vInAeXTVbgO64Fem5nD_lJ_ho&sai=AMfl-YQZKK1-ogFgR1abLOWcNNTkznhtXQUnxApZqJvBrXu9yyVstg4z5MEKkZ56TL1ZyLruZ3GseA80iw14npy58pc4VYla8QWLaEE5WNW4NJvvVhLmu0RLXiV4HYM2NAM&sig=Cg0ArKJSzKHNU23jYr-GEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/ Frame 2096 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 20:49:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
38160
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Jan 2024 20:49:28 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 2096 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704717871404979"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Jan 2024 07:25:28 GMT
15558460583227675712
tpc.googlesyndication.com/simgad/ Frame 2096 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15558460583227675712
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7954c46e7d76a02168b257a49d06133db2dfbaef4e38d7299abc4e80abeeadc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 00:22:25 GMT
date
Tue, 09 Jan 2024 00:22:25 GMT
x-content-type-options
nosniff
age
25383
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88015
x-xss-protection
0
last-modified
Sat, 16 Feb 2019 22:40:24 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
l
www.google.com/ads/measurement/ Frame 2096 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTfk6Az-c6-z8wBLCzOyqwR1HENznoGnUGeMwYddCGpJfRgkquTXNlAtSeba6nB5emtwhE1mfDXpfjj3ITlA1i1JDJdBA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
css
fonts.googleapis.com/ 		1 KB
540 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins&display=swap
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D30312D30395F30397D7B7331353038393436337D7B433136367D7B53643364334C6D3576636D3168626E52795957357A59334A7063485175593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=2001%3Aac8%3A40%3A1e%3A%3A2e&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.129+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1704785127&csuuid=659cf4e72c63f&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.normantranscript.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=0&gdprConsent=&contentFeedId=&geoLati=35.6164&geoLong=139.7425&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.normantranscript.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e4240ee23e840bebe54c7c07512f10aee39ae8c0f3ddd6a692be08eb6a6875a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 09 Jan 2024 07:25:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 09 Jan 2024 05:42:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 Jan 2024 07:25:28 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BC61 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D30312D30395F30397D7B7331353038393436337D7B433136367D7B53643364334C6D3576636D3168626E52795957357A59334A7063485175593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=2001%3Aac8%3A40%3A1e%3A%3A2e&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.129+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1704785127&csuuid=659cf4e72c63f&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.normantranscript.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=0&gdprConsent=&contentFeedId=&geoLati=35.6164&geoLong=139.7425&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.normantranscript.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.39.216.189 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-216-189.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.normantranscript.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=54974
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 09 Jan 2024 07:25:28 GMT
expires
Tue, 09 Jan 2024 22:41:42 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 81C0
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26gdpr%3D0%26gdpr_consent%3D%26adv...
  • https://live.primis.tech/live/liveCS.php?source=external&gdpr=0&gdpr_consent=&advId=98&advUuid=d1621fbd-88cb-0eff-0969-aa600e92ace1
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=d1621fbd-88cb-0eff-0969-aa600e92ace1
43 B
847 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=d1621fbd-88cb-0eff-0969-aa600e92ace1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D30312D30395F30397D7B7331353038393436337D7B433136367D7B53643364334C6D3576636D3168626E52795957357A59334A7063485175593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=2001%3Aac8%3A40%3A1e%3A%3A2e&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.129+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1704785127&csuuid=659cf4e72c63f&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.normantranscript.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=0&gdprConsent=&contentFeedId=&geoLati=35.6164&geoLong=139.7425&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.normantranscript.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.65.185.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-71.nrt57.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://www.normantranscript.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
date
Tue, 09 Jan 2024 07:25:29 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
pragma
no-cache
via
1.1 18684d08f1c8a3056a0c5115ae29d06c.cloudfront.net (CloudFront)
x-amz-cf-id
-9Plkc1esKg8w5O4m7SPiJBPN0bjQwJxyP47ZUfbyV6MvPvUafu3WA==
x-amz-cf-pop
NRT57-P2
x-cache
Miss from cloudfront

Redirect headers

age
0
alt-svc
h3=":443"; ma=86400
cache-control
no-store
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 07:25:28 GMT
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=d1621fbd-88cb-0eff-0969-aa600e92ace1
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
server
nginx
via
1.1 c8ced8ee22fad477549815ea371867b2.cloudfront.net (CloudFront)
x-amz-cf-id
PmxBgqXS-56Q1yn5zc28tiNCNxcdE93QCzCYX4BX152Q5e_Nc54lYQ==
x-amz-cf-pop
KIX50-P2
x-cache
Miss from cloudfront
liveView.php
live.primis.tech/live/ Frame BFCA 		64 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlMwImNSUlRaZcZGViXmVxZwJwNwqxNWE2ODMkNmI3MwUmNDMyMxZ2nWQ2NTt1YmMmMwE4ODJwOTMjMwAjMDA5Lz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6SXyNnx0kTDNnpFcHVaZYryZeWzcKnx5dZGgOV0UlT0RNrE56STNNnyV6TxRNqzRgoGgOnyU0TyqNrx16SXuPRGq5WXcerx1ESXqNREF3T1M1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFM01EUTNOVEV5TURBp0NcQWqJQ0FcWyubq0ydo2qNVGN3TxReME9EUTRNQXA5LyBON0qMN3NIVFufWGy5Vx5jVU1nrXukqwt5MUJ6M05bM2uUOGqdWGcHnU0zqzyxX2NioaRyoaRsnWQ9NDAmODt3MSZ2nWRsY29hqGVhqF9xZXNwPU9uqG1yYWjeQ2FloWVfnXRuplZ2nWRsY29hqGVhqF90nXRfZT1PYXRgZWFfK0Nupz1yoGy0YXMzqzyxX2NioaRyoaRsZHVlYXRco249NmpzpGkuY2VgZW50U3RlZWFgVHyjZT0mJzRyYaVaSW5zo3JgYXRco249JaBfYXyfnXN0SWQ9MTE5NmUzrD00MDAzrT0lMwUzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3Lz5ipz1uoaRlYW5mY3JcpHQhY29gJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmQlRDMjMmElRDMjMmx1RwMjMmx3RDqCNmMmMTM1MmAmODM5MmQmNwMmN0Q3QwQmMmEmNwM2N0Q3QwUmNwQmMmY0MmM0QmZEMmU3NwYmNxQmMTY4NwI2RTUlNmx1OTU3MmU3QTU5MmM0QTpjNwM0ODUkNmU1OTMlMmx3NDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNDMjMmA3RDqCNTxmMwMlMmU3RDqCNwYmMTqEN0I0QmM3MmtmOTM4N0RGRUZFJzFjpE5uoWU9JzymQXBjPTAzYXBjSWQ9JzRcYWyxPSZupHBCqW5xoGVJZD1bqHRjplUmQSUlRvUlRaq3ql5ho3JgYW50pzFhp2NlnXB0LzNioSUlRvZupHBTqG9lZVVloD0zYXBjUHJcqzFwrVBioGywrT0zYXBjSXNQYWyxPSZupHBWZXJmnW9hPSZmZGg2PSZupHBEZXZyoG9jZXI9Jzqyo0kuqGx9MmUhNwE2NCZaZW9Mo25aPTEmOS43NDI1JaVmZXJJpEFxZHI9MwAjMSUmQWFwOCUmQTQjJTNBMWUyM0EyM0ElZSZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTIjLwAhNwA5OS4kMwxeU2FzYXJcJTJGNTM3LwM2JaNwnGFcow0kLwAyMxMkJTIkYW1ypzywYW5bo21yqG93oz1yZGyuLzNioSUlQmAjMDIkJTJDMSZjoGF5ZXJBpGyJZD0zYXZunWkDYW1jYWyaoaM9JzymQXBjSaM9MCZwp3V1nWQ9NwU5Y2Y0ZTplYmYmZvZwYaVmqGVlPTE3MDQ3ODUkMwt1Mmp=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D30312D30395F30397D7B7331353038393436337D7B433136367D7B53643364334C6D3576636D3168626E52795957357A59334A7063485175593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=2001%3Aac8%3A40%3A1e%3A%3A2e&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.129+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1704785127&csuuid=659cf4e72c63f&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.normantranscript.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=0&gdprConsent=&contentFeedId=&geoLati=35.6164&geoLong=139.7425&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.normantranscript.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:221e:e000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9d85df6a99b3005d6e56743b7385026d1d376d377afba738b946f702a4a53726

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:28 GMT
content-encoding
gzip
via
1.1 c8ced8ee22fad477549815ea371867b2.cloudfront.net (CloudFront)
age
0
x-amz-cf-pop
KIX50-P2
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
content-length
7531
pragma
no-cache
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.normantranscript.com
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-id
YYXmmHXOgHfS_nVpJ0mVThC6mKX6d9HjNX4PZdCTyAW_gwZChSLXrw==
liveView.php
live.primis.tech/live/ 		0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTpjNDp4NTElNlZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA1MTI5JaN0YT0jJat9NDAjJax9MwI1JaZcZF9jYXNmRG9gYWyhPXq3ql5ho3JgYW50pzFhp2NlnXB0LzNioSZmqWJJZD13q3phoz9loWFhqHJuoaNwpzyjqC5wo20zZGVvqWqJozZipz1uqGyiow0znXNBpHA9MCZmZGg2PSZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwM0MxQmMDMkMxQmMDM5NUYmMDM5N0Q3QwpmMmEmNTMjMmtmOTM0MmYmMmqEN0I0MmMkMmYmNwqEN0I1MmY0MmM2NDMmNEM2RDM1NmY2MmZEMmE2ODYlNxU1Mwp5NTx1NmM1N0E1OTMmNEE3MDYmNDt1MTp1NTxmMwM5NmQ3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmQmMDMjN0Q3QwU5MmImMwM1N0Q3QwY2MmE3RDqCNEMmNmM4MmxmODqERxVGRSZxnWFcZD0zqXNypxyjQWRxpw0lMDAkJTNBYWM4JTNBNDAyM0EkZSUmQSUmQTJyJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwElMC4jLwYjOTxhMTI5JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02NTywZwRyNmJwNwNzJzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzqxpHI9MCZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTEzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE3MDQ3ODUkMwt1MTtzqWyxPVNyn2yhZG9TUGkurWVlNwU5Y2Y0ZTp5ZWMlNCZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phoz9loWFhqHJuoaNwpzyjqC5wo20yMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9nWykJaB4nWQ9ZzI3YTU5ZDByOWU3MWMkODYkMmQ3MmE5ZGMkM2RyMWQ=
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:221e:e000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
content-encoding
gzip
via
1.1 c8ced8ee22fad477549815ea371867b2.cloudfront.net (CloudFront)
server
nginx
age
0
x-amz-cf-pop
KIX50-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
content-type
text/html; charset=UTF-8
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
Ymifs7ZlsvWFIVQKcYNWC-GHwft8qyBVeST9o6AquqisoLGDTG6nkw==
p-1ZHFxK2kGG5Cz.gif
pixel.quantserve.com/pixel/ Frame BFCA 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-1ZHFxK2kGG5Cz.gif?labels=publisher.22235.space.105129,adsize.400x225
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800e:21:46d:7e81:55ff:4c12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame BFCA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sekindo&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sekindo&bsw_param=4799ebae-c07a-47eb-9a10-229473514984&google_hm=NDc5OWViYWUtYzA3YS00N2ViLTlhMTAtMjI5NDczNTE0OTg0
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEEuPZXSndMkue6lRDnhvq0g&google_cver=1&ssp=sekindo&bsw_param=4799ebae-c07a-47eb-9a10-229473514984
  • https://live.primis.tech/live/liveCS.php?source=external&advId=92&advUuid=4799ebae-c07a-47eb-9a10-229473514984
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1267919208&3rdpcid=4799ebae-c07a-47eb-9a10-229473514984
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1267919208&3rdpcid=4799ebae-c07a-47eb-9a10-229473514984
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H3
Server
18.65.185.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-71.nrt57.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:29 GMT
via
1.1 18684d08f1c8a3056a0c5115ae29d06c.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
7IlxJCI99MzX7AJcKiagwgNTZhsO2gH7g4xrj6D4-gLzQQYPtR6InQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
via
1.1 c8ced8ee22fad477549815ea371867b2.cloudfront.net (CloudFront)
server
nginx
age
0
x-amz-cf-pop
KIX50-P2
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/html; charset=utf-8
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1267919208&3rdpcid=4799ebae-c07a-47eb-9a10-229473514984
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
5xOTTxWgOzWSBZ3FbnpI7EcRoNEE7iwe5Nh2xphNpey1ezwmCMMBfg==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame BFCA
Redirect Chain
  • https://csync.loopme.me/?pubid=11280&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D93%26advUuid%3D%7Bviewer_token%7D
  • https://live.primis.tech/live/liveCS.php?source=external&advId=93&advUuid=7cc5b1f4-e9b9-40a7-80e0-1002c3307362&gdpr_consent=null&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=417208643&3rdpcid=7cc5b1f4-e9b9-40a7-80e0-1002c3307362
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=417208643&3rdpcid=7cc5b1f4-e9b9-40a7-80e0-1002c3307362
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H3
Server
18.65.185.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-71.nrt57.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:29 GMT
via
1.1 18684d08f1c8a3056a0c5115ae29d06c.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
mXsXhL8PiqYJYB94cWKVwJatY64HOjCfsFhIM5rW9i7K3eQk3DtxMg==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
via
1.1 c8ced8ee22fad477549815ea371867b2.cloudfront.net (CloudFront)
server
nginx
age
0
x-amz-cf-pop
KIX50-P2
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/html; charset=utf-8
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=417208643&3rdpcid=7cc5b1f4-e9b9-40a7-80e0-1002c3307362
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
G1e51p6ewQ6XyWHh37UcWaBmvgFOdP1cOJlHIRokdppulBpwARIYgg==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame BFCA
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191923&gdpr=0&gdpr_consent=&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D99%26advUuid%3D
  • https://live.primis.tech/live/liveCS.php?source=external&advId=99&advUuid=ZZz06Og13FvJmt7L2nqK1gAA%265445
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2120880633&3rdpcid=ZZz06Og13FvJmt7L2nqK1gAA%265445
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2120880633&3rdpcid=ZZz06Og13FvJmt7L2nqK1gAA%265445
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H3
Server
18.65.185.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-71.nrt57.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:29 GMT
via
1.1 18684d08f1c8a3056a0c5115ae29d06c.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
046uEQat53ysjbMJP3zC6QkF_i2dVZ9fojR5oIVUYNDPXeVxOisjfg==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
via
1.1 c8ced8ee22fad477549815ea371867b2.cloudfront.net (CloudFront)
server
nginx
age
0
x-amz-cf-pop
KIX50-P2
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/html; charset=utf-8
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2120880633&3rdpcid=ZZz06Og13FvJmt7L2nqK1gAA%265445
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
LNH2w16ke0kRPJ7yVz6NYNlT4ueFyJ-EHYhwN9W60flyHNLwF_K_Lg==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame BFCA
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID
  • https://live.primis.tech/live/liveCS.php?source=external&advId=121&advUuid=3985768900622816671989
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=259151345&3rdpcid=3985768900622816671989
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=259151345&3rdpcid=3985768900622816671989
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H3
Server
18.65.185.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-71.nrt57.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:29 GMT
via
1.1 18684d08f1c8a3056a0c5115ae29d06c.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
G7-LsN66BO2Ig0SUcYvJIlNZRrofRdoihN7tN9P2nIE6nJ11B2ngBA==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
via
1.1 c8ced8ee22fad477549815ea371867b2.cloudfront.net (CloudFront)
server
nginx
age
0
x-amz-cf-pop
KIX50-P2
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/html; charset=utf-8
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=259151345&3rdpcid=3985768900622816671989
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
0pGbHWl39ruljGgn-MemDVzCjJT2YHsGEAHs2UUIUm9FM5hh3FjzlQ==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame BFCA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LR611SKG-F-I6SV&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LR611SKG-F-I6SV
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LR611SKG-F-I6SV
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H3
Server
18.65.185.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-71.nrt57.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:29 GMT
via
1.1 18684d08f1c8a3056a0c5115ae29d06c.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
mM8gMRFokwZyEpPREv7x8rUgoGtirad9EtT6lM8d2F6AtU5VhjJ2KA==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:29 GMT
via
1.1 c8ced8ee22fad477549815ea371867b2.cloudfront.net (CloudFront)
server
nginx
age
0
x-amz-cf-pop
KIX50-P2
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/html; charset=utf-8
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LR611SKG-F-I6SV
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
xmDW5_lRElbZwheUVAyeCf_2vlwWj382gDljmqAn5M3HMh-vRVuY1g==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame BFCA
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58818/sync?redir=true&gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&advId=128&advUuid=y-iYxNIulE2uL8pnDkDB8oorjfO_NmFtD5~A
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1028935272&3rdpcid=y-iYxNIulE2uL8pnDkDB8oorjfO_NmFtD5~A
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1028935272&3rdpcid=y-iYxNIulE2uL8pnDkDB8oorjfO_NmFtD5~A
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H3
Server
18.65.185.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-71.nrt57.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:29 GMT
via
1.1 18684d08f1c8a3056a0c5115ae29d06c.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
novbjH9z12WKLzOOTW-Y_SmlQgLMB0fhPJopWiwrRUR65P3zWGbUcg==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
via
1.1 c8ced8ee22fad477549815ea371867b2.cloudfront.net (CloudFront)
server
nginx
age
0
x-amz-cf-pop
KIX50-P2
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/html; charset=utf-8
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1028935272&3rdpcid=y-iYxNIulE2uL8pnDkDB8oorjfO_NmFtD5~A
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
LdG4ktOKwjPbKBnxYjaaTOBHpAKRNlmt3TLvMjpJzfkvCknkmqMhpg==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame BFCA
Redirect Chain
  • https://mb9eo.publishers.tremorhub.com/pubsync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D
  • https://mb9eo.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D
  • https://live.primis.tech/live/liveCS.php?source=external&advId=126&advUuid=1dff9ae3716e42868936ec61c6e83d66
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=584182936&3rdpcid=1dff9ae3716e42868936ec61c6e83d66
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=584182936&3rdpcid=1dff9ae3716e42868936ec61c6e83d66
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H3
Server
18.65.185.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-71.nrt57.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:29 GMT
via
1.1 18684d08f1c8a3056a0c5115ae29d06c.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
g5MVpyoQclQ-cAFUBQhGutqyf84FqIdVM-kloXx1HPLo6-dQIPLb8g==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
via
1.1 c8ced8ee22fad477549815ea371867b2.cloudfront.net (CloudFront)
server
nginx
age
0
x-amz-cf-pop
KIX50-P2
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/html; charset=utf-8
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=584182936&3rdpcid=1dff9ae3716e42868936ec61c6e83d66
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
jOlit1BK7tDpGicErxpxKdav9C9_EyZDrGqsJnJVdNIj6KDDWQ4s5Q==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame BFCA
Redirect Chain
  • https://cs.media.net/cksync?gdpr=0&gdpr_consent=&cs=34&type=pri&ovsid=659cf4e72c63f&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D127%26advUuid%3D%3Cvsid%3E
  • https://live.primis.tech/live/liveCS.php?source=external&advId=127&advUuid=3477867281272444000V10
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1723987475&3rdpcid=3477867281272444000V10
43 B
938 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1723987475&3rdpcid=3477867281272444000V10
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Server
18.65.185.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-71.nrt57.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
via
1.1 5383a3a3cc7bce128040f7b69eb4bc38.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P2
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
1YR3Bue2I-LPKijupfJOVjwnbOPtap_-KoxK7x8yBac9ALtReKqwtg==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
via
1.1 c8ced8ee22fad477549815ea371867b2.cloudfront.net (CloudFront)
server
nginx
age
0
x-amz-cf-pop
KIX50-P2
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/html; charset=utf-8
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1723987475&3rdpcid=3477867281272444000V10
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
EU2TDauDYJ3yHNe9IK7Cz5w_Tf0NvD9nh7MIy6o653aCLuwQJ9gnlQ==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame BFCA
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D130%26advUuid%3D%24UID
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D130%26advUuid%3D%24UID&sovrn_retry=true
  • https://live.primis.tech/live/liveCS.php?source=external&advId=130&advUuid=H9hdBLZHYS3hASfSTXOna_W_
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=396218182&3rdpcid=H9hdBLZHYS3hASfSTXOna_W_
43 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=396218182&3rdpcid=H9hdBLZHYS3hASfSTXOna_W_
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H3
Server
18.65.185.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-71.nrt57.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:29 GMT
via
1.1 18684d08f1c8a3056a0c5115ae29d06c.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
g5LGcVwJdS9ZoQtFqGg5ObPUKaB6FsDLpwYPWSCuFHVYi6SnQrvBlQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
via
1.1 c8ced8ee22fad477549815ea371867b2.cloudfront.net (CloudFront)
server
nginx
age
0
x-amz-cf-pop
KIX50-P2
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/html; charset=utf-8
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=396218182&3rdpcid=H9hdBLZHYS3hASfSTXOna_W_
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
LW4Y1hX-EA6tvI7BcgWBgHZRZXqax7L-nuCNbD-0Yz9WmPJ3USZwlA==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame BFCA
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3586&gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&advId=134&advUuid=adb911b6f5223de0bf4b614593e5f4&gdpr_consent=&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=484859127&3rdpcid=adb911b6f5223de0bf4b614593e5f4
43 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=484859127&3rdpcid=adb911b6f5223de0bf4b614593e5f4
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H3
Server
18.65.185.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-71.nrt57.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:29 GMT
via
1.1 18684d08f1c8a3056a0c5115ae29d06c.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
NE5QkTBFmdo6u5W6yMVLjgOPYr6CqQCF4zIeYD03WkThkBJ2v5ZCnQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:29 GMT
via
1.1 c8ced8ee22fad477549815ea371867b2.cloudfront.net (CloudFront)
server
nginx
age
0
x-amz-cf-pop
KIX50-P2
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/html; charset=utf-8
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=484859127&3rdpcid=adb911b6f5223de0bf4b614593e5f4
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
9o7Ei16441YKTgC38vzHcELJD7LrpDHKCPfdRQT7PHuus0iznFDSMg==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame BFCA
Redirect Chain
  • https://cs.admanmedia.com/3613a31b6329d1c17d5663d05b080db1.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D138%26advUuid%3D%5BUID%5D
  • https://live.primis.tech/live/liveCS.php?source=external&advId=138&advUuid=d49758ed-d19a-4b2e-a25a-ce6b218d9546
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2136778551&3rdpcid=d49758ed-d19a-4b2e-a25a-ce6b218d9546
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2136778551&3rdpcid=d49758ed-d19a-4b2e-a25a-ce6b218d9546
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H3
Server
18.65.185.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-71.nrt57.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:29 GMT
via
1.1 18684d08f1c8a3056a0c5115ae29d06c.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
Dl2rmpCGeBDQLBNbcX393xFTARc8q_fq_gulmFH2Tmgywa4HxjYPSA==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
via
1.1 c8ced8ee22fad477549815ea371867b2.cloudfront.net (CloudFront)
server
nginx
age
0
x-amz-cf-pop
KIX50-P2
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/html; charset=utf-8
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2136778551&3rdpcid=d49758ed-d19a-4b2e-a25a-ce6b218d9546
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
r-AGGLN0ehbVOt1eYHCekaeFs_HqsLQxxjwKq4axjNO3RT1SnFTsCQ==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame BFCA
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=21&redirectUri=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D140%26advUuid%3D%5Bssb_sync_pid%5D&gdpr=0&...
  • https://live.primis.tech/live/liveCS.php?source=external&advId=140&advUuid=4995439349706841471
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1881119486&3rdpcid=4995439349706841471
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1881119486&3rdpcid=4995439349706841471
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H3
Server
18.65.185.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-71.nrt57.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:29 GMT
via
1.1 18684d08f1c8a3056a0c5115ae29d06c.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
XWKxleLQ7ig9imAYTHtYbGEizOrr5DxO2Zrx5eeCXcuOu_H-ugpfMw==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:29 GMT
via
1.1 c8ced8ee22fad477549815ea371867b2.cloudfront.net (CloudFront)
server
nginx
age
0
x-amz-cf-pop
KIX50-P2
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/html; charset=utf-8
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1881119486&3rdpcid=4995439349706841471
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
v8xVWDiZZgEDJ-vSDMYgzWXWu63Sf85CGpgfjAyrkYZj6IhHZyC0zw==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame BFCA
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D143%26advUuid%3D%24UID
  • https://live.primis.tech/live/liveCS.php?source=external&advId=143&advUuid=4211865590473351281
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1697769766&3rdpcid=4211865590473351281
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1697769766&3rdpcid=4211865590473351281
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H3
Server
18.65.185.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-71.nrt57.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:30 GMT
via
1.1 18684d08f1c8a3056a0c5115ae29d06c.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
xG5bXGzXIm1LAr725WVTwnfodSFKkUkjK3_i04Xcs3ydvAKSLzh13w==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:29 GMT
via
1.1 c8ced8ee22fad477549815ea371867b2.cloudfront.net (CloudFront)
server
nginx
age
0
x-amz-cf-pop
KIX50-P2
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/html; charset=utf-8
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1697769766&3rdpcid=4211865590473351281
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
pSLgyY2IoXuhjGamzfxamEhbLzRYB1S4Ns_n7sP6g0Tq9MDSc_YN7A==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame BFCA
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=Wog2sp89&gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&advId=144&advUuid=256397b9-b916-422d-930d-65bf42cf8abb&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2011327056&3rdpcid=256397b9-b916-422d-930d-65bf42cf8abb
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2011327056&3rdpcid=256397b9-b916-422d-930d-65bf42cf8abb
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H3
Server
18.65.185.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-71.nrt57.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:29 GMT
via
1.1 18684d08f1c8a3056a0c5115ae29d06c.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
mdsfeO72G3PYKaiTEmG4uHnq5cxZ-uzPZd-MGVCr6V1EeQdx2vRtLQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
via
1.1 c8ced8ee22fad477549815ea371867b2.cloudfront.net (CloudFront)
server
nginx
age
0
x-amz-cf-pop
KIX50-P2
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/html; charset=utf-8
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2011327056&3rdpcid=256397b9-b916-422d-930d-65bf42cf8abb
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
ZLfS4GCiGM9OaF29P2E96ngaIhNnL9QnupkyHrq29J1qQTa9EiigaA==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame BFCA
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=primis&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/rmpssp?sub=primis&zcc=1&cb=1704785129382
  • https://ad.turn.com/r/cs?pid=45&rndcb=1429303648
  • https://sync.1rx.io/usersync/turn/7001959693255496791?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-3c1002fe-bb9c-41c0-9f0b-68218e11bef1-004?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D119%26advUuid%3DRX-3c...
  • https://live.primis.tech/live/liveCS.php?source=external&advId=119&advUuid=RX-3c1002fe-bb9c-41c0-9f0b-68218e11bef1-004
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=541745869&3rdpcid=RX-3c1002fe-bb9c-41c0-9f0b-68218e11bef1-004
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=541745869&3rdpcid=RX-3c1002fe-bb9c-41c0-9f0b-68218e11bef1-004
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H3
Server
18.65.185.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-71.nrt57.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:29 GMT
via
1.1 18684d08f1c8a3056a0c5115ae29d06c.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
i4tOEtqTtbaTsxBMdC1fDTgouV48G7n4-ZVobVq59HHKNeN9Bc6_Lg==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:29 GMT
via
1.1 c8ced8ee22fad477549815ea371867b2.cloudfront.net (CloudFront)
server
nginx
age
0
x-amz-cf-pop
KIX50-P2
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/html; charset=utf-8
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=541745869&3rdpcid=RX-3c1002fe-bb9c-41c0-9f0b-68218e11bef1-004
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
ugH-YNMM7dhd3JIEZGCN7VxSuRbzmBG09qxE-Fv9NGlmvXj_3LESNA==
vid6585c3321882c930200009.jpg
video.primis.tech/uploads/cn1/video/users/converted/22235/video_5df2c67d5a683172725343/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn1/video/users/converted/22235/video_5df2c67d5a683172725343/vid6585c3321882c930200009.jpg?cbuster=1703265079
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
104.129.130.39 Dallas, United States, ASN396949 (CLOUDWEBMANAGE-TX, US),
Reverse DNS
Software
Tengine /
Resource Hash
824136cfb19ecaf39b37a1dc0058de7fd0ec77583cead5f10397685ad3bd597c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Tue, 09 Jan 2024 07:25:29 GMT
via
1.1 fc5ebd2517d85e358aa686aaadd64c2a.cloudfront.net (CloudFront), 1.1 5d0a88af49a781b58b15e42d6f27f60a.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3, DFW57-P4
age
28208
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
28167
last-modified
Fri, 22 Dec 2023 17:13:15 GMT
server
Tengine
etag
"8f799a5f0c1703de10423a9ee34eb672"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=172800
accept-ranges
bytes
x-amz-cf-id
5IIbwUCEFrvKo3zFgJvzHhRyQQCjVON9zZ3ngRlCUMzhzBgpfeDBDw==
expires
Thu, 11 Jan 2024 07:25:29 GMT
truncated
/ Frame 3561 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ebe2589b08c0da03f07408fa93830a50a5065a5a5ac744208c62df3a55233529

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 2096 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d8bd4f7f60bd5866c47163d2c0ecd3bfd3aae969bc0c0345aec523146606c98f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
liveView.php
live.primis.tech/live/ Frame BFCA 		98 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlMwImNSUlRaZcZGViXmVxZwJwNwqxNWE2ODMkNmI3MwUmNDMyMxZ2nWQ2NTt1YmMmMwE4ODJwOTMjMwAjMDA5Lz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6SXyNnx0kTDNnpFcHVaZYryZeWzcKnx5dZGgOV0UlT0RNrE56STNNnyV6TxRNqzRgoGgOnyU0TyqNrx16SXuPRGq5WXcerx1ESXqNREF3T1M1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFM01EUTNOVEV5TURBp0NcQWqJQ0FcWyubq0ydo2qNVGN3TxReME9EUTRNQXA5LyBON0qMN3NIVFufWGy5Vx5jVU1nrXukqwt5MUJ6M05bM2uUOGqdWGcHnU0zqzyxX2NioaRyoaRsnWQ9NDAmODt3MSZ2nWRsY29hqGVhqF9xZXNwPU9uqG1yYWjeQ2FloWVfnXRuplZ2nWRsY29hqGVhqF90nXRfZT1PYXRgZWFfK0Nupz1yoGy0YXMzqzyxX2NioaRyoaRsZHVlYXRco249NmpzpGkuY2VgZW50U3RlZWFgVHyjZT0kJzRyYaVaSW5zo3JgYXRco249JaBfYXyfnXN0SWQ9MTE5NmUzrD03MwAzrT00MDUzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3Lz5ipz1uoaRlYW5mY3JcpHQhY29gJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmQlRDMjMmElRDMjMmx1RwMjMmx3RDqCNmMmMTM1MmAmODM5MmQmNwMmN0Q3QwQmMmEmNwM2N0Q3QwUmNwQmMmY0MmM0QmZEMmU3NwYmNxQmMTY4NwI2RTUlNmx1OTU3MmU3QTU5MmM0QTpjNwM0ODUkNmU1OTMlMmx3NDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNDMjMmA3RDqCNTxmMwMlMmU3RDqCNwYmMTqEN0I0QmM3MmtmOTM4N0RGRUZFJzFjpE5uoWU9JzymQXBjPTAzYXBjSWQ9JzRcYWyxPSZupHBCqW5xoGVJZD1bqHRjplUmQSUlRvUlRaq3ql5ho3JgYW50pzFhp2NlnXB0LzNioSUlRvZupHBTqG9lZVVloD0zYXBjUHJcqzFwrVBioGywrT0zYXBjSXNQYWyxPSZupHBWZXJmnW9hPSZmZGg2PSZupHBEZXZyoG9jZXI9Jzqyo0kuqGx9MmUhNwE2NCZaZW9Mo25aPTEmOS43NDI1JaVmZXJJpEFxZHI9MwAjMSUmQWFwOCUmQTQjJTNBMWUyM0EyM0ElZSZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTIjLwAhNwA5OS4kMwxeU2FzYXJcJTJGNTM3LwM2JaNwnGFcow0kLwAyMxMkJTIkYW1ypzywYW5bo21yqG93oz1yZGyuLzNioSUlQmAjMDIkJTJDMSZjoGF5ZXJBpGyJZD0zYXZunWkDYW1jYWyaoaM9JzymQXBjSaM9MCZwp3V1nWQ9NwU5Y2Y0ZTplYmYmZvZwYaVmqGVlPTE3MDQ3ODUkMwt1NwA=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D30312D30395F30397D7B7331353038393436337D7B433136367D7B53643364334C6D3576636D3168626E52795957357A59334A7063485175593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=2001%3Aac8%3A40%3A1e%3A%3A2e&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.129+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1704785127&csuuid=659cf4e72c63f&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.normantranscript.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=0&gdprConsent=&contentFeedId=&geoLati=35.6164&geoLong=139.7425&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.normantranscript.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:221e:e000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4aa0edc4e4301bf988655f910232bc0138ab0203b700ef7c01e226e090cf0290

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:28 GMT
content-encoding
gzip
via
1.1 c8ced8ee22fad477549815ea371867b2.cloudfront.net (CloudFront)
age
0
x-amz-cf-pop
KIX50-P2
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
content-length
11016
pragma
no-cache
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.normantranscript.com
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-id
-v-smRgwILGxFluBBG_zHxYktP1atmC_fD3KG88snPzwWDqjx6Dy9w==
liveView.php
live.primis.tech/live/ Frame BFCA 		97 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlMwImNSUlRaZcZGViXmVxZwJwNwqxNWE2ODMkNmI3MwUmNDMyMxZ2nWQ2NTt1YmMmMwE4ODJwOTMjMwAjMDA5Lz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6SXyNnx0kTDNnpFcHVaZYryZeWzcKnx5dZGgOV0UlT0RNrE56STNNnyV6TxRNqzRgoGgOnyU0TyqNrx16SXuPRGq5WXcerx1ESXqNREF3T1M1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFM01EUTNOVEV5TURBp0NcQWqJQ0FcWyubq0ydo2qNVGN3TxReME9EUTRNQXA5LyBON0qMN3NIVFufWGy5Vx5jVU1nrXukqwt5MUJ6M05bM2uUOGqdWGcHnU0zqzyxX2NioaRyoaRsnWQ9NDAmODt3MSZ2nWRsY29hqGVhqF9xZXNwPU9uqG1yYWjeQ2FloWVfnXRuplZ2nWRsY29hqGVhqF90nXRfZT1PYXRgZWFfK0Nupz1yoGy0YXMzqzyxX2NioaRyoaRsZHVlYXRco249NmpzpGkuY2VgZW50U3RlZWFgVHyjZT0kJzRyYaVaSW5zo3JgYXRco249JaBfYXyfnXN0SWQ9MTE5NmUzrD03MwAzrT00MDUzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3Lz5ipz1uoaRlYW5mY3JcpHQhY29gJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmQlRDMjMmElRDMjMmx1RwMjMmx3RDqCNmMmMTM1MmAmODM5MmQmNwMmN0Q3QwQmMmEmNwM2N0Q3QwUmNwQmMmY0MmM0QmZEMmU3NwYmNxQmMTY4NwI2RTUlNmx1OTU3MmU3QTU5MmM0QTpjNwM0ODUkNmU1OTMlMmx3NDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNDMjMmA3RDqCNTxmMwMlMmU3RDqCNwYmMTqEN0I0QmM3MmtmOTM4N0RGRUZFJzFjpE5uoWU9JzymQXBjPTAzYXBjSWQ9JzRcYWyxPSZupHBCqW5xoGVJZD1bqHRjplUmQSUlRvUlRaq3ql5ho3JgYW50pzFhp2NlnXB0LzNioSUlRvZupHBTqG9lZVVloD0zYXBjUHJcqzFwrVBioGywrT0zYXBjSXNQYWyxPSZupHBWZXJmnW9hPSZmZGg2PSZupHBEZXZyoG9jZXI9Jzqyo0kuqGx9MmUhNwE2NCZaZW9Mo25aPTEmOS43NDI1JaVmZXJJpEFxZHI9MwAjMSUmQWFwOCUmQTQjJTNBMWUyM0EyM0ElZSZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTIjLwAhNwA5OS4kMwxeU2FzYXJcJTJGNTM3LwM2JaNwnGFcow0kLwAyMxMkJTIkYW1ypzywYW5bo21yqG93oz1yZGyuLzNioSUlQmAjMDIkJTJDMSZjoGF5ZXJBpGyJZD0zYXZunWkDYW1jYWyaoaM9JzymQXBjSaM9MCZwp3V1nWQ9NwU5Y2Y0ZTplYmYmZvZwYaVmqGVlPTE3MDQ3ODUkMwt1NwE=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D30312D30395F30397D7B7331353038393436337D7B433136367D7B53643364334C6D3576636D3168626E52795957357A59334A7063485175593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=2001%3Aac8%3A40%3A1e%3A%3A2e&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.129+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1704785127&csuuid=659cf4e72c63f&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.normantranscript.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=0&gdprConsent=&contentFeedId=&geoLati=35.6164&geoLong=139.7425&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.normantranscript.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:221e:e000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a12387bcda7d3ea874cd9930ef36f19d9258cc712394237e4be8bdec48dcc385

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:28 GMT
content-encoding
gzip
via
1.1 c8ced8ee22fad477549815ea371867b2.cloudfront.net (CloudFront)
age
0
x-amz-cf-pop
KIX50-P2
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
content-length
10997
pragma
no-cache
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.normantranscript.com
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-id
AwS1uteGu6HPyuBBvMpbtKfl3I0702n0cZcDEBnzBRyeO6AJA7opbA==
liveView.php
live.primis.tech/live/ Frame BFCA 		64 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlMwImNSUlRaZcZGViXmVxZwJwNwqxNWE2ODMkNmI3MwUmNDMyMxZ2nWQ2NTt1YmMmMwE4ODJwOTMjMwAjMDA5Lz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6SXyNnx0kTDNnpFcHVaZYryZeWzcKnx5dZGgOV0UlT0RNrE56STNNnyV6TxRNqzRgoGgOnyU0TyqNrx16SXuPRGq5WXcerx1ESXqNREF3T1M1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFM01EUTNOVEV5TURBp0NcQWqJQ0FcWyubq0ydo2qNVGN3TxReME9EUTRNQXA5LyBON0qMN3NIVFufWGy5Vx5jVU1nrXukqwt5MUJ6M05bM2uUOGqdWGcHnU0zqzyxX2NioaRyoaRsnWQ9NDAmODt3MSZ2nWRsY29hqGVhqF9xZXNwPU9uqG1yYWjeQ2FloWVfnXRuplZ2nWRsY29hqGVhqF90nXRfZT1PYXRgZWFfK0Nupz1yoGy0YXMzqzyxX2NioaRyoaRsZHVlYXRco249NmpzpGkuY2VgZW50U3RlZWFgVHyjZT0mJzRyYaVaSW5zo3JgYXRco249JaBfYXyfnXN0SWQ9MTE5NmUzrD03MwAzrT00MDUzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3Lz5ipz1uoaRlYW5mY3JcpHQhY29gJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmQlRDMjMmElRDMjMmx1RwMjMmx3RDqCNmMmMTM1MmAmODM5MmQmNwMmN0Q3QwQmMmEmNwM2N0Q3QwUmNwQmMmY0MmM0QmZEMmU3NwYmNxQmMTY4NwI2RTUlNmx1OTU3MmU3QTU5MmM0QTpjNwM0ODUkNmU1OTMlMmx3NDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNDMjMmA3RDqCNTxmMwMlMmU3RDqCNwYmMTqEN0I0QmM3MmtmOTM4N0RGRUZFJzFjpE5uoWU9JzymQXBjPTAzYXBjSWQ9JzRcYWyxPSZupHBCqW5xoGVJZD1bqHRjplUmQSUlRvUlRaq3ql5ho3JgYW50pzFhp2NlnXB0LzNioSUlRvZupHBTqG9lZVVloD0zYXBjUHJcqzFwrVBioGywrT0zYXBjSXNQYWyxPSZupHBWZXJmnW9hPSZmZGg2PSZupHBEZXZyoG9jZXI9Jzqyo0kuqGx9MmUhNwE2NCZaZW9Mo25aPTEmOS43NDI1JaVmZXJJpEFxZHI9MwAjMSUmQWFwOCUmQTQjJTNBMWUyM0EyM0ElZSZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTIjLwAhNwA5OS4kMwxeU2FzYXJcJTJGNTM3LwM2JaNwnGFcow0kLwAyMxMkJTIkYW1ypzywYW5bo21yqG93oz1yZGyuLzNioSUlQmAjMDIkJTJDMSZjoGF5ZXJBpGyJZD0zYXZunWkDYW1jYWyaoaM9JzymQXBjSaM9MCZwp3V1nWQ9NwU5Y2Y0ZTplYmYmZvZwYaVmqGVlPTE3MDQ3ODUkMwt1NwE=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D30312D30395F30397D7B7331353038393436337D7B433136367D7B53643364334C6D3576636D3168626E52795957357A59334A7063485175593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=2001%3Aac8%3A40%3A1e%3A%3A2e&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.129+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1704785127&csuuid=659cf4e72c63f&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.normantranscript.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=0&gdprConsent=&contentFeedId=&geoLati=35.6164&geoLong=139.7425&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.normantranscript.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:221e:e000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0ff4cafb9b65b8d737d6e8077e011fdbad534bfe228eadfe9c084a794643caa0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:28 GMT
content-encoding
gzip
via
1.1 c8ced8ee22fad477549815ea371867b2.cloudfront.net (CloudFront)
age
0
x-amz-cf-pop
KIX50-P2
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
content-length
8437
pragma
no-cache
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.normantranscript.com
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-id
SeLnIz6SDakMHQdlx2fZ-XB5WAinw5cn-SOZWMmLkUUl0i3Kc34LEg==
liveView.php
live.primis.tech/live/ Frame BFCA 		132 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlMwImNSUlRaZcZGViXmVxZwJwNwqxNWE2ODMkNmI3MwUmNDMyMxZ2nWQ2NTt1YmMmMwE4ODJwOTMjMwAjMDA5Lz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6SXyNnx0kTDNnpFcHVaZYryZeWzcKnx5dZGgOV0UlT0RNrE56STNNnyV6TxRNqzRgoGgOnyU0TyqNrx16SXuPRGq5WXcerx1ESXqNREF3T1M1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFM01EUTNOVEV5TURBp0NcQWqJQ0FcWyubq0ydo2qNVGN3TxReME9EUTRNQXA5LyBON0qMN3NIVFufWGy5Vx5jVU1nrXukqwt5MUJ6M05bM2uUOGqdWGcHnU0zqzyxX2NioaRyoaRsnWQ9NDAmODt3MSZ2nWRsY29hqGVhqF9xZXNwPU9uqG1yYWjeQ2FloWVfnXRuplZ2nWRsY29hqGVhqF90nXRfZT1PYXRgZWFfK0Nupz1yoGy0YXMzqzyxX2NioaRyoaRsZHVlYXRco249NmpzpGkuY2VgZW50U3RlZWFgVHyjZT0mJzRyYaVaSW5zo3JgYXRco249JaBfYXyfnXN0SWQ9MTE5NmUzrD03MwAzrT00MDUzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3Lz5ipz1uoaRlYW5mY3JcpHQhY29gJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmQlRDMjMmElRDMjMmx1RwMjMmx3RDqCNmMmMTM1MmAmODM5MmQmNwMmN0Q3QwQmMmEmNwM2N0Q3QwUmNwQmMmY0MmM0QmZEMmU3NwYmNxQmMTY4NwI2RTUlNmx1OTU3MmU3QTU5MmM0QTpjNwM0ODUkNmU1OTMlMmx3NDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNDMjMmA3RDqCNTxmMwMlMmU3RDqCNwYmMTqEN0I0QmM3MmtmOTM4N0RGRUZFJzFjpE5uoWU9JzymQXBjPTAzYXBjSWQ9JzRcYWyxPSZupHBCqW5xoGVJZD1bqHRjplUmQSUlRvUlRaq3ql5ho3JgYW50pzFhp2NlnXB0LzNioSUlRvZupHBTqG9lZVVloD0zYXBjUHJcqzFwrVBioGywrT0zYXBjSXNQYWyxPSZupHBWZXJmnW9hPSZmZGg2PSZupHBEZXZyoG9jZXI9Jzqyo0kuqGx9MmUhNwE2NCZaZW9Mo25aPTEmOS43NDI1JaVmZXJJpEFxZHI9MwAjMSUmQWFwOCUmQTQjJTNBMWUyM0EyM0ElZSZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTIjLwAhNwA5OS4kMwxeU2FzYXJcJTJGNTM3LwM2JaNwnGFcow0kLwAyMxMkJTIkYW1ypzywYW5bo21yqG93oz1yZGyuLzNioSUlQmAjMDIkJTJDMSZjoGF5ZXJBpGyJZD0zYXZunWkDYW1jYWyaoaM9JzymQXBjSaM9MCZwp3V1nWQ9NwU5Y2Y0ZTplYmYmZvZwYaVmqGVlPTE3MDQ3ODUkMwt1NwI=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D30312D30395F30397D7B7331353038393436337D7B433136367D7B53643364334C6D3576636D3168626E52795957357A59334A7063485175593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=2001%3Aac8%3A40%3A1e%3A%3A2e&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.129+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1704785127&csuuid=659cf4e72c63f&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.normantranscript.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=0&gdprConsent=&contentFeedId=&geoLati=35.6164&geoLong=139.7425&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.normantranscript.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:221e:e000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
876dbc70e7dd041dadeada2399c6550b193025e4140bc0f74f7614f1a2b6c263

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:28 GMT
content-encoding
gzip
via
1.1 c8ced8ee22fad477549815ea371867b2.cloudfront.net (CloudFront)
age
0
x-amz-cf-pop
KIX50-P2
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
content-length
13830
pragma
no-cache
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.normantranscript.com
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-id
z5EBM1YNNErUpR4CzgpReIIbeDMc8FBS8sc3_I2_Yiq2Bt5SNwr7uQ==
ecm3
s.amazon-adsystem.com/ Frame 261B 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=256397b9-b916-422d-930d-65bf42cf8abb
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 07:25:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1GCT3NF2R8ZB2K87FJZG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 261B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=MjU2Mzk3YjktYjkxNi00MjJkLTkzMGQtNjViZjQyY2Y4YWJi
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
18.138.179.14 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-138-179-14.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:28 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 261B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=5e1cdb2f-412b-4a5e-93a4-04564d7f3206&gdpr=0&gdpr_consent=
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=5e1cdb2f-412b-4a5e-93a4-04564d7f3206&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
18.138.179.14 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-138-179-14.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:28 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=5e1cdb2f-412b-4a5e-93a4-04564d7f3206&gdpr=0&gdpr_consent=
date
Tue, 09 Jan 2024 07:25:28 GMT
server
Kestrel
content-length
323
Pug
simage2.pubmatic.com/AdServer/ Frame 261B
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156557&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156557%26pr%3Dhttps%253A%252F%252Fmatch.sharethrough.com%252F...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5e1cdb2f-412b-4a5e-93a4-04564d7f3206&gdpr=0&gdpr_consent=
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5e1cdb2f-412b-4a5e-93a4-04564d7f3206&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 01:18:33 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5e1cdb2f-412b-4a5e-93a4-04564d7f3206&gdpr=0&gdpr_consent=
date
Tue, 09 Jan 2024 07:25:28 GMT
server
Kestrel
content-length
355
v1
match.sharethrough.com/sync/ Frame 261B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sharethrough&user_id=256397b9-b916-422d-930d-65bf42cf8abb&gdpr=0&gdpr_consent=&gdpr_pd=1&us_privacy=&expires=365
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=sharethrough
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=sharethrough
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=4211865590473351281&ssp=sharethrough
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=4799ebae-c07a-47eb-9a10-229473514984&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=4799ebae-c07a-47eb-9a10-229473514984&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
18.138.179.14 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-138-179-14.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:29 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Location
//match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=4799ebae-c07a-47eb-9a10-229473514984&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Date
Tue, 09 Jan 2024 07:25:29 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sd
us-u.openx.net/w/1.0/ Frame 8F26
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=708312F921DC425A8575B9AF760C19C9
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=708312F921DC425A8575B9AF760C19C9
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Tue, 09 Jan 2024 07:25:28 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=708312F921DC425A8575B9AF760C19C9
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 08 Jan 2024 07:25:28 GMT
redirect
match.rundsp.com/ Frame 8F26 		0
0
19cb1bfc173dcb98ccec
s.amazon-adsystem.com/x/ Frame 8F26 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/19cb1bfc173dcb98ccec
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
sd
us-u.openx.net/w/1.0/ Frame 8F26
Redirect Chain
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=J6e8nzE01Rn6uk5
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072979&val=J6e8nzE01Rn6uk5
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:29 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 07:25:28 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-019419e25e51af8eb@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Location
https://us-u.openx.net/w/1.0/sd?id=537072979&val=J6e8nzE01Rn6uk5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 8F26
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZZz06AANCqNeaQAM
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZZz06AANCqNeaQAM&_test=ZZz06AANCqNeaQAM
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZZz06AANCqNeaQAM&_test=ZZz06AANCqNeaQAM
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-nrt-rjtf7700078-NRT
pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
via
1.1 varnish
server
Varnish
x-timer
S1704785129.857899,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZZz06AANCqNeaQAM&_test=ZZz06AANCqNeaQAM
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sd
u.openx.net/w/1.0/ Frame 8F26
Redirect Chain
  • https://sync-axelmark-dsp.focas.jp/sync/opx
  • https://u.openx.net/w/1.0/sd?gdpr=0&gdpr_consent=&id=559785451&val=zAPD3yeXdsBxnxgR48yuHBbjvml5FetnRHx22yzRMcqgu6z4
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?gdpr=0&gdpr_consent=&id=559785451&val=zAPD3yeXdsBxnxgR48yuHBbjvml5FetnRHx22yzRMcqgu6z4
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Tue, 09 Jan 2024 07:25:28 GMT
content-encoding
gzip
via
1.1 google
server
Google Frontend
vary
Accept-Encoding
content-type
text/html
location
https://u.openx.net/w/1.0/sd?gdpr=0&gdpr_consent=&id=559785451&val=zAPD3yeXdsBxnxgR48yuHBbjvml5FetnRHx22yzRMcqgu6z4
x-cloud-trace-context
229fddbd1cac657a9c897e1ee7b72a2c
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
openx
tr.blismedia.com/v1/api/sync/ Frame 8F26 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/openx
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:28 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sd
jp-u.openx.net/w/1.0/ Frame 8F26
Redirect Chain
  • https://bk.r-ad.ne.jp/3/cs
  • https://jp-u.openx.net/w/1.0/sd?id=537097918&val=58F7PS01NBDE8006O8qw
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537097918&val=58F7PS01NBDE8006O8qw
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-store, no-cache
Date
Tue, 09 Jan 2024 07:25:28 GMT
Server
nginx
P3P
CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location
//jp-u.openx.net/w/1.0/sd?id=537097918&val=58F7PS01NBDE8006O8qw
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
X-SID
159f32b0
pxd
dps.jp.cinarra.com/ Frame 8F26 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=1&USER_ID=4075640d-da58-cc40-4704-8e177146500a
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.114.76.12 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-114-76-12.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:28 GMT
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 8F26
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=268
  • https://us-u.openx.net/w/1.0/sd?id=537082476&val=myx19p-sU3h8tHODeScjhZJGydQ
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537082476&val=myx19p-sU3h8tHODeScjhZJGydQ
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:29 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537082476&val=myx19p-sU3h8tHODeScjhZJGydQ
Date
Tue, 09 Jan 2024 07:25:29 GMT
Connection
keep-alive
Content-Length
103
Content-Type
text/html; charset=utf-8
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.normantranscript.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 09:26:17 GMT
x-content-type-options
nosniff
age
511151
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Jan 2025 09:26:17 GMT
async_usersync
ib.adnxs.com/ Frame 56BD 		0
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.179 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
an-x-request-uuid
811383e4-c3aa-421a-8faa-11fc44792325
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
146.70.201.212; 146.70.201.212; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame CE37 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.normantranscript.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38e737940b4c53b8765c5b403da9014428d0f203f10dc6bde09f2b9760acd17d

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
842af24e4f65af7f-NRT
content-encoding
br
content-type
text/html
date
Tue, 09 Jan 2024 07:25:28 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ocR0Um%2FX9WrIlO0WpwXnCn5NWv4wOqYaTjj%2BQoB3smMAKTgxdUGb7djXzsxihe20oNEBsXerOhMcSrDv3fupGyBZn%2BaRntp0QkHCYmiH9O4%2Bd2U8LxYw0FSF%2B9r8BD6%2FLuXK%2Buymz6xOrg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
adspsp.com/pt/1710310/12/2/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/1710310/12/2/?a=2,a2lr611qegPHxdYpLFAE,7S9I3Z5wjH&aa=01CihRyu.gN&b=2:2,14,0,0,0,true,0,,0,0,U466a466e8718a55,adb_leaderboard_mid,%2F9869277%2Fcnhi%2Fthenormantranscript%2Ftotalaudience&b=2:2,3,0,0,0,true,0,,0,0,U486e41c87c3e4d1,adb_leaderboard_btf,%2F9869277%2Fcnhi%2Fthenormantranscript%2Ftotalaudience&b=2:2,11,0,0,0,true,0,,0,0,U49dc833a349efc1,adb_floorboard,%2F9869277%2Fcnhi%2Fthenormantranscript%2Frichmedia&b=2:2,6,22h8pxy,10rpxnh,1rikkz8b,,236vghz,8c`6y,1rikkz8b,236vghz,U437129712f5ca35,adb_mediumRectangle_btf2_flex,%2F9869277%2Fcnhi%2Fthenormantranscript%2Ftotalaudience&b=2:2,7,22h8pxy,10rpxnh,1rikkz8z,,236vgi2,8c`6y,1rikkz8z,236vgi2,U47b5bcee3def621,adb_mediumRectangle_btf3_flex,%2F9869277%2Fcnhi%2Fthenormantranscript%2Ftotalaudience&e=&c=https%3A%2F%2Fwww.normantranscript.com%2F&d=&f=1.lr611o05.1T1vg.2T2k7&g=2T40z&u=f0278789:lim1hwav:3i2&v=18g.xc.0.7c0.1.0&m=z&zi=adb_leaderboard_mid,totalaudience,14,U466a466e8718a55,adb_leaderboard_btf,3,U486e41c87c3e4d1,adb_floorboard,richmedia,11,U49dc833a349efc1,adb_mediumRectangle_btf2_flex,6,U437129712f5ca35,adb_mediumRectangle_btf3_flex,7,U47b5bcee3def621&z=0,1,2,3:.,1,1584x0,dr,23gt.0,2jh,0070&z=4,1,5,6:.,1,1584x0,dr,26j1.0,5lp,0070&z=7,8,9,a:.,1,1600x90,dr,4uu.0,k,0070&z=b,1,c,d:.,1,2,dt,23ho.0,2kc,0072&z=e,1,f,g:.,1,2,dt,24rc.0,3u0,0072&rnd=1704785128745
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.196.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-196-6.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 3561 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuGA_uD91WQ9rwwF1hsZuir9yKwQZlalcuumvUyaSeLoXjPXC21qnq4Bg5KIVHuXZBGYgNzCkx3Fy9QMWS5zCILIq_YTDxQKiInT9c_FjqWlrcS0rTvQ1dMAXmXzFLL532cNsVlbt5RTuNUGzmOFuLkREQDlTpCF917e51-4piaQZCx1XHV-Py1HnnKGEvfTO7p7gCmZ-boX_ys8-w06VfGl-AoXVDbRTu-_rmYB_x1dY6aJc-2B8_LiTK40nHzHuApYWATJSXCY9_a8l9UUhj7eF8iHxpRBESjmI-HKe-ynmQw5qGWaB0RDmChgRWSZc2wS9xu_xnuxLMDG4-kK7ZU5_OgdgFIxBfVpXm05hQwcPFYoHfN0zZwxjeYuH0jwk55dtro6eVlwQZc14emhA_JuoVb30mw9C7Rh9A&sai=AMfl-YT8qrBP_05vXTFTdE5hdLubEKsHvX3p6BUfA--QaMpD8tQ_yC80U3dZdmclgu4ouuQTwogOC17CDYnJQtgCd6ouc_rK4197UAaUq0CudVu2rmJF2Tt_x-yhjBwY1QE&sig=Cg0ArKJSzABFkNU4wPJeEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 09 Jan 2024 07:25:28 GMT
crum
dsum-sec.casalemedia.com/ Frame CE37
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZZz06Og13FvJmt7L2nqK1gAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEO-TO6T57lHSokgheuxGtUs&google_cver=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEO-TO6T57lHSokgheuxGtUs&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.normantranscript.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qdPyPHnzWgbY7bAQo%2BZWz27D%2F1A1l9Ck1NYJSCjr4QpwVo9ewkrW1rB8hcj66K5F73PmwJ%2FMONfnEpw0Y7%2Fm2EU%2FBh8B4jS%2Bt2dhpNGZw8jOMS0MJYlSIn1i11em2bAO0Y6YYoFPxosvqg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
842af24f3858af7f-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEO-TO6T57lHSokgheuxGtUs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame CE37
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2338458340105893363
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2338458340105893363
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.normantranscript.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F1IJ8rmlwJksSyhG2S1sLIB7juA9Hy2yHQeRIJHgP6SjWuA%2Fdoz%2F9s6ZpEToBlekdn%2BVlUAin5LVPmAuixa%2FqOknH8ujcqyceKYxm1D27vdmJXptRZOmuuSsdUZ3roAZ4hFcxK5qNFxPsg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
842af24f4867af7f-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
an-x-request-uuid
bb8f8766-6010-442a-8ddf-0941bf38b1ed
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2338458340105893363
x-proxy-origin
146.70.201.212; 146.70.201.212; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ZZz06Og13FvJmt7L2nqK1gAAFUUAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame CE37 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZZz06Og13FvJmt7L2nqK1gAAFUUAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.normantranscript.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:da18:929:5a01:4f7c:de84:79b9:a7e6 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
ZZz06Og13FvJmt7L2nqK1gAAFUUAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame CE37
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZZz06Og13FvJmt7L2nqK1gAAFUUAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZZz06Og13FvJmt7L2nqK1gAAFUUAAAIB
43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZZz06Og13FvJmt7L2nqK1gAAFUUAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.normantranscript.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2406:da18:929:5a01:4f7c:de84:79b9:a7e6 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZZz06Og13FvJmt7L2nqK1gAAFUUAAAIB
date
Tue, 09 Jan 2024 07:25:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame CE37
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=myx19p-sU3h8tHODeScjhZJGydQ
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=myx19p-sU3h8tHODeScjhZJGydQ
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.normantranscript.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nFG7SwOf%2BDqxZlk8i4FFO5JjwnHBKdLX0teoIeJiDivzJn0ECe%2B0UEAO1rcWaLb5jlA6M7m1o2nlHdpVWo3ntepFv7LN%2FYNL06JTRjyMJq%2F%2BssYpkvUeIY8t6Z1GcMUeXYb7EmpqN8aeGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
842af2530c31af7f-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=myx19p-sU3h8tHODeScjhZJGydQ
Date
Tue, 09 Jan 2024 07:25:29 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
ie
match.prod.bidr.io/cookie-sync/ Frame CE37 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.normantranscript.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.69.213.237 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-69-213-237.ap-northeast-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 09 Jan 2024 07:25:28 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame CE37
Redirect Chain
  • https://dynalyst-sync.adtdp.com/cookie/sync?pid=43
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=216&external_user_id=AYztHK1_qfYWqrdw2HI
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=216&external_user_id=AYztHK1_qfYWqrdw2HI
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.normantranscript.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lak6IpZCR6F%2FCokADt2SdR5%2FaKa%2B2xqDiUvff8OzNWg4i8QsYmoieMBC%2F35gDlHZ5nu2Qn2VcD4DYTFHe1Dro2hkn47%2BWimdS5De0M0jGH4xCbxvd7ZuUv30CCPzAgZlOfxyS9j0Sqkr%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
842af24f3857af7f-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=216&external_user_id=AYztHK1_qfYWqrdw2HI
Date
Tue, 09 Jan 2024 07:25:28 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame CE37
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=5333a222-cac2-4a3f-8cc0-09e88e506348&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=5333a222-cac2-4a3f-8cc0-09e88e506348&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.normantranscript.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ZbV%2FhJe9fv8bsltU1Z1ruohJ5qne%2FrN7COXeH3cVFCzx3J9Q36kjnx133ui1GxbSjSjtjl%2F1YP524KGSMmYgKwAAQAP0kH3vDJMjxdpT50In1yIaKyPNQ3wPWUQyvWDY9VicxSEaZjpGw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
842af2521b2daf7f-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=5333a222-cac2-4a3f-8cc0-09e88e506348&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Tue, 09 Jan 2024 07:25:29 GMT
server
_
content-length
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame CE37 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZZz06Og13FvJmt7L2nqK1gAA%265445
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.normantranscript.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:28 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
42085
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
842af24f18e2f64d-NRT
content-length
43
expires
Wed, 10 Jan 2024 07:25:28 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2096 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstsC2Q1o9kkz_yapNagRRylMaFBBAgkL5_GtqafZYUa1uN6IYACA3JDnArjdOmQF-QnCDccFwMwzHtlxv_J56HjFbwwQ8Yo9S6vDc25XvI9ea0Rpor675-mxzeEkxNn8oJ4zmcBs6RNSsdTqWG7WT05QK3NOkIIfFxyaWcvGSpYF-f-I5uY-45Pvpcu3tOGLAfmoJAdFrihhP1fge0wkwjMHXqtyuubbS9zJhkOMvLd6fvLeu3uLok1afs8HYkTMTVZ3LABLBjDo1LH8Wb8a8BRVtwVSpt1A8PBKZvksgwWogrr3qLLQFtZrZ7CkqQP1VbCG7xe8Sm0VvyH-Bowq0OnEyCEkj_3nDvAW35ehOgJt9egLYRjHZAezi3_e5GO5wyTFm6h0SoLU7q50WMkkdiJQ-g-KwESx8speK0&sai=AMfl-YQGFWFu3nK2X0X3iSEWpkw86L5SPagSrEOIlnPHFX6Hu--Wn7BHqSWS3vhtbRGWLiNV1Q9rqsD4CAVGiSCU6R9-n3dCzqXpbbHyApQM_OcltFOzUvBHrieG0_MWjv0&sig=Cg0ArKJSzLuHaNnLQ4bREAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 09 Jan 2024 07:25:28 GMT
ecm3
s.amazon-adsystem.com/ Frame 4C08
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LR611RYY-P-CY9Q
  • https://s.amazon-adsystem.com/ecm3?id=LR611RYY-P-CY9Q&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LR611RYY-P-CY9Q&ex=d-rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-Azerion_n-baidu_n-Beeswax_ox-db5_smrt&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 07:25:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PGD39VRVPR2RW8H8CVG7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LR611RYY-P-CY9Q&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
Expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 7BBD 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstFf6fD5BEMKmb2epa7KoSwUssEXSJkINtDTVfnm0sVr4v67nNCIshbVtx-LRUqLyYUogoVkL4GlSAWK7Fmapw9EglePhq8Vrzre6N6odxihqx8eYM2PRSTQw5gtFrAPN180EJZLMJHJZR7T0PaXxBM7fgD&sig=Cg0ArKJSzIg8RKvVeFR1EAE&id=lidar2&mcvt=1006&p=516,1180,766,1480&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20240108&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1574365208&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704785127669&rpt=219&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 4C08
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5e1cdb2f-412b-4a5e-93a4-04564d7f3206&gdpr=0&gdpr_consent=&expires=30
42 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5e1cdb2f-412b-4a5e-93a4-04564d7f3206&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-Azerion_n-baidu_n-Beeswax_ox-db5_smrt&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
750589468d5634b7e99830971becaf64
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5e1cdb2f-412b-4a5e-93a4-04564d7f3206&gdpr=0&gdpr_consent=&expires=30
date
Tue, 09 Jan 2024 07:25:28 GMT
server
Kestrel
content-length
289
tap.php
pixel.rubiconproject.com/ Frame 4C08
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEN6ySFbsbF0hmvQVqN2uJ6I&google_cver=1
42 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEN6ySFbsbF0hmvQVqN2uJ6I&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-Azerion_n-baidu_n-Beeswax_ox-db5_smrt&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6683ee3a8662a9679fcacb9fe223a3f8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEN6ySFbsbF0hmvQVqN2uJ6I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
aax-eu.amazon-adsystem.com/s/ Frame 4C08 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-Azerion_n-baidu_n-Beeswax_ox-db5_smrt&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 07:25:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6HZK15WDJFBVWD4HHCDH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 4C08
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LR611RYY-P-CY9Q&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LR611RYY-P-CY9Q&ex=d-rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-Azerion_n-baidu_n-Beeswax_ox-db5_smrt&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 07:25:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
58P1CXKW3ASATMM715DB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LR611RYY-P-CY9Q&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
750589468d5634b7e99830971becaf64
Expires
0
pixel
cm.g.doubleclick.net/ Frame 4C08
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODAwYWU2MDc2ZTkyM2YxOGU1YTA0YjZkYWY4MmFlZGRiMDAyNGFiZA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODAwYWU2MDc2ZTkyM2YxOGU1YTA0YjZkYWY4MmFlZGRiMDAyNGFiZA
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-Azerion_n-baidu_n-Beeswax_ox-db5_smrt&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODAwYWU2MDc2ZTkyM2YxOGU1YTA0YjZkYWY4MmFlZGRiMDAyNGFiZA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
187e82019178d54b7a252bfda4b0880c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 4C08
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=O277NyG4QeqZ5x9tFO943w&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=O277NyG4QeqZ5x9tFO943w
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=O277NyG4QeqZ5x9tFO943w
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-Azerion_n-baidu_n-Beeswax_ox-db5_smrt&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 07:25:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TZS7EBF2QGZSKFZXFD0B
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=O277NyG4QeqZ5x9tFO943w
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
750589468d5634b7e99830971becaf64
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 4C08
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFI2MTFSWVktUC1DWTlR
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDwYilJTh0gjHemzDzMf4AY&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI2MTFSWVktUC1DWTlR&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI2MTFSWVktUC1DWTlR&google_push=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-Azerion_n-baidu_n-Beeswax_ox-db5_smrt&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI2MTFSWVktUC1DWTlR&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
750589468d5634b7e99830971becaf64
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 4C08
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/zuUZ1gv9g1NkTmLAKiWzOg?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-cFUK8Q5E2oL33nkaGLmVTcQkdPVymuzYbhIyHQ--~A
42 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-cFUK8Q5E2oL33nkaGLmVTcQkdPVymuzYbhIyHQ--~A
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-Azerion_n-baidu_n-Beeswax_ox-db5_smrt&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
750589468d5634b7e99830971becaf64
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 09 Jan 2024 07:25:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-cFUK8Q5E2oL33nkaGLmVTcQkdPVymuzYbhIyHQ--~A
content-length
0
setuid
px.ads.linkedin.com/ Frame 4C08
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR611RYY-P-CY9Q
0
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR611RYY-P-CY9Q
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-Azerion_n-baidu_n-Beeswax_ox-db5_smrt&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:28 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 1B96CAC9D98C4E8182A7FC2C7F1B205C Ref B: TYBEDGE0517 Ref C: 2024-01-09T07:25:29Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYOfjgORXQeqgkhp/AmgQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR611RYY-P-CY9Q
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
187e82019178d54b7a252bfda4b0880c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rp
match.prod.bidr.io/cookie-sync/ Frame 4C08 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-Azerion_n-baidu_n-Beeswax_ox-db5_smrt&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.69.213.237 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-69-213-237.ap-northeast-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 09 Jan 2024 07:25:28 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
merge
ce.lijit.com/ Frame 4C08
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=LR611RYY-P-CY9Q
43 B
663 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LR611RYY-P-CY9Q
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-Azerion_n-baidu_n-Beeswax_ox-db5_smrt&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
209.191.163.210 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 07:25:29 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LR611RYY-P-CY9Q
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
750589468d5634b7e99830971becaf64
Expires
0
pixel
capi.connatix.com/us/ Frame 4C08
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=LR611RYY-P-CY9Q&pId=11&gdpr=&gdpr_consent=&us_privacy=
  • https://capi.connatix.com/us/pixel?puid=LR611RYY-P-CY9Q&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LR611RYY-P-CY9Q&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-Azerion_n-baidu_n-Beeswax_ox-db5_smrt&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
842af254486a25e9-NRT
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 09 Jan 2024 07:25:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LR611RYY-P-CY9Q&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
842af2536f7425e9-NRT
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
tap.php
pixel.rubiconproject.com/ Frame 4C08
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=c1eb2d68-80e3-499c-9826-555c8a5797c5&expires=30
42 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=c1eb2d68-80e3-499c-9826-555c8a5797c5&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-Azerion_n-baidu_n-Beeswax_ox-db5_smrt&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
750589468d5634b7e99830971becaf64
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=c1eb2d68-80e3-499c-9826-555c8a5797c5&expires=30
Date
Tue, 09 Jan 2024 07:25:29 GMT
Connection
keep-alive
X-CI-RTID
1323dc26-7d1b-480d-9546-1af1692964d3
Content-Length
144
Content-Type
text/html; charset=utf-8
receive
pixel.tapad.com/idsync/ex/ Frame 4C08
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LR611RYY-P-CY9Q
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LR611RYY-P-CY9Q
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-Azerion_n-baidu_n-Beeswax_ox-db5_smrt&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:29 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LR611RYY-P-CY9Q
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
187e82019178d54b7a252bfda4b0880c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 4C08
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LR611RYY-P-CY9Q
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LR611RYY-P-CY9Q
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LR611RYY-P-CY9Q
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-Azerion_n-baidu_n-Beeswax_ox-db5_smrt&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
18.65.185.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-71.nrt57.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:29 GMT
via
1.1 18684d08f1c8a3056a0c5115ae29d06c.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
MmaMUQ4OLQo8aDsQbLXXuYMnoAm9h32Qz_-PvQlie5Ihp974HfveGw==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:29 GMT
via
1.1 c8ced8ee22fad477549815ea371867b2.cloudfront.net (CloudFront)
server
nginx
age
0
x-amz-cf-pop
KIX50-P2
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/html; charset=utf-8
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LR611RYY-P-CY9Q
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
zaohjVlPxFXX91G30iezAJh0NF7suHRQMQKkE_Kvzzs7ismLDmFaRQ==
setuid
ib.adnxs.com/prebid/ Frame 4C08
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LR611RYY-P-CY9Q
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LR611RYY-P-CY9Q
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-Azerion_n-baidu_n-Beeswax_ox-db5_smrt&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
103.43.90.179 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:29 GMT
an-x-request-uuid
b9b49319-249b-4c8f-9089-2c9013c27645
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
146.70.201.212; 146.70.201.212; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LR611RYY-P-CY9Q
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
750589468d5634b7e99830971becaf64
Expires
0
/
adspsp.com/pt/1710310/15/2/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/1710310/15/2/?a=2,a2lr611qegPHxdYpLFAE,7S9I3Z5wjH&aa=01CihRyu.gN&b=1:1,2,U296dd8e7ef475d,adb_leaderboard_atf,%2F9869277%2Fcnhi%2Fthenormantranscript%2Ftotalaudience&b=1:1,4,U4ff9017041e222,adb_mediumRectangle_atf,%2F9869277%2Fcnhi%2Fthenormantranscript%2Ftotalaudience&e=&c=https%3A%2F%2Fwww.normantranscript.com%2F&d=&f=1.lr611o05.1T1vg.2T2k7&g=2T45x&u=f0278789:lim1hwav:3i2&v=18g.xc.0.7c0.1.0&m=z&zi=adb_leaderboard_atf,totalaudience,2,U296dd8e7ef475d,adb_mediumRectangle_atf,4,U4ff9017041e222,adb_floorboard,richmedia,11,U49dc833a349efc1&z=0,1,2,3:1,1,bj,44c.0,k,004s,bk,44c.0,k,004t,ep,44c.0,k,007y_1360x130_k.2y.1mw_1&z=4,1,5,6:1,1,bj,4ec.0,k,004s,bk,4ec.0,k,004t,ep,4ec.0,k,007y_2_k.2y.1mw_1&z=7,8,9,a:1,1,dr,4uu.0,k,0070,dz,4uu.0,k,0078,ep,4uu.0,k,007y_1600x90_k.u.go&rnd=1704785128923
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.196.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-196-6.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame CD8B 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvwmNBJc-MnW010wyPZivUPr5s50tfJl8hqA4_VxMcBOKoAeN7LYrdKsp0eCOgbQrNkjirGwaRBvmeiH_5vM_fkv19EQ7b6v6uOWmGJB5599GmKaCo0K6EpzcTcJUpgK5lOldn0itK61xLwV5zjC8ZzK2Ue&sig=Cg0ArKJSzI20Dm0TOMwdEAE&id=lidar2&mcvt=1008&p=176,436,266,1164&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20240108&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3944135043&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704785127649&rpt=278&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame BFCA 		36 B
619 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=491831&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22185e70a7ad5c38%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.normantranscript.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.16.0%22%2C%22userIds%22%3A%5B%22pubProvidedId%22%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.normantranscript.com%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22pbadslot%22%3A%22%2FPRM%2F105129%2Fwww_normantranscript_com%22%2C%22adunitcode%22%3A%22adUnit_1%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2227ec84bedeaabe%22%2C%22ext%22%3A%7B%22siteID%22%3A%22491831%22%2C%22tid%22%3A%22eca3b233-073c-4212-aa15-f139a3d226b4%22%2C%22sid%22%3A%22720x405%22%2C%22fl%22%3A%22x%22%2C%22gpid%22%3A%22%2FPRM%2F105129%2Fwww_normantranscript_com%22%7D%2C%22video%22%3A%7B%22playerSize%22%3A%5B%5B720%2C405%5D%5D%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A200%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%2C11%2C12%2C13%2C14%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%2C7%5D%2C%22placement%22%3A3%2C%22plcmt%22%3A2%2C%22startdelay%22%3A0%2C%22skip%22%3A1%2C%22playbackmethod%22%3A%5B6%5D%2C%22w%22%3A720%2C%22h%22%3A405%7D%2C%22bidfloor%22%3A0.17%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22americanhometownmedia.com%22%2C%22sid%22%3A%2200021%22%2C%22hp%22%3A1%7D%2C%7B%22asi%22%3A%22primis.tech%22%2C%22sid%22%3A%2222235r%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22b2dc8033-ebc9-493b-9dee-8b273a191a4b%22%7D%5D%7D%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
676d69fb5c5c64137221079e0738e0a33d64ef61726f73d8bc25a8fa262674e6

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=acV5s7hhM7Ipux9yzSwtJO5hXUg68Hr3xjs15sSTp%2FsmNiUQJK%2F%2F%2B%2FBdYzgY%2BYn8nP%2BEYg7BIgguChLJAgW%2FwsZhbEECKC0xHYGX82I3TlvuQSu4vmxSnWJtNRMe7%2FaqsvSk15nm"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.normantranscript.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
842af250a9c9af7f-NRT
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
liveInternalSsp.php
rtb.primis.tech/live/ Frame BFCA 		25 B
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.primis.tech/live/liveInternalSsp.php?sspData=%7B%22enc%22%3Atrue%2C%22comp%22%3Atrue%2C%22data%22%3A%22%5C%22rJmgWygi27tS%2FwUB9wmE0O1vPpYJ3JM2TYO63QL7EyAUoXMwv1dRvcP8%2Bu1SFEaJnarTripEODEMXmvp0Vj%2FDvWrcIhTILtaDXlruGsq71g%2FFfi%2FjTy87zv1bEVH9eduiH16MukKAGZgJQZmBBUyhSJVN%2Bu7raws%2FQ%2F6%2F1gNT7lT9EJPbYXQj2aQTlN0f9UXvDkQTt7lGzFldVWDm3whknaRW1G%2FPNoEWbn4EdHI97Qt7KnEOTgSCTfi7Mv0Nzltdj%2B%2FEJ6ev0ggvnSAFYcHmq8Q1zivJ0x3ufc6v4J3uByR728MQ0HhKSoCXFpPvjqkMnKblskOMKVSF4CG7oxTM7kg2M4dj7vusKNVAXMNCrR%2FfgT9vNbc9ZEVcDRmHKz%2FxbZTcxMKa743t%2FtMrVHVeuEWorObN5cmDiKiUnsixN6CUWpovIpusWRPgCmRSoCM5oW8X4kB3iUX%2BFAduJCCHuCSdPi5xET%2Ftn%2Bmhv7JN5J%2FbCBiGYscLITIrL98%2BO%2BXw1sdty5J70AN7k3Bq0llaGgHLi0ABM8SL8gzscABZYXWdKGOHK1lvnllYTkLsFDC0FksuqxfwQJoV6vhc50ABCrcmTDyYM%2BtkGDvbd2K0d2BeRA1Vm%2BX8N7i97OKNTgUvQZVHDr0FwPMqbcdL7pSeCFsz4zYA%2FGzbspIP96jxhLHnW35DrbRYxSCXCYyd6qltn4udbrD9kNluNAcnj0sc6KZ3JA1nqmxr75HneSkYXx%2B%2B6nb9qW1haLtaFXpmWfaeN%2FIDrL8arGSlWLIGNsnTVdYHPvhfILgELVO%2Bo62ri6r5JjKn6kx4OROygutHvpYCyeDzjG8FWfooJxiLouuVb%2FUoyfaQ5I4j%2BhIcAFOjeUFgZLuhjUbWiQAFS9OYe0bxAskFpDu0dWcyYpPynwoHNNvkcdNBRV6jOTbxtpFaagurEclaJ1GWZvsZtUuc%2FM8SEPxZm6KpvpTDSe7pe0C7oePodVfbAmOlcLglXC9LEwrov6egQlFzMknGQWmsavktulVvz1rUe6VuhgyQdKM5fFoG%2BlDZqk3bByCCUwYk1xHfAIUHifFpUA4LQCjdnEYVVfARMH21Y4UFA2mjaGw53yO1z41UCxajpvB8LduO8catzC10u%2BIU2YdYj7yqU7Xko5k3Xy5oU1GhkeRTqVodDSYu%2F5pAXA%2FAGWB79k1VHMgG%2FLHOncPjtgjYujf4TPcnRCJ8EJLSySTEZjVngBPtmvJPqhC1A3JnXHNrX1ZFrRuxBMOcjaZzL8tdMsxLz35Z5FszEEgdraGcgYMIK0IEvOS8Z7Ii0alIZ9wd6Jcp13SCzc8UHnjPFuQdjRcKyQh2xsSsJ1nGjw4kV39zwnazFV1j34arAuSdOtdXkqAzdS6R8ikyO454zRZMgZw8MjHu2bIpZ1Zb0ZUofHIygQfIireLrbRT6o3LLNuQVv1h45XbQ8JLoqomJIYZxFzdU%2Bfpdz%2BP%2FpS30WCJ3LeVbIH1wegUrV6eSfwZ%2BHvsM8nl3l1%2FBczURZpi3swaa83KzekJJXgdahs0zI95VLKyjmQ97LvbvFIuSj8W6OSt4ciEPV39uznwHpOlUZdHbYl2Y8CWEeSBGDN5XoyJjDL5X9FtKXM%2FQpBCjTIkRm%2FCKbSrD0Ldice%2FRvcMciFPjYdUuU1A9OpKl9VJjvoyh6v002GDC2fRJzmWSyWJoNlbvlNt0Bq6AWtbyrSMnvYuitNU%2F5RTIzufT0OcaSSDwAy8nLUobKswlyD%2FgrDKZ25P48ci%2F325CWsNa64iH%2B%2FE%2ByVUP3kjq%2BpASzJb8tW3RulYFgGHftD5H%2B1IT%2FCaSlS3pwkW6QMqvXPAc7Tyc8SsqsNKYB%2BrFozM2UUoDh7TTS4f4KIaIRL2HNsZIxHlTAcqU8zcpeuy0by7VttnV8dC0Fvw6XJfWsKG3WSyicq1P27hXUAlyBjm%2B70RNO%2BtsJstoI2pQdUr5UxKIruUixIbKjxTYBlaP1Mbmsxs0WteMk925z%2BZGpn%2B3D%2F3AZ1gDMNiTtJYcq5iDO1Rsoi70m7Br4Ne%2F43rBUadux4Ay4cSYq4BZycj%2F8CiBejilK8Uho%2B%2F21MbnYO%2B6Swo0mwKIz8DgJrtCz9T56kMX2DyONBlwlqHjySyKQJSIzq8jEitRSX%2FkVBvwL35lEymOZkzfjmKCAIBkkwSP1foeq8Y6AR8DvkJCVq%2F6tcCa3PtMckzlIai6rnIdsX7RPS8TQ81InEi%2F386se2pzVTibUTAkTOimuOvQZROQCTi%2FDZApT0DrJo2%2FIiY0mPo7Lu3GQwhAKrHZ4gsGVN%2FmR3%2Bv5nL%2BMkB3ACL21Zo0G8SAmicu6fN8homk%2FyzRL9YFrrIetqP5r%2Fqq1M%2BnpqPEeGAb5rvP5ufx2DCg3TwVjce%2BBOUOhrVhwOW5yTDLovcz2EsY0AVkkOU0Dpm%2BJC9uNjCOkXVLYztVSAq3TaZcT2Gcv4d%2B0qPDvhAsvwa3jis0qjDxhZPDlLJs1CphUD80AqocW0wsPIXAq5uk6G4%2BY4WUM4EVr0IaBWR%2BwTKccUDxr1KNwWCYZZnY2QBKzXeFR5U0TreZnNtnkQCoPSt%2Bsltq25L6s4xVE3u4MdsTXGC9ay%2BZ4ubebiBXhJ1Le4ew9jciWSA2tNQD24Zn7MWjzAQwvuuYo2QZQGjmee%2FjTVwoD9%5C%22%22%7D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221e:e000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Jan 2024 07:25:29 GMT
content-encoding
gzip
via
1.1 9bd7c2eb9edb3030488f847c2b13f76c.cloudfront.net (CloudFront)
x-amz-cf-pop
KIX50-P2
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
pragma
no-cache
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.normantranscript.com
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-id
693jS-ONgEmWXPc63seKTjH8RUK4ON1eEmAf7al3VvJ2wNJGx0n5uw==
ixmatch.html
js-sec.indexww.com/um/ Frame 6083 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.normantranscript.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
213
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
842af250aa32f64d-NRT
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 09 Jan 2024 07:25:29 GMT
expires
Tue, 09 Jan 2024 11:25:29 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 88D2 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.normantranscript.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36823c4c6d7d3d2ca529127a7310acdf8fdf29275261f4ce17d5a4ecbce083d1

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
842af250c9fbaf7f-NRT
content-encoding
br
content-type
text/html
date
Tue, 09 Jan 2024 07:25:29 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IzZUFXs0n1et30qEUHFMOsmHUCMQ5AHLKHY1MlaUB75b2TTjRYOpb%2BddlT6xS46xxEGKn%2BEvAqvCnNriiFiUErB3c%2FojX6czN2Fl3xtwHPnPELvl105wj6m6QTRz9DuKpXLsZDn9FQbkEA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
user-registering
ads.stickyadstv.com/ Frame 88D2 		43 B
654 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZZz06Og13FvJmt7L2nqK1gAAFUUAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.normantranscript.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
139.99.123.105 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ads11-sgp.stickyadstv.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 07:25:29 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1704785129585011-83
crum
dsum-sec.casalemedia.com/ Frame 88D2
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1720509929&external_user_id=ed55f341-8669-4275-a151-58331487235d
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1720509929&external_user_id=ed55f341-8669-4275-a151-58331487235d
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.normantranscript.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lxKfFhnCy1Ig%2BuoT4xbQ7d%2Fvkr0pC7F4nVp%2F2ope%2FemK6CMKUwZFGn4ynaqxfw3DdPOMkLZKmFtkGeFiasUjVxjhmncKGI8fnOdrqcLgJg9aG581VqqReuGf0h0mnTFd83DhfemKq6sYdg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
842af2521b1faf7f-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Tue, 09 Jan 2024 07:25:29 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1720509929&external_user_id=ed55f341-8669-4275-a151-58331487235d
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
crum
dsum-sec.casalemedia.com/ Frame 88D2
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=708312F921DC425A8575B9AF760C19C9
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=708312F921DC425A8575B9AF760C19C9
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.normantranscript.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oy9SUxjCxvo4e15AxWGvgrfIzF1%2FZu8xffvH6Bdj15DqKKr44Zg30t7iM%2BQO5lnFziS4HC3oDXgz5bJPjYn558cDZPb8UpBItuf%2BRruttSN568IiuwQv0IBIijk5hGJ2BxIc1ln%2BfSDCOw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
842af2516a78af7f-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Tue, 09 Jan 2024 07:25:29 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=708312F921DC425A8575B9AF760C19C9
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 08 Jan 2024 07:25:29 GMT
rum
dsum-sec.casalemedia.com/ Frame 88D2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZZz06AANCqNeaQAM
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZZz06AANCqNeaQAM
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.normantranscript.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BGTq0k%2F%2F%2BLjJlbqMknhzYTNbg2FLuNs02%2B1Tb4xFGecIe1JNFHZYHmbkF9zyTYzgIv7nTbuFV1uQK2B9219HpRr%2BUu7YL7MfA958Qk8A1NVbrqOMTEyMZW%2FHfFg4BaxfKCHPvzvx3SFkSA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
842af250fa23af7f-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-served-by
cache-nrt-rjtf7700078-NRT
pragma
no-cache
date
Tue, 09 Jan 2024 07:25:29 GMT
via
1.1 varnish
server
Varnish
x-timer
S1704785129.112039,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZZz06AANCqNeaQAM
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
demconf.jpg
dpm.demdex.net/ Frame 88D2
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZZz06Og13FvJmt7L2nqK1gAA%265445?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZZz06Og13FvJmt7L2nqK1gAA%265445
42 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZZz06Og13FvJmt7L2nqK1gAA%265445
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.normantranscript.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
35.75.206.175 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-75-206-175.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

dcs
dcs-prod-tyo3-2-v051-08a911d3f.edge-tyo3.demdex.com 2 ms
pragma
no-cache
date
Tue, 09 Jan 2024 07:25:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
0/T6t8PyTQY=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-tyo3-1-v051-0e524ccb0.edge-tyo3.demdex.com 0 ms
pragma
no-cache
date
Tue, 09 Jan 2024 07:25:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
JM6agQkCQ24=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZZz06Og13FvJmt7L2nqK1gAA%265445
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame 88D2
Redirect Chain
  • https://trace.mediago.io/ju/cs/indexexchange
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=746ded22e48ffe542jgkeo00lr611rwy
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=746ded22e48ffe542jgkeo00lr611rwy
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.normantranscript.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hPFW9wCxwlGgfIos5P%2BYrTHTrndCDRquTHhZ0rGgpSxiSaf543aLxXtPnfqrMVleehOz%2BmNmeHYhiwWShIlw65jyoBphpfTL2mhfVXSch2DvoUwJ6BmNrFw7FmBdFTPnUSOX3en8pv9%2BxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
842af251eb00af7f-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Tue, 09 Jan 2024 07:25:29 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=746ded22e48ffe542jgkeo00lr611rwy
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
crum
dsum-sec.casalemedia.com/ Frame 88D2
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZZz06Og13FvJmt7L2nqK1gAA%265445
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZZz06Og13FvJmt7L2nqK1gAA%265445&tc=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=_wXDy6gr-NxQ8pAod8v40PAQL9C5r9aMWlwcEhkKN_o&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZZz06Og13FvJmt7L2nqK1gAA%265445&tc=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=_wXDy6gr-NxQ8pAod8v40PAQL9C5r9aMWlwcEhkKN_o&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZZz06Og13FvJmt7L2nqK1gAA%265445&tc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.normantranscript.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FcNYO2QO%2BA4%2FQnJOt3y8IWk48n8SVtuU%2FqfmBrNpgvklkuPHp39fsf5U1gB4VLeof6xpzofCIP6L84GakjsM2EBqbeb%2BcY7L068daG29C%2Fz8WwMzXhIRfLeQgQR8JxrqEkUEh1PsvfZjvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
842af2570894af7f-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=_wXDy6gr-NxQ8pAod8v40PAQL9C5r9aMWlwcEhkKN_o&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZZz06Og13FvJmt7L2nqK1gAA%265445&tc=1
pragma
no-cache
date
Tue, 09 Jan 2024 07:25:29 GMT, Tue, 09 Jan 2024 07:25:29 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
tp_out
d.adroll.com/cm/index/ Frame 88D2 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.normantranscript.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:da18:22e:4f04:5db4:f8ff:1a3b:fd55 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:29 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
htw-pixel.gif
cdn.indexww.com/ht/ Frame 88D2 		43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZZz06Og13FvJmt7L2nqK1gAA%265445
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.normantranscript.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:29 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
42086
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
842af250ea5df64d-NRT
content-length
43
expires
Wed, 10 Jan 2024 07:25:29 GMT
async_usersync
ib.adnxs.com/ Frame 95D3 		0
764 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.179 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:29 GMT
an-x-request-uuid
5fbcd9af-7d8d-4948-b37a-96692608975a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
146.70.201.212; 146.70.201.212; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 188B 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80f::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
X-Goog-Request-Time
1704785129394
Content-Type
application/json
X-YouTube-Utc-Offset
540
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/J9oVQ43j22g?enablejsapi=1&origin=https://www.normantranscript.com
X-YouTube-Client-Version
1.20240102.01.00
X-YouTube-Time-Zone
Asia/Tokyo
X-Goog-Visitor-Id
CgtiQy1wSXh0S2lqUSjm6fOsBjIKCgJKUBIEGgAgSA%3D%3D
X-YouTube-Ad-Signals
dt=1704785126934&flash=0&frm=2&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1030%2C609&vis=1&wgl=true&ca_type=image

Response headers

date
Tue, 09 Jan 2024 07:25:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
async_usersync
ib.adnxs.com/ Frame 56BD 		0
764 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.179 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:29 GMT
an-x-request-uuid
38aa5528-2591-4fcd-8a60-f583cf4b7b97
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
146.70.201.212; 146.70.201.212; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
js
www.googletagmanager.com/gtag/ 		220 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PH4H2RP2NP&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2951863c221e6e09eaf9677a6b543a2f1201902d3181c6b8d44c83b08d765409
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79873
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 09 Jan 2024 07:25:29 GMT
/
normantranscript-cnhi-pw.newsmemory.com/ 		88 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://normantranscript-cnhi-pw.newsmemory.com/?meter&service=autologout&ta_MACHINE_ID=892e4503ad86f0faf840aba78be98641&r=1704785129854
Requested by
Host: normantranscript-cnhi-pw.newsmemory.com
URL: https://normantranscript-cnhi-pw.newsmemory.com/?meter&ta_MACHINE_ID=892e4503ad86f0faf840aba78be98641&v=4&r=9075
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.17.34.107 , United States, ASN10242 (USINTERNET, US),
Reverse DNS
Software
Apache /
Resource Hash
550a4d5afbb1c0c9e3dffbf761b2492cf113fc0214b088ec694f310b2277e07d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 07:25:30 GMT
Server
Apache
Access-Control-Allow-Methods
GET, POST
Content-Type
text/html
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Keep-Alive
timeout=2, max=300
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Expires
Content-Length
88
SPug
simage4.pubmatic.com/AdServer/ Frame C2FC 		0
179 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.74 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:11:46 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
1.js
normantranscript.com/content/tncms/ads/_popup/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://normantranscript.com/content/tncms/ads/_popup/1.js
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/shared-content/art/tncms-ad-manager/admanager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
p
i.simpli.fi/ 		798 B
762 B 		Script
General
Check archive.org
Download Go to
Full URL
https://i.simpli.fi/p?cid=135926&cb=sifi_att_42656._hp
Requested by
Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/d4955710-4d88-0136-d0af-06a9ed4ca31b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.87.122.136 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
136.122.87.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
64c9f0123cb2dfcf62571c7c927bee705dbe30955a54f2cdee255de9fe2e355b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:30 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
expires
Thu, 01 Jan 1970 00:00:00 GMT
tcx-ping.php
japfg-trending-content.appspot.com/ 		208 B
191 B 		Script
General
Check archive.org
Download Go to
Full URL
https://japfg-trending-content.appspot.com/tcx-ping.php?s=10223&t=normantranscript.com%20%7C%20my%20paper%2C%20my%20town&h=www.normantranscript.com&p=%2F&w=2&a=ldgr1--ldgr4&_debug=1
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:818::2014 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
03b277d30f86e04e46a9195e271d317a1916c96c2757ae42567349e4cc7e6c44

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:31 GMT
content-encoding
gzip
via
1.1 google
server
nginx
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401020101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5623ea31d4c2cf29c75acaff4142d970e1ce7c3b0d827a380bba6c2621def434
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12238
x-xss-protection
0
syncframe
gum.criteo.com/ Frame F511 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.normantranscript.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
96925fcf3f2e756c4ca746bea5edcf726bd05ae282e0ae4260753d62521536e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.normantranscript.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 09 Jan 2024 07:25:30 GMT
server
Kestrel
server-processing-duration-in-ticks
433285
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=719282103&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.normantranscript.com%2F&ul=en-us&de=UTF-8&dt=normantranscript.com%20%7C%20my%20paper%2C%20my%20town&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=undefined&ea=undefined&_u=aDDAAUABAAQCAGAAIAB~&jid=517950933&gjid=1587304284&cid=2123531324.1704785126&tid=UA-3850501-15&_gid=1171950.1704785126&_r=1&gtm=45He4130n71K8STNVv71570408&cd1=2123531324.1704785126&cd4=false&cd5=false&gcd=11l1l1l1l1&dma=0&z=701759334
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.normantranscript.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
65972e42d424c.image.jpg
bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/assets/v3/editorial/e/be/ebe77b6c-ab4e-11ee-bd21-b7ad88ea6046/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/normantranscript.com/content/tncms/assets/v3/editorial/e/be/ebe77b6c-ab4e-11ee-bd21-b7ad88ea6046/65972e42d424c.image.jpg?resize=300%2C300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28a0da603910f83ff3a79fe1c24e7b733b15302231957c909920acdc274cfd18
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:30 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=11088
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="65972e42d424c.webp"
content-length
10552
cf-bgj
imgq:85,h2pri
last-modified
Thu, 04 Jan 2024 22:16:34 GMT
server
cloudflare
x-vcache
MISS
etag
"d5e57ad80f8f16bb1b01e2849f4c03ea"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
842af25a4d8cafc7-NRT
expires
Sat, 04 Jan 2025 01:10:50 GMT
sid
mug.criteo.com/ Frame F511
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=normantranscript.com&sn=ChromeSyncframe&so=0&topUrl=www.normantranscript.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=omeqLnxWQjA2ajl1SWdvOWtSN0QwdGN0U05URWpWZzQzNFBCVlRhejE2Wmphc3B0MVR5MDllbXA3NTYzWjY5Q3R3RkwzNzlFem52WmRVb1BSRmZyaHg4SUZPY0pJeEpURkY2ZGVMRC9ub1ptUFpySklodzlrWTlBcW5FTD...
473 B
682 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=omeqLnxWQjA2ajl1SWdvOWtSN0QwdGN0U05URWpWZzQzNFBCVlRhejE2Wmphc3B0MVR5MDllbXA3NTYzWjY5Q3R3RkwzNzlFem52WmRVb1BSRmZyaHg4SUZPY0pJeEpURkY2ZGVMRC9ub1ptUFpySklodzlrWTlBcW5FTDc3M0E5UzY4dlJBWEZwRTB6OWp4bTBxREFOY2tOWStENEMxdWhZcGM5d1JQYXJBYUd6V2RzNEhBUkhiLytnajJvR214Qm16eFE1SEFvbENjL2dKWm5tVHdRU1NmbTBSck1MYWRmRXJ0a2RVa2FGYmRxRnE1WTZ0S011cUFMN05yOVpzRythZ2E5U2FhczVxSUN6YW9HdTVZbHdmOEgra2Q2aUpyYkVWZHRqQ1pLVmYxa1Zkcz18&cppv=2
Protocol
H2
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
c40fd2fa739ebc3665d2bf6cc7ea4a38aace12341c8eaa17eb99aa0b02a999c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:29 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1340694
expires
0

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:29 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=omeqLnxWQjA2ajl1SWdvOWtSN0QwdGN0U05URWpWZzQzNFBCVlRhejE2Wmphc3B0MVR5MDllbXA3NTYzWjY5Q3R3RkwzNzlFem52WmRVb1BSRmZyaHg4SUZPY0pJeEpURkY2ZGVMRC9ub1ptUFpySklodzlrWTlBcW5FTDc3M0E5UzY4dlJBWEZwRTB6OWp4bTBxREFOY2tOWStENEMxdWhZcGM5d1JQYXJBYUd6V2RzNEhBUkhiLytnajJvR214Qm16eFE1SEFvbENjL2dKWm5tVHdRU1NmbTBSck1MYWRmRXJ0a2RVa2FGYmRxRnE1WTZ0S011cUFMN05yOVpzRythZ2E5U2FhczVxSUN6YW9HdTVZbHdmOEgra2Q2aUpyYkVWZHRqQ1pLVmYxa1Zkcz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
299363
content-length
0
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Jan 2024 07:25:30 GMT
cookie-sync
sync.outbrain.com/
Redirect Chain
  • https://um.simpli.fi/smaato
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=708312F921DC425A8575B9AF760C19C9
  • https://sync.outbrain.com/cookie-sync?p=smaato&uid=84b0cf7915&gdpr=0&gdpr_consent=
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=smaato&uid=84b0cf7915&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
38.133.127.63 Sacramento, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 07:25:31 GMT
Cache-Control
no-cache
X-TraceId
8422af91d4223ab67d791ea2337dc59f
Content-Length
0

Redirect headers

date
Tue, 09 Jan 2024 07:25:30 GMT
via
1.1 304f6763e8e2c65d41e5e621780485fc.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
NRT57-C4
x-cache
Miss from cloudfront
location
https://sync.outbrain.com/cookie-sync?p=smaato&uid=84b0cf7915&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
NssgwVYDUby3IUZDTvYX578rHeh_EiJ7LzutIiaFyVXPyZ0iNs2Row==
RX-3c1002fe-bb9c-41c0-9f0b-68218e11bef1-004
sync.targeting.unrulymedia.com/csync/
Redirect Chain
  • https://um.simpli.fi/nexxen
  • https://sync.1rx.io/usersync/simplifi/708312F921DC425A8575B9AF760C19C9
  • https://sync.targeting.unrulymedia.com/csync/RX-3c1002fe-bb9c-41c0-9f0b-68218e11bef1-004
43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-3c1002fe-bb9c-41c0-9f0b-68218e11bef1-004
Protocol
H2
Server
74.118.186.107 Serangoon New Town, Singapore, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:30 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-3c1002fe-bb9c-41c0-9f0b-68218e11bef1-004
pragma
no-cache
date
Tue, 09 Jan 2024 07:25:30 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-type
text/html
xuid
eb2.3lift.com/
Redirect Chain
  • https://um.simpli.fi/triplelift
  • https://eb2.3lift.com/xuid?mid=7969&xuid=708312F921DC425A8575B9AF760C19C9&dongle=yf3
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7969&xuid=708312F921DC425A8575B9AF760C19C9&dongle=yf3
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 09 Jan 2024 07:25:30 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Tue, 09 Jan 2024 07:25:30 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://eb2.3lift.com/xuid?mid=7969&xuid=708312F921DC425A8575B9AF760C19C9&dongle=yf3
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 08 Jan 2024 07:25:30 GMT
sync
simplifi.partners.tremorhub.com/
Redirect Chain
  • https://um.simpli.fi/telaria_p
  • https://simplifi.partners.tremorhub.com/sync?UISF=708312F921DC425A8575B9AF760C19C9
43 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simplifi.partners.tremorhub.com/sync?UISF=708312F921DC425A8575B9AF760C19C9
Protocol
H2
Server
2600:1f18:612b:4216:bba5:fc0b:66fa:bb51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Tue, 09 Jan 2024 07:25:30 GMT
server
nginx
content-type
image/gif

Redirect headers

date
Tue, 09 Jan 2024 07:25:30 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://simplifi.partners.tremorhub.com/sync?UISF=708312F921DC425A8575B9AF760C19C9
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 08 Jan 2024 07:25:30 GMT
receive
pixel.tapad.com/idsync/ex/
Redirect Chain
  • https://um.simpli.fi/tapad
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=708312F921DC425A8575B9AF760C19C9
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=708312F921DC425A8575B9AF760C19C9
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:30 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Tue, 09 Jan 2024 07:25:30 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=708312F921DC425A8575B9AF760C19C9
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 08 Jan 2024 07:25:30 GMT
empty.gif
um.simpli.fi/
Redirect Chain
  • https://um.simpli.fi/ad_advisor
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=708312F921DC425A8575B9AF760C19C9
  • https://d.agkn.com/pixel/10751/?che=1704785130962&ip=146.70.201.212&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D232583304756003788549
  • https://um.simpli.fi/aa_px?sk=232583304756003788549
  • https://um.simpli.fi/empty.gif
43 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/empty.gif
Protocol
H2
Server
34.142.175.23 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
23.175.142.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:31 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43

Redirect headers

date
Tue, 09 Jan 2024 07:25:31 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
/empty.gif
access-control-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain
  • https://um.simpli.fi/intentiq
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=708312F921DC425A8575B9AF760C19C9
43 B
866 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=708312F921DC425A8575B9AF760C19C9
Protocol
H3
Server
18.65.185.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-71.nrt57.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:30 GMT
via
1.1 18684d08f1c8a3056a0c5115ae29d06c.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
d_B_we6bHCQHaqnsSbKcWYKOBrYIp_-V8rAKQkMiZVi89brNECrBxA==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Tue, 09 Jan 2024 07:25:30 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=708312F921DC425A8575B9AF760C19C9
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 08 Jan 2024 07:25:30 GMT
pubmatic
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.142.175.23 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
23.175.142.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:30 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 08 Jan 2024 07:25:30 GMT
freewheel
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/freewheel
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.142.175.23 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
23.175.142.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:30 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 08 Jan 2024 07:25:30 GMT
engine
pbid.pro-market.net/
Redirect Chain
  • https://um.simpli.fi/dtnx
  • https://fei.pro-market.net/engine?du=24;csync=708312F921DC425A8575B9AF760C19C9;mimetype=img;
  • https://fei.pro-market.net/engine?du=24;csync=708312F921DC425A8575B9AF760C19C9;mimetype=img;sr
  • https://cms.analytics.yahoo.com/cms?partner_id=DATCS
  • https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS
  • https://pbid.pro-market.net/engine?du=81&mimetype=img&csync=y-Y_CtFAFE2pSuDqhZ8FB9W60OXyZSSWsCjso-~A
43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbid.pro-market.net/engine?du=81&mimetype=img&csync=y-Y_CtFAFE2pSuDqhZ8FB9W60OXyZSSWsCjso-~A
Protocol
H2
Server
2600:1901:0:8eee:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:30 GMT
via
1.1 google
server
Apache-Coyote/1.1
anserver
gapp2
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
43
expires
Mon, 1 Jan 1990 0:0:0 GMT

Redirect headers

location
https://pbid.pro-market.net/engine?du=81&mimetype=img&csync=y-Y_CtFAFE2pSuDqhZ8FB9W60OXyZSSWsCjso-~A
date
Tue, 09 Jan 2024 07:25:31 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
loadm.exelator.com/load/
Redirect Chain
  • https://um.simpli.fi/exelatem
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=708312F921DC425A8575B9AF760C19C9&j=0
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=708312F921DC425A8575B9AF760C19C9&j=0&xl8blockcheck=1
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=2191&simid=708312F921DC425A8575B9AF760C19C9&j=0&xl8blockcheck=1
Protocol
H2
Server
50.16.197.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-197-56.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:31 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Tue, 09 Jan 2024 07:25:31 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=2191&simid=708312F921DC425A8575B9AF760C19C9&j=0&xl8blockcheck=1
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
yahoo
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/yahoo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.142.175.23 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
23.175.142.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:30 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 08 Jan 2024 07:25:30 GMT
sync
sync.bfmio.com/
Redirect Chain
  • https://um.simpli.fi/beachfront
  • https://sync.bfmio.com/sync?pid=141&uid=708312F921DC425A8575B9AF760C19C9
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=141&uid=708312F921DC425A8575B9AF760C19C9
Protocol
HTTP/1.1
Server
52.23.7.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-7-200.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 09 Jan 2024 07:25:31 GMT

Redirect headers

date
Tue, 09 Jan 2024 07:25:30 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://sync.bfmio.com/sync?pid=141&uid=708312F921DC425A8575B9AF760C19C9
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 08 Jan 2024 07:25:30 GMT
29931
stags.bluekai.com/site/
Redirect Chain
  • https://um.simpli.fi/bluekai
  • https://stags.bluekai.com/site/29931?id=708312F921DC425A8575B9AF760C19C9
62 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/29931?id=708312F921DC425A8575B9AF760C19C9
Protocol
H2
Server
59.151.139.239 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a59-151-139-239.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Tue, 09 Jan 2024 07:25:31 GMT
content-length
62
content-type
image/gif

Redirect headers

date
Tue, 09 Jan 2024 07:25:30 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://stags.bluekai.com/site/29931?id=708312F921DC425A8575B9AF760C19C9
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 08 Jan 2024 07:25:30 GMT
tpid=708312F921DC425A8575B9AF760C19C9
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain
  • https://um.simpli.fi/crwdcntrl
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=708312F921DC425A8575B9AF760C19C9
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=708312F921DC425A8575B9AF760C19C9
Protocol
H2
Server
52.77.13.91 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-13-91.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:30 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.5.203
content-length
49
expires
0

Redirect headers

date
Tue, 09 Jan 2024 07:25:30 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=708312F921DC425A8575B9AF760C19C9
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 08 Jan 2024 07:25:30 GMT
merge
ce.lijit.com/
Redirect Chain
  • https://um.simpli.fi/lj_match
  • https://ce.lijit.com/merge?pid=2&3pid=708312F921DC425A8575B9AF760C19C9
43 B
962 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=708312F921DC425A8575B9AF760C19C9
Protocol
HTTP/1.1
Server
209.191.163.210 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 07:25:30 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Tue, 09 Jan 2024 07:25:30 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=708312F921DC425A8575B9AF760C19C9
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 08 Jan 2024 07:25:30 GMT
cm
us-u.openx.net/w/1.0/
Redirect Chain
  • https://um.simpli.fi/liveramp_match
  • https://idsync.rlcdn.com/419566.gif?partner_uid=708312F921DC425A8575B9AF760C19C9
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:30 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Tue, 09 Jan 2024 07:25:30 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
www.google.co.jp/pagead/1p-conversion/1026675585/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1704785130614&cv=7&fst=1704785130614&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=557711149&cv=7&fst=1704785130614&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=6...
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=557711149&cv=7&fst=1704785130614&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI2J-Mwe...
  • https://www.google.co.jp/pagead/1p-conversion/1026675585/?random=557711149&cv=7&fst=1704785130614&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI2J-M...
42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/pagead/1p-conversion/1026675585/?random=557711149&cv=7&fst=1704785130614&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI2J-MwePPgwMVBzR7Bx1ZbgGD&is_vtc=1&ocp_id=6vScZdiCLofo7OsP2dyFmAg&cid=CAQSKQAvHhf_s7ipeCngXW6NQeWq4ceEROfcrSVC0td_bWEg-8N_NcY_Xmek&random=357910294&ipr=y
Protocol
H2
Server
2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:30 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:30 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.co.jp/pagead/1p-conversion/1026675585/?random=557711149&cv=7&fst=1704785130614&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI2J-MwePPgwMVBzR7Bx1ZbgGD&is_vtc=1&ocp_id=6vScZdiCLofo7OsP2dyFmAg&cid=CAQSKQAvHhf_s7ipeCngXW6NQeWq4ceEROfcrSVC0td_bWEg-8N_NcY_Xmek&random=357910294&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
spotx_match
um.simpli.fi/ 		0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/spotx_match
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.142.175.23 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
23.175.142.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 09 Jan 2024 07:25:30 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
setuid
ib.adnxs.com/
Redirect Chain
  • https://um.simpli.fi/an
  • https://ib.adnxs.com/setuid?entity=66&code=708312F921DC425A8575B9AF760C19C9
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=66&code=708312F921DC425A8575B9AF760C19C9
Protocol
H2
Server
103.43.90.179 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:30 GMT
an-x-request-uuid
bfd11917-462d-40b5-8b9c-ffa91eb76e36
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
146.70.201.212; 146.70.201.212; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

date
Tue, 09 Jan 2024 07:25:30 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ib.adnxs.com/setuid?entity=66&code=708312F921DC425A8575B9AF760C19C9
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 08 Jan 2024 07:25:30 GMT
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://um.simpli.fi/rb_match
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=708312F921DC425A8575B9AF760C19C9&expires=365
42 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=708312F921DC425A8575B9AF760C19C9&expires=365
Protocol
HTTP/1.1
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
750589468d5634b7e99830971becaf64
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 09 Jan 2024 07:25:30 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=708312F921DC425A8575B9AF760C19C9&expires=365
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 08 Jan 2024 07:25:30 GMT
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=708312F921DC425A8575B9AF760C19C9
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=708312F921DC425A8575B9AF760C19C9
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:30 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Tue, 09 Jan 2024 07:25:30 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=708312F921DC425A8575B9AF760C19C9
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 08 Jan 2024 07:25:30 GMT
g_match
um.simpli.fi/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEClLWvreXER97XrCtvknPOY&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=708312F921DC425A8575B9AF760C19C9
  • https://um.simpli.fi/g_match?id=
0
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/g_match?id=
Protocol
H2
Server
34.142.175.23 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
23.175.142.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:30 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Mon, 08 Jan 2024 07:25:30 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://um.simpli.fi/g_match?id=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
229
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 04DC 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.normantranscript.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
108561
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 08 Jan 2024 01:16:09 GMT
expires
Tue, 07 Jan 2025 01:16:09 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BD28 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0fb599ebb57e40283301640cee83439f1d545bc5163828069a74eb79c4b05812
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wAsa23jHxbZE2mww1L5LIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.normantranscript.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-wAsa23jHxbZE2mww1L5LIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 09 Jan 2024 07:25:30 GMT
expires
Tue, 09 Jan 2024 07:25:30 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 04DC 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 21:12:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
382388
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Jan 2025 21:12:22 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame BD28 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401020101&jk=106974496560352&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 04DC 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?xeEubg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:30 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
prebid
id5-sync.com/api/config/ Frame BFCA 		135 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
25359cb3d49c2e00cb2e97f95643ee30748d54c33daa11c9c6fb0d2b519dfffa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.normantranscript.com
date
Tue, 09 Jan 2024 07:25:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame BFCA 		0
0
id
id.crwdcntrl.net/ Frame BFCA 		152 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.13.91 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-13-91.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
02bd59490dcd696911c1abcc4dfa6900d8048148093d1b6cb7c4a6106770839b

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:31 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.normantranscript.com
cache-control
no-cache
x-server
10.42.21.154
access-control-allow-credentials
true
content-length
152
expires
0
rid
match.adsrvr.org/track/ Frame BFCA 		108 B
828 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=j6w8ta9&fmt=json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
932b66d634bffbb441145822206c1fd972e397848e0e7745282adfcb9e3b04ed

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Jan 2024 07:25:31 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.normantranscript.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Thu, 08 Feb 2024 07:25:31 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 413B 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.normantranscript.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
215
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
842af25d1c0df64d-NRT
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 09 Jan 2024 07:25:31 GMT
expires
Tue, 09 Jan 2024 11:25:31 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame ACCE 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.normantranscript.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63cad1384d0e8493911dc1aeb73f46f0cf59c9ebf1cbecf7c685e8a4ae74e11f

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
842af25d2f5daf7f-NRT
content-encoding
br
content-type
text/html
date
Tue, 09 Jan 2024 07:25:31 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yHUbAr2o59uhAhvfpUgkXqRxk1ZtXrVi1icLeSAhQs9r7%2FrCxRJNEoXYZeeVqXaTtJaVK667Lmak1C%2FtMXfObuu30CUJWUIttdMD1qSX0sliJavV%2B1oVhccZHB09CReYesTajRTBV0RZdA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
crum
dsum-sec.casalemedia.com/ Frame ACCE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4211865590473351281&expiration=1705994731
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4211865590473351281&expiration=1705994731
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.normantranscript.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZCkejJqNTZV%2B8QQoHCDJU%2BUqHR6O7PdLm9DVeiYiaFZLvjNum%2FGRDpDon6AfwOUPrdR4aymvTyhtG9jLWysZU8WN4G%2BC5%2FT%2Fewr1iyRMQCOQScUrWaMgGLa8g3iZl24s6Q2hEBE5pbSkw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
842af25dafd6af7f-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4211865590473351281&expiration=1705994731
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
rum
dsum.casalemedia.com/ Frame ACCE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=4799ebae-c07a-47eb-9a10-229473514984&gdpr=&gdpr_consent=&us_privacy=
43 B
537 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=4799ebae-c07a-47eb-9a10-229473514984&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.normantranscript.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5MTRqK8HOMmnnYfMoN7er2zyu2mo2uykvEhicXpCo%2B73ey83Ai4DDoAOgEQHshjhPFg%2BSzx5v39eTSFKMt8haj6jVePW0%2BqEmdVoyikjwgC0D85bzVBkFE%2Bs00s5D9o2h2WwLvk5"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
842af25d5a71affd-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=4799ebae-c07a-47eb-9a10-229473514984&gdpr=&gdpr_consent=&us_privacy=
Date
Tue, 09 Jan 2024 07:25:31 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame ACCE
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.ca...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662087374294648
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662087374294648
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.normantranscript.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IHRVJIsr9MyFKAjT0TfHJANBQWE1OWkNMwD%2BvVVAwv2BEJBIacRIj7WJTNVEfviVwVFJiA%2FxRVN92sJPYlgnqAQuYzYwyf03%2FHmm6pVJax7m%2BlF1s4qg%2BYElizMagt1%2FgWz2TE8kccxdpg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
842af25f0933af7f-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:31 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
316
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662087374294648
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
842af25e3dd620b9-NRT
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame ACCE
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=a18b0d87151d498cb87203148ed25e13&expiration=1707377131
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=a18b0d87151d498cb87203148ed25e13&expiration=1707377131
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.normantranscript.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RLZhJFXATcMaeHOtSwLMEy1mZ%2F3mLKR9b5ksbiYrOAOu0qCvwhP5pB2WMfsKXk8CutROYTSZiqDXzDC7q6%2BK%2Bwsy2gTvSqHSNsw2HehjY4fJHQ%2BT6TJUDZ8l3DUEv7t%2FjVbOmp5Oyn85jg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
842af25dafcbaf7f-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:30 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=a18b0d87151d498cb87203148ed25e13&expiration=1707377131
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
ZZz06Og13FvJmt7L2nqK1gAAFUUAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame ACCE 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZZz06Og13FvJmt7L2nqK1gAAFUUAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.normantranscript.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:da18:929:5a01:4f7c:de84:79b9:a7e6 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
user-registering
ads.stickyadstv.com/ Frame ACCE
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZZz06Og13FvJmt7L2nqK1gAAFUUAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=9466225e5032ef3f2f4677a8bdd97e28&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umwa933_7322570416264016235&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=OTQ2NjIyNWU1MDMyZWYzZjJmNDY3N2E4YmRkOTdlMjg=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESECJ4U2lk5pGLY_7kEay6o6Q&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?userId=AAJgvU7LOeoAABPGHEehAA&dataProviderId=817&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/9466225e5032ef3f2f4677a8bdd97e28?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-0G6eiOdE2oOemnEwu_U6PMKF5qTEDXg0EZ4HFP1g~A
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=5e1cdb2f-412b-4a5e-93a4-04564d7f3206&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2338458340105893363&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=J6e8nzE01Rn6uk5&gdpr=0&gdpr_consent=
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=7042349&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0&gd...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=c1eb2d68-80e3-499c-9826-555c8a5797c5
  • https://jelly.mdhv.io/v4/pixie?
  • https://ads.stickyadstv.com/user-registering?dataProviderId=513&userId=6d87d065-a04b-4ee5-9e90-f21af17e933a
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1595%26userId%3D%24%7BUID%7D
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1595&userId=1f1976c2-7d12-05e5-2680-fc5663812d79
0
0
crum
dsum-sec.casalemedia.com/ Frame ACCE
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATI...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.normantranscript.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N7J5PsPQKVMTupQPJ0mkj5LpkaW3Ob7cLqWB6a3TBKMa8QOve9RZ3qcurs6Tv42JjlbpC4CQ8BlRBX5zmpsX7uhw%2FZgi9rF3qhbaM%2BZ51qE%2BjP%2FMZt2dyQo39ij%2FNB1MSr6UJXG23KT8AA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
842af2620c54af7f-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
date
Tue, 09 Jan 2024 07:25:31 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
tp_out
d.adroll.com/cm/index/ Frame ACCE 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.normantranscript.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:da18:22e:4f04:5db4:f8ff:1a3b:fd55 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:31 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
htw-pixel.gif
cdn.indexww.com/ht/ Frame ACCE 		43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZZz06Og13FvJmt7L2nqK1gAA%265445
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.normantranscript.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:31 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
42088
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
842af25d5c3ff64d-NRT
content-length
43
expires
Wed, 10 Jan 2024 07:25:31 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame C2FC 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=43871588&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
9dfc3c4b38948355349caffa5614d20f172460f057597cdd9c1c2435d68b2581

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 09 Jan 2024 07:25:31 GMT
content-length
1057
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame AE9B
Redirect Chain
  • https://ds.uncn.jp/pm/0/sync
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_4546b59f-30d5-4f39-ab8a-2e97f2c1778b
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_4546b59f-30d5-4f39-ab8a-2e97f2c1778b
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 01:20:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
170
Content-Type
text/html; charset=utf-8
Date
Tue, 09 Jan 2024 07:25:31 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_4546b59f-30d5-4f39-ab8a-2e97f2c1778b
Server
Apache
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 7AFE 		43 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
220.150.223.50 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
50.223.150.220.in-addr.arpa
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
Content-Type
image/gif
Date
Tue, 09 Jan 2024 07:25:31 GMT
Pragma
no-cache
Server
nginx
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 3896
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2338458340105893363&gdpr=0&gdpr_consent=
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2338458340105893363&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 07:25:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
d4477034-21d2-4036-9496-df38d7025a59
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 07:25:31 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2338458340105893363&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
146.70.201.212; 146.70.201.212; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
ecm3
s.amazon-adsystem.com/ Frame 5767 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID3008DB03-8A32-4240-AC05-4F59925776EB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 09 Jan 2024 07:25:31 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
8SAAC9DVPR78HK4GW6TT
Pug
simage2.pubmatic.com/AdServer/ Frame C2FC
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4211865590473351281
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4211865590473351281
Protocol
H2
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 01:18:02 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4211865590473351281
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
3008DB03-8A32-4240-AC05-4F59925776EB
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame C2FC 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/3008DB03-8A32-4240-AC05-4F59925776EB?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:da18:929:5a01:4f7c:de84:79b9:a7e6 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame C2FC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3008DB03-8A32-4240-AC05-4F59925776EB&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-vz2eW1xE2uWRyrGO2nFQ6TBHSsS8Q9o-~A&gdpr=0
0
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-vz2eW1xE2uWRyrGO2nFQ6TBHSsS8Q9o-~A&gdpr=0
Protocol
H2
Server
207.65.34.74 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:51 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-vz2eW1xE2uWRyrGO2nFQ6TBHSsS8Q9o-~A&gdpr=0
date
Tue, 09 Jan 2024 07:25:31 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401020101&jk=106974496560352&bg=!ExClEF_NAAaumcC-jpk7ADQBe5WfOIqlwa154JkKuKSRHSPGpQsmRYdHWX2aIEIC7IS4ujgzPDMClaby44qc71rZjMzNAgAAAFJSAAAAA2gBB5kCq9lBGYk3ZVeX6fyBNf7G4w9i6J6Smyl_Dvtc_KeQ3c3xyL5oJ53N2kl6NEWMlOfT3isS8Idoq2Z12Md4YVgEnJi-z0ZKX4j0PurzA6_EgTU-h3Pkij29MJrQKIzJFXG79Ri9An7gPyBYtVqK0l_pKuKE6lGykfLke9lXH2UKws2BCD8728EaDGZ4IJ3f5AIqbIPrrFa6cATPTmO-Ns8tCP8Hho7lMGMqO39A2XsZnRwrWT1qQhMq9xDu4DfafPQepiS7xiVi2kR8zVxgz2-YRqmMW-ecisxYI_UHvxWR68VlUOFACSH_W6zNxIJ9K3U05YaDEz6L9VgtK8FXRuZlTLgw90CTc1kQINlmLQ04XDzRmZ3uuqN7AakuO-lXrarJDSEW02M7pWSQx6a36v0ukI2o9f3ZYaHgttyaSGvm7qmNwLZY2SpgcArFKOTjBBGaUhakjpWE7Jo0H-EXhMgq7_gap_hNCXHjwREiCLYwfJfjAqc2Yfpr32L2V1pguVE_4PErn93rD0r8qNGEiPOxDrpPKX5wTXanEiV6Qaer6smnZsXswHeUZR3EKihZKOd4Sd4R66o5UBJbVaK_sfzWcGYVnyj08OWufDk7GmIwbU-RCWt_7fUmMjAIQ8JNXtoONVh4HlFqsIkGPWNI4pVi6mao3tKgDHwJ9sfsj-H2nqugBkS0fA1EsjLW2NgL-Y-eJPZDpQNUILlVXob0ToBolvEdrOfS0qZiFysNpvPnfyYTfMh_xIkBWd8dTJ4VK8PojWt8fXqpDTUoQ_NUEDc0fRIj49nAPL_O4y_KEKGgtK6H7sM5vPC-Cpm9oltkPxZINeIbuxJlDmCqfMNFh7O-I4jWuQ7cFMXcUyxEesTw71vhIWo1f5pu1mzAxPFTCr2ZGKJis8A1RGxiISlY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
PugMaster
image6.pubmatic.com/AdServer/ Frame BC61 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=39817273&p=159196&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
051d33dca38fbe67237e45b941bab44c6f0c7319aa17395941986119dccbfb91

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 09 Jan 2024 07:25:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame 3C75
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7J2Xa7ycyz73kM1uucmDMLjLmTH3kZg6vJFymkZN
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7J2Xa7ycyz73kM1uucmDMLjLmTH3kZg6vJFymkZN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 02:49:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Tue, 09 Jan 2024 07:25:31 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7J2Xa7ycyz73kM1uucmDMLjLmTH3kZg6vJFymkZN
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame DA77
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 01:20:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Tue, 09 Jan 2024 07:25:30 GMT
expires
Tue, 09 Jan 2024 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
950891
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame EA5C 		0
0
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame BF22 		85 B
259 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Tue, 09 Jan 2024 07:25:31 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-nrt-rjtf7700078-NRT
x-timer
S1704785132.715711,VS0,VE157
Pug
image2.pubmatic.com/AdServer/ Frame A085
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=q3TkUSa7A3uAutpb6_ScZQ
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=q3TkUSa7A3uAutpb6_ScZQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 01:18:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 07:25:31 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=q3TkUSa7A3uAutpb6_ScZQ
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 751B
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=a18b0d87151d498cb87203148ed25e13
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=a18b0d87151d498cb87203148ed25e13
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 02:49:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html;charset=UTF-8
date
Tue, 09 Jan 2024 07:25:31 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=a18b0d87151d498cb87203148ed25e13
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
status
302
via
1.1 google
x-xss-protection
1; mode=block
cm
ipac.ctnsnet.com/int/ Frame 3435 		43 B
303 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Tue, 09 Jan 2024 07:25:31 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
pxd
dps.jp.cinarra.com/ Frame 1A9B 		0
37 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=3008DB03-8A32-4240-AC05-4F59925776EB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.114.76.12 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-114-76-12.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-length
0
date
Tue, 09 Jan 2024 07:25:31 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 228F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=myx19p-sU3h8tHODeScjhZJGydQ&gdpr=0&gdpr_consent=
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=myx19p-sU3h8tHODeScjhZJGydQ&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 02:49:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Tue, 09 Jan 2024 07:25:31 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=myx19p-sU3h8tHODeScjhZJGydQ&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 5180
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 01:20:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Tue, 09 Jan 2024 07:25:32 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
image2.pubmatic.com/AdServer/ Frame 9F5E
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUcbf92ee49bb34665be9bcade7e2fbc4f
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUcbf92ee49bb34665be9bcade7e2fbc4f
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 02:49:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 07:25:34 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUcbf92ee49bb34665be9bcade7e2fbc4f
pragma
no-cache
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 641B
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:J6e8nzE01Rn6uk5&gdpr=0&gdpr_consent=
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:J6e8nzE01Rn6uk5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 01:18:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Tue, 09 Jan 2024 07:25:31 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:J6e8nzE01Rn6uk5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-02709237e5f898394@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 4C65
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c0ae659c-f4ec-4100-9fca-8c01a6a50409&gdpr=0&gdpr_consent=
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c0ae659c-f4ec-4100-9fca-8c01a6a50409&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 01:18:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 09 Jan 2024 07:25:32 GMT
Expires
Tue, 09 Jan 2024 07:25:31 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1237 600843f master iad iad-pixel-x5 config_version:"1604"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c0ae659c-f4ec-4100-9fca-8c01a6a50409&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 9B59
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:708312F921DC425A8575B9AF760C19C9&gdpr=0&gdpr_consent=
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:708312F921DC425A8575B9AF760C19C9&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 01:18:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Tue, 09 Jan 2024 07:25:31 GMT
expires
Mon, 08 Jan 2024 07:25:31 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:708312F921DC425A8575B9AF760C19C9&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Pug
image2.pubmatic.com/AdServer/ Frame EA9B
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1921700051816047321
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1921700051816047321
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 01:20:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Tue, 09 Jan 2024 07:25:32 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1921700051816047321
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame A365
Redirect Chain
  • https://live.primis.tech/live/liveCS.php?source=external&advId=91&advUuid=3008DB03-8A32-4240-AC05-4F59925776EB
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=3008DB03-8A32-4240-AC05-4F59925776EB
43 B
866 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=3008DB03-8A32-4240-AC05-4F59925776EB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.65.185.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-71.nrt57.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
date
Tue, 09 Jan 2024 07:25:31 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
pragma
no-cache
via
1.1 18684d08f1c8a3056a0c5115ae29d06c.cloudfront.net (CloudFront)
x-amz-cf-id
Lx_h6JnmQX8lGkyU57jZvfLezF1k7P4tfJ-AjY7zFl7jOomk2b_ufw==
x-amz-cf-pop
NRT57-P2
x-cache
Miss from cloudfront

Redirect headers

age
0
alt-svc
h3=":443"; ma=86400
cache-control
no-store
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 07:25:31 GMT
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=3008DB03-8A32-4240-AC05-4F59925776EB
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
server
nginx
via
1.1 c8ced8ee22fad477549815ea371867b2.cloudfront.net (CloudFront)
x-amz-cf-id
4dIixNFh-iA24jpQBDrwlxeF_9xSJIASvwDrrY6VmOEJm5m94NbVNg==
x-amz-cf-pop
KIX50-P2
x-cache
Miss from cloudfront
Pug
simage2.pubmatic.com/AdServer/ Frame BC61
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7001959693255496791&gdpr=0&gdpr_consent=&us_privacy=
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7001959693255496791&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 07:25:31 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7001959693255496791&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 09 Jan 2024 07:25:31 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame BC61
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=3008DB03-8A32-4240-AC05-4F59925776EB&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=7bc6ea148415218f&is_secure=true&networkId=17100&version=1&nuid=3008DB03-8A32-4240-AC05-4F59925776EB&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALAa732r1H1QNAqhX4AAAAAAA&expiration=1704871532&nuid=3008DB03-8A32-4240-AC05-4F59925776EB&...
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALAa732r1H1QNAqhX4AAAAAAA&expiration=1704871532&nuid=3008DB03-8A32-4240-AC05-4F59925776EB&is_secure=true&gdpr_consent=&gdpr=0
Protocol
H2
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 07:25:32 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:32 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALAa732r1H1QNAqhX4AAAAAAA&expiration=1704871532&nuid=3008DB03-8A32-4240-AC05-4F59925776EB&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
v1
lb.eu-1-id5-sync.com/lb/ Frame BFCA 		33 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
8bd4a3f832145c2aef3424b32aeadbfc62cc27a5dcb4b13eacd07c486967e120
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.normantranscript.com
date
Tue, 09 Jan 2024 07:25:31 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
trinity.json
apex.go.sonobi.com/ 		114 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2222849b92151a38%22%3A%22121808278466059cd0bb%7C300x250%7Cgpid%3D%2F281191609%2C9869277%2Ftrx_cnhi%2Fnormantranscript.com%2Cc%3Dd%2C%22%2C%223aa8ef012cde4b%22%3A%22121808278466059cd0bb%7C300x250%7Cgpid%3D%2F281191609%2C9869277%2Ftrx_cnhi%2Fnormantranscript.com%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.normantranscript.com%2F&s=2bafa04a-9571-4553-a0db-52af59c2c7f0&pv=c847ac68-32cf-46d8-bca3-eadf257cd9e0&vp=desktop&lib_name=prebid&lib_v=7.13.0-pre&us=5&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.normantranscript.com%2F%22%2C%22domain%22%3A%22normantranscript.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22normantranscript.com%22%7D%2C%22keywords%22%3A%22normantranscript%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%7D&ius=1&gdpr=false&schain=%7B%22complete%22%3A1%2C%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22americanhometownmedia.com%22%2C%22sid%22%3A%2200021%22%2C%22hp%22%3A1%7D%5D%7D&us_privacy=1---&coppa=0
Requested by
Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.34.250.78 Hemet, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
9b6c87eccea0ce737b8767f0ec185129131006c4da525972eaa019c88bde01fd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 07:25:32 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-16
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Type
application/json
Access-Control-Allow-Origin
https://www.normantranscript.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
139
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ 		94 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.13.0-pre
Requested by
Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.152 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
435567106976a4f594a31305a31c62156a9abcb62d4264af857e225ab1fd6b06

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 09 Jan 2024 07:25:32 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.normantranscript.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
arj
justapinch-com-d.openx.net/w/1.0/ 		191 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://justapinch-com-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.normantranscript.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-540&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=4c8f5c0d-8bb4-4b7d-a391-3844786543db%2C217f4a8f-00fb-4ce2-9d34-1025bf9297c4&nocache=1704785132327&gdpr_consent=&gdpr=0&us_privacy=1---&schain=1.0%2C1!americanhometownmedia.com%2C00021%2C1%2C%2C%2C&aus=300x250%7C300x250&divids=ahm_widg_id_3%2Cahm_widg_id_7&aucs=%2C&auid=544092638%2C544092638
Requested by
Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
8a2dfc3ba8de668db2c98b5234c7594d3b13f15563a829db229dd7f96695ebd3

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:32 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.normantranscript.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
178
expires
Mon, 26 Jul 1997 05:00:00 GMT
212.json
id5-sync.com/g/v2/ Frame BFCA 		630 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/212.json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
6f6e2ed1be3944f0d42c2efbc3246f3fcc83127f22ca33d6df37c701ba602e5a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.normantranscript.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.normantranscript.com
date
Tue, 09 Jan 2024 07:25:33 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
SPug
simage4.pubmatic.com/AdServer/ Frame C2FC 		0
47 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.74 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 01:26:51 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame BC61 		0
47 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159196&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.74 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:16 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ads
securepubads.g.doubleclick.net/gampad/ 		61 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=106974496560352&correlator=3544586318848708&eid=31077976%2C31080297&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=281191609%3A9869277%2Ctrx_cnhi%2Cnormantranscript.com&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%2C320x50%7C300x250&fluid=height%2Cheight&ifi=14&sfv=1-0-40&fsbs=1%2C1&eri=1&sc=1&cookie=ID%3Dde2a601dec178db4%3AT%3D1704785127%3ART%3D1704785127%3AS%3DALNI_Mb1maAeSfDS8tLdWSYHpIqa8K1Wlw&gpic=UID%3D00000cd447ba646c%3AT%3D1704785127%3ART%3D1704785127%3AS%3DALNI_MbaEh6fV9tkmUWpCHLW99Zb0PzusQ&abxe=1&dt=1704785133836&lmt=1704759735&adxs=1180%2C840&adys=1141%2C2755&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C10&ucis=e%7Cf&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.normantranscript.com%2F&vis=1&psz=300x250%7C300x250&msz=300x-1%7C300x-1&fws=4%2C4&ohw=1600%2C1600&ga_vid=2123531324.1704785126&ga_sid=1704785127&ga_hid=719282103&ga_fc=true&ga_cid=200918507.1704785127&dlt=1704785125375&idt=759&prev_scp=slotName%3Dldgr1%26pubDom%3Dnormantranscript.com%26atab%3Dtrue%26frstlk%3Dtrue%7CslotName%3Dldgr4%26pubDom%3Dnormantranscript.com%26atab%3Dtrue%26frstlk%3Dtrue&cust_params=section%3Dhomepage&adks=2242529879%2C2242529875&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8bf329f48bbe7ae2d9925d4a0d9f17a9e68f8df94a72b284c6a59a7e98a50fba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:34 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15148
x-xss-protection
0
google-lineitem-id
6256584425,6256584425
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138438042764,138438030638
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.normantranscript.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DEF0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsutCUzKIHLb-jwQgR_06PqpK4NdWyHAAeDgevvvkRuAvDDNn47KjkXWAsP58dshbLGUXi0M7RXn6QQL27BZwfYDVt0L83FQyDzn3dgSOsz8JpmUNHF0izN9EC2QYg-N4pb30eIMJISvT-4jeYFJP70z88h0aLeb51gumIr2UTKkrS463oAkZM1A2x_vDeoRr4iPa1wMcMvVKcckHvAHcVcWWmlDX3oJCqHCP0gUbhjRBLNfI-Msl3o3Tgzz2Wtz0x0rTxL9g-mXmlvEqBd48ZHahmO4rirweMi95sZIsNkoptmKchpiMnmexiayDGSkRp5hvaGTY3m8OU1wj3huZSf_WVhm2PtiVXGe9zr7bhfoW_hr1TtJ3VdXnRXRuWePzwG7BISljUdedXZeziF4bW-Gneg&sai=AMfl-YT_Iaj_3wPb-5q2rs0iB5K6MRkuI40fUBbWP_771YTdBfjdgiHxgjkgCPvx9E4TtepLWZh_a-2CpMstyCNzgIshpjUSDxxxUXu5k0EKPQGQpE3gCJwr9l33mdwRZ24&sig=Cg0ArKJSzCdZLp_vzz6HEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame DEF0 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704717871404979"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Jan 2024 07:25:34 GMT
6983302731070568873
tpc.googlesyndication.com/simgad/ Frame DEF0 		164 KB
164 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6983302731070568873?
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e1ffff02bf49daaaccce97d786db71c3baccef6a577565ba66023b27d9ee21e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 05:35:39 GMT
date
Thu, 04 Jan 2024 05:35:39 GMT
x-content-type-options
nosniff
age
438595
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
167476
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 18:22:04 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
view
securepubads.g.doubleclick.net/pcs/ Frame 3BEA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-kBol9CAiHVeU2qIHIUkCJjnSHV0vl4P-x6R_QjKDzpLxil90zPlD8dJx3CQ9mmOYXE0aREWztizqeQ5VHhsp5WZAlkPTEeSf1J7RyV91ahgI8_4s8yCgrnkHGR-jXyGrr6y_xVhayVgV-u-zIBFC1wQ4PD_-olCgeN-9-Nj_SA9LIk0_OamGI--TseyfvFbS6XXa1ghSYzACgxd_eDLXjHJfjHOjsNa0Yzi6nyQBcKftx_m9Tg7BlzXQ7RGfXMO2XZAEpKGcls1AlthWA4AvkfVTFBPAOdhV6Bfx7NcGoXCQ7M-NvO2vzLKeMSNg9bEWQwzqLYHzhHxQj93wX8DSOAoJVgvn2vWI78AV9nI7Qv2DWkOMgfgj3G3KmAOQ5fZfn1hygnv2j9jTCjE_80bJ8Gk&sai=AMfl-YRhgpVQBmJ2BhXpn4ovTwa35edaFIP7VH-KcIi3Ecp2Qr1odFYzRqM3JYimvw2Mstq0FqAWM4pGEtjgdh358Ub_t0zdyWWxuBcvbKz44KtkWbxQizlInzqYBsnD6e8&sig=Cg0ArKJSzKcWQvBNR3e3EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.normantranscript.com
URL: https://www.normantranscript.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 3BEA 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704717871404979"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Jan 2024 07:25:34 GMT
10444217275371305457
tpc.googlesyndication.com/simgad/ Frame 3BEA 		164 KB
164 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10444217275371305457?
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
293d735950af4599777142a0777e70b27268f2f19206d22ebf0c0ec19c0da2a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Sun, 05 Jan 2025 23:22:31 GMT
date
Sat, 06 Jan 2024 23:22:31 GMT
x-content-type-options
nosniff
age
201783
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
167971
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 18:26:18 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
view
securepubads.g.doubleclick.net/pcs/ Frame DEF0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssyQQ7BqKx9Z11COEqFZKRqEET5ZOfHKaQ1LFY8OTimg9Vz5GiplJr_GhsvuLxbHZ1JRJk4_yThEx1DsbxFabyiyE8_jt5VZaz8wEqNR28-gdhwscNr3MirrZDi_PRG_PSCJPIRsJmEqNwJmNwaS13ghrY0PEOcpH13-UTBhbDRBLNM9KMDVhc_81rCYbae3ISGtonwq2lQ4lr0dLaDC8aS7dXyuFeCQIchNdsX5hAwim3ZH6at2IXaF-kRt6LEDtLaT33bPBUkQlB6HHrr6tcPpVckL-4badLE8TeSnYdobwcM7t-Q8xa7PgHLlmewDi1sQScE27nALbxlCiZ_tLq9Uf2eqiDnEx06ETwLzk_DPvR4AuwqM7t-Mfo7Bg17u9po2xXy1ywUntjToRqoqs4wjmCHpA&sai=AMfl-YSLtYhJmG9Gmsr3v8BlE8zjtMBlpGfra6InUHYt3VhswmYek77by5Rtki83Nu8cyv0mw3G4RS7aaoq1CNZs7doOgwd_F3wHDCXYEZnDpEm678Va2VZjxZ6ped0VvyQ&sig=Cg0ArKJSzMSCESLUGOd0EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 09 Jan 2024 07:25:34 GMT
truncated
/ Frame DEF0 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a26ff3bd97e4dac43cf30c9008bd99f10f05632e8d6ceb8fb07e10bed4c393f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 3BEA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuvHZ2JuaseYGIwD6V02I5z333O8tQGY33BxbppgFscHluQ6aC3zZY3Mq5HS3xs_KNaLZtfSW0ScAjHrdMzZJBTHUK9hqRP3HVs67lT-9ickrYqnG_84tLZMzPO6nW0df5vqgx_Q6uk-0i65rpL2ohTECcti_ZoQDC-FlPTVZm1trRs2H_G6j0iihLQdP0JvdCABM37ffZNVBEgTmQyWDhsIWZL6LdtWdBraQdr0xZjBwkRhTYdy0UjxFDAf41--MD-uf9gRI2gWkWLYM3Am6M3t2HhNqrES_Yjm1X4VdtK8PZnOMZ0GkPPQW0UDEkoU1lAmEgUSHpxYlhlJFCqaXpsk-jCr7biXNGpFnn0baJF5RA7flwp25mNR7xKrjrkqlb-n4-7AtrXgYxT5FDlqTfvFGFugw&sai=AMfl-YSoSPVwtu8waoXL3Y_ylWZsX6HagFxCtEklEQlr05dvXuhejJvNJmFNgdvmPb6h-QKp_8vWHsOUG4ctOARDnfMXgs1IryMexrnI30MWOMnbCK4uHaNzaFk_2CZ5ltk&sig=Cg0ArKJSzERCTG96R5YaEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 09 Jan 2024 07:25:34 GMT
truncated
/ Frame 3BEA 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0b58950b4664f2764f38730f68ac0a69c8f1ac0d7626d773fc49c2a4db4870f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
PugMaster
image6.pubmatic.com/AdServer/ Frame BC61 		47 B
167 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=30971654&p=159196&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 09 Jan 2024 07:25:34 GMT
content-length
47
content-type
text/html; charset=UTF-8
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame FCCC
Redirect Chain
  • https://live.primis.tech/live/liveCS.php?source=external&advId=91&advUuid=3008DB03-8A32-4240-AC05-4F59925776EB
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=3008DB03-8A32-4240-AC05-4F59925776EB
43 B
867 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=3008DB03-8A32-4240-AC05-4F59925776EB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.65.185.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-71.nrt57.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
date
Tue, 09 Jan 2024 07:25:35 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
pragma
no-cache
via
1.1 18684d08f1c8a3056a0c5115ae29d06c.cloudfront.net (CloudFront)
x-amz-cf-id
OXS7ThcMR890hpt6zwzJ4blaLBGZN4h_h7lS4pfLo0Kc-v8_rBdnXA==
x-amz-cf-pop
NRT57-P2
x-cache
Miss from cloudfront

Redirect headers

age
0
alt-svc
h3=":443"; ma=86400
cache-control
no-store
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 07:25:34 GMT
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=3008DB03-8A32-4240-AC05-4F59925776EB
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
server
nginx
via
1.1 c8ced8ee22fad477549815ea371867b2.cloudfront.net (CloudFront)
x-amz-cf-id
D-gf5LbkNJRXi2MivfKunzHvFBzmDTr7IHjSw0vD9pZ7ZXnVzWwKcQ==
x-amz-cf-pop
KIX50-P2
x-cache
Miss from cloudfront
chunklist_480.m3u8
video.primis.tech/uploads/cn1/video/users/hls/22235/video_5df2c67d5a683172725343/vid6585c3321882c930200009.mp4/ 		542 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/22235/video_5df2c67d5a683172725343/vid6585c3321882c930200009.mp4/chunklist_480.m3u8
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
104.129.130.39 Dallas, United States, ASN396949 (CLOUDWEBMANAGE-TX, US),
Reverse DNS
Software
Tengine /
Resource Hash
3dd29e17adf55d1801e9906d0ebdc070537add09e1665d70c21253a30ba84b2b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Thu, 11 Jan 2024 07:25:36 GMT
date
Tue, 09 Jan 2024 07:25:36 GMT
via
1.1 1b0f041f103652001e37f5806000d24a.cloudfront.net (CloudFront), 1.1 5e55748dd68617062131a4065ae38fd4.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3, DFW57-P4
age
16433
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
542
last-modified
Sat, 23 Dec 2023 01:40:44 GMT
server
Tengine
etag
"509d16e21d103df38ff4c7ecbbaa755c"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
application/vnd.apple.mpegurl
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=172800
x-amz-cf-id
fVwmZ3gkz3TC8trr6JcYiVbb3yngiiXsKjjlw8d_GWAkvcfzM-1czA==
x-proxy-cache
EXPIRED
beacon
ce.lijit.com/ Frame 02D4
Redirect Chain
  • https://ap.lijit.com/beacon?us_privacy=1---&informer=11277942
  • https://ce.lijit.com/beacon?us_privacy=1---&informer=11277942
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon?us_privacy=1---&informer=11277942
Requested by
Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.210 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software
/
Resource Hash
aae40a4a56cf4bb4856494fd943282769c806a0a824a1dcf15460adc151fab7f

Request headers

Referer
https://www.normantranscript.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
753
Content-Type
text/html
Date
Tue, 09 Jan 2024 07:25:35 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap4sfo1

Redirect headers

Content-length
0
Location
https://ce.lijit.com/beacon?us_privacy=1---&informer=11277942
pd
jp-u.openx.net/w/1.0/ Frame E649 		1007 B
596 B 		Document
General
Check archive.org
Download Go to
Full URL
https://jp-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0&us_privacy=1---
Requested by
Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
69112c889b2081fba7085c5b1725533f5c111ef3750b043eeceaddac16f1de6f

Request headers

Referer
https://www.normantranscript.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
577
content-type
text/html
date
Tue, 09 Jan 2024 07:25:35 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
RX-3c1002fe-bb9c-41c0-9f0b-68218e11bef1-004
sync.targeting.unrulymedia.com/csync/ Frame E649
Redirect Chain
  • https://sync.1rx.io/usersync/openx/b5f1e96f-bf38-0467-1de1-65ab4462a388
  • https://sync.targeting.unrulymedia.com/csync/RX-3c1002fe-bb9c-41c0-9f0b-68218e11bef1-004
43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-3c1002fe-bb9c-41c0-9f0b-68218e11bef1-004
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0&us_privacy=1---
Protocol
H2
Server
74.118.186.107 Serangoon New Town, Singapore, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:36 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-3c1002fe-bb9c-41c0-9f0b-68218e11bef1-004
pragma
no-cache
date
Tue, 09 Jan 2024 07:25:35 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-type
text/html
sd
us-u.openx.net/w/1.0/ Frame E649
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=2338458340105893363
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=2338458340105893363
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0&us_privacy=1---
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:35 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:35 GMT
an-x-request-uuid
6afda35f-1846-41d0-aa5f-9851afb8da0a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=2338458340105893363
x-proxy-origin
146.70.201.212; 146.70.201.212; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
openxjp
e-jp.cmcd1.com/usersync/ Frame E649 		82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e-jp.cmcd1.com/usersync/openxjp?id=38442fb6-a5bd-09b8-1328-afe9d97ea420
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.213.64.108 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:35 GMT
via
1.1 google
server
Apache-Coyote/1.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
82
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame E649
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=XJHkrQyQuPhHnL6oCcXw9gjH6vdHnev8DJ2bobGd
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=XJHkrQyQuPhHnL6oCcXw9gjH6vdHnev8DJ2bobGd
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0&us_privacy=1---
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:35 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:35 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=XJHkrQyQuPhHnL6oCcXw9gjH6vdHnev8DJ2bobGd
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
c.html
j.mrpdata.net/ Frame E649 		0
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame E649 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
98.98.134.241 -, , ASN (),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Tue, 09 Jan 2024 07:25:35 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
sd
us-u.openx.net/w/1.0/ Frame E649
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=openx&bsw_custom_parameter=4799ebae-c07a-47eb-9a10-229473514984&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=f62e7a40-53d5-4ab6-823f-6f90c02fe1d0&expires=1&user_group=2&ssp=openx&bsw_param=4799ebae-c07a-47eb-9a10-229473514984&gdpr=&gdpr_consent=&gdpr_pd=
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=4799ebae-c07a-47eb-9a10-229473514984&gdpr=&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=4799ebae-c07a-47eb-9a10-229473514984&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0&us_privacy=1---
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:36 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//us-u.openx.net/w/1.0/sd?id=537072968&val=4799ebae-c07a-47eb-9a10-229473514984&gdpr=&gdpr_consent=&us_privacy=
Date
Tue, 09 Jan 2024 07:25:36 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
apsoutheast-match.deepintent.com/usersync/108/ Frame E649 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apsoutheast-match.deepintent.com/usersync/108/
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 -, , ASN (),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:36 GMT
content-length
0
server
b
sd
us-u.openx.net/w/1.0/ Frame E649
Redirect Chain
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=1fd58f56d262241&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAMGUgzgp9NqQMCKJYuAAAAAAA&expiration=1704871535&nuid={OX_USER_ID}&is_secure=true
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAMGUgzgp9NqQMCKJYuAAAAAAA&expiration=1704871535&nuid={OX_USER_ID}&is_secure=true
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0&us_privacy=1---
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:36 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:35 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAMGUgzgp9NqQMCKJYuAAAAAAA&expiration=1704871535&nuid={OX_USER_ID}&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sync
ups.analytics.yahoo.com/ups/58294/ Frame E649 		0
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&gdpr=0&uid=08037a84-1ce7-0c45-1e2b-fd4975791b9d
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.143.106.89 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-143-106-89.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:35 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
merge
ce.lijit.com/ Frame 02D4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&us_privacy=&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_custom_parameter=4799ebae-c07a-47eb-9a10-229473514984
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_custom_parameter=4799ebae-c07a-47eb-9a10-229473514984
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=d0ed4363-df13-4f7a-8249-2029c42d9b27&user_group=1&ssp=fmx&bsw_param=4799ebae-c07a-47eb-9a10-229473514984
  • https://ce.lijit.com/merge?pid=26&3pid=4799ebae-c07a-47eb-9a10-229473514984&gdpr=&gdpr_consent=&us_privacy=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=4799ebae-c07a-47eb-9a10-229473514984&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?us_privacy=1---&informer=11277942
Protocol
HTTP/1.1
Server
209.191.163.210 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 07:25:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=4799ebae-c07a-47eb-9a10-229473514984&gdpr=&gdpr_consent=&us_privacy=
Date
Tue, 09 Jan 2024 07:25:36 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame 02D4
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=tPn2jnRyxI0t&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=tPn2jnRyxI0t&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?us_privacy=1---&informer=11277942
Protocol
HTTP/1.1
Server
209.191.163.210 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 07:25:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
jp-JP
location
https://ce.lijit.com/merge?pid=49&3pid=tPn2jnRyxI0t&ev=1&pid=558511&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-77d9dc7bdc-pmdsb
expires
-1
krshme82.gif
us.ck-ie.com/ Frame 02D4
Redirect Chain
  • https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent=
  • https://us.ck-ie.com/krshme82.gif?gdpr=0&gdpr_consent=[GDPR_CONSENT]&us_privacy=[CCPA]&coppa=[COPPA]&puid=8622de44-cb91-5797-bbc9-e0f20522a473
0
0
merge
ce.lijit.com/ Frame 02D4
Redirect Chain
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=keoX7sHrS7uK503rxL4DtcW8GbSK5hi_weaGB45x
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=keoX7sHrS7uK503rxL4DtcW8GbSK5hi_weaGB45x
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?us_privacy=1---&informer=11277942
Protocol
HTTP/1.1
Server
209.191.163.210 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 07:25:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:36 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=keoX7sHrS7uK503rxL4DtcW8GbSK5hi_weaGB45x
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
merge
ce.lijit.com/ Frame 02D4
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=86&3pid=_wXDy6gr-NxQ8pAod8v40PAQL9C5r9aMWlwcEhkKN_o&pi=sovrn&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=_wXDy6gr-NxQ8pAod8v40PAQL9C5r9aMWlwcEhkKN_o&pi=sovrn&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?us_privacy=1---&informer=11277942
Protocol
HTTP/1.1
Server
209.191.163.210 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 07:25:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=_wXDy6gr-NxQ8pAod8v40PAQL9C5r9aMWlwcEhkKN_o&pi=sovrn&gdpr=0&gdpr_consent=
pragma
no-cache
date
Tue, 09 Jan 2024 07:25:36 GMT, Tue, 09 Jan 2024 07:25:36 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 02D4
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=2338458340105893363&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=92&3pid=2338458340105893363&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?us_privacy=1---&informer=11277942
Protocol
HTTP/1.1
Server
209.191.163.210 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 07:25:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:36 GMT
an-x-request-uuid
64d4c564-f855-4bad-8f64-104df292de89
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ce.lijit.com/merge?pid=92&3pid=2338458340105893363&gdpr=0&gdpr_consent=
x-proxy-origin
146.70.201.212; 146.70.201.212; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 02D4 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?us_privacy=1---&informer=11277942
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
98.98.134.241 -, , ASN (),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Tue, 09 Jan 2024 07:25:35 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
dot.gif
s0.2mdn.net/ Frame 02D4
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=SDloZEJMWkhZUzNoQVNmU1RYT25hX1df&gdpr=0
  • https://s0.2mdn.net/dot.gif?gdpr=0
43 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?us_privacy=1---&informer=11277942
Protocol
H2
Server
2404:6800:4004:808::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 19:49:36 GMT
x-content-type-options
nosniff
age
41760
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 Jan 2024 19:49:36 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://s0.2mdn.net/dot.gif?gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
231
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B993 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?us_privacy=1---&informer=11277942
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.39.216.189 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-216-189.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=54967
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 09 Jan 2024 07:25:35 GMT
expires
Tue, 09 Jan 2024 22:41:42 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cm
us-u.openx.net/w/1.0/ Frame 7F0F 		788 B
456 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?us_privacy=1---&informer=11277942
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
230f15fc8e52bc3a5a9a3fc205d59ad23d4bf9db84645a56f40934ffc559bf8f

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
437
content-type
text/html
date
Tue, 09 Jan 2024 07:25:36 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
merge
ce.lijit.com/ Frame 0769 		43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=58&3pid=3008DB03-8A32-4240-AC05-4F59925776EB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.210 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Tue, 09 Jan 2024 07:25:36 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap4sfo1
merge
ce.lijit.com/ Frame 7F0F 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=4a2927cd-2e39-0c01-0ab0-8ae59a6bd0a6&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.210 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 07:25:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sd
u.openx.net/w/1.0/ Frame 7F0F
Redirect Chain
  • https://cm-exchange.toast.com/bi/pixel?cm_mid=1285568805&toast_push
  • https://u.openx.net/w/1.0/sd?id=557557631&val=RIKFCUMH4PTWAD3174TN3USKA
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?id=557557631&val=RIKFCUMH4PTWAD3174TN3USKA
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:36 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://u.openx.net/w/1.0/sd?id=557557631&val=RIKFCUMH4PTWAD3174TN3USKA
Date
Tue, 09 Jan 2024 07:25:36 GMT
Cache-Control
no-cache
Server
nginx
Connection
close
Content-Length
0
P3P
CP="NON DSP LAW CURa ADMa DEVa OUR BUS IND COM NAV INT"
getuid
sync.smartadserver.com/ Frame 7F0F
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fu.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537106470%26val%3D[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https://u.openx.net/w/1.0/sd?id=537106470&val=[sas_uid]&cklb=1
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?gdpr=0&url=https://u.openx.net/w/1.0/sd?id=537106470&val=[sas_uid]&cklb=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.106.127.57 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:25:35 GMT
content-length
0

Redirect headers

location
https://sync.smartadserver.com:443/getuid?gdpr=0&url=https://u.openx.net/w/1.0/sd?id=537106470&val=[sas_uid]&cklb=1
pragma
no-cache
date
Tue, 09 Jan 2024 07:25:36 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 7F0F 		0
0
merge
ce.lijit.com/ Frame 7F0F 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=4a2927cd-2e39-0c01-0ab0-8ae59a6bd0a6
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.210 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 07:25:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sd
jp-u.openx.net/w/1.0/ Frame 7F0F
Redirect Chain
  • https://ds.uncn.jp/ox/0/sync
  • https://jp-u.openx.net/w/1.0/sd?id=540741011&val=v_4546b59f-30d5-4f39-ab8a-2e97f2c1778b
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=540741011&val=v_4546b59f-30d5-4f39-ab8a-2e97f2c1778b
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:36 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://jp-u.openx.net/w/1.0/sd?id=540741011&val=v_4546b59f-30d5-4f39-ab8a-2e97f2c1778b
Date
Tue, 09 Jan 2024 07:25:36 GMT
Server
Apache
Connection
keep-alive
Content-Length
114
Content-Type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame 7F0F
Redirect Chain
  • https://dmp.brand-display.com/cm/api/openx
  • https://us-u.openx.net/w/1.0/sd?id=539237773&val=62124e3e-ce99-3472-bdff3a01
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=539237773&val=62124e3e-ce99-3472-bdff3a01
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:36 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Tue, 09 Jan 2024 07:25:36 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://us-u.openx.net/w/1.0/sd?id=539237773&val=62124e3e-ce99-3472-bdff3a01
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
103
merge
ce.lijit.com/ Frame ACA1 		43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=58&3pid=3008DB03-8A32-4240-AC05-4F59925776EB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.210 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Tue, 09 Jan 2024 07:25:36 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap4sfo1
w_480_00000.ts
video.primis.tech/uploads/cn1/video/users/hls/22235/video_5df2c67d5a683172725343/vid6585c3321882c930200009.mp4/ 		223 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/22235/video_5df2c67d5a683172725343/vid6585c3321882c930200009.mp4/w_480_00000.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
104.129.130.39 Dallas, United States, ASN396949 (CLOUDWEBMANAGE-TX, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Thu, 11 Jan 2024 07:25:36 GMT
date
Tue, 09 Jan 2024 07:25:36 GMT
via
1.1 50d543ccd342bc50b5f1439e7bdddcc8.cloudfront.net (CloudFront), 1.1 4733a27005886c7a56300605d93ad9a0.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3, DFW57-P4
age
144434
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
485228
last-modified
Sat, 23 Dec 2023 01:40:45 GMT
server
Tengine
etag
"bac9bbaf54740daaf4358fd08695a53f"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=172800
accept-ranges
bytes
x-amz-cf-id
yqbUrAex990IKT-iH7upDhxSysazqpgF7IOjMhbOLzRbYjg39Tbttw==
x-proxy-cache
MISS
826fc0d7-a060-428c-b8d3-7c658980e8e3
https://www.normantranscript.com/ 		67 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.normantranscript.com/826fc0d7-a060-428c-b8d3-7c658980e8e3
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
68465
Content-Type
text/javascript
liveView.php
live.primis.tech/live/ 		0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTI1JaNypaZypyRcoWU9MTpjNDp4NTElNlZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA1MTI5JaN0YT0jJat9NDAjJax9MwI1JaZcZF9jYXNmRG9gYWyhPXq3ql5ho3JgYW50pzFhp2NlnXB0LzNioSZmqWJJZD13q3phoz9loWFhqHJuoaNwpzyjqC5wo20zZGVvqWqJozZipz1uqGyiow0znXNBpHA9MCZmZGg2PSZ1p2VlSXBBZGRlPTIjMDEyM0FuYmtyM0E0MCUmQTFyJTNBJTNBMzUzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGMTIjLwAhNwA5OS4kMwxyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTY1OWNzNGU3MzM2M2YzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZHVlPTtjMSZaZHBlPTAzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0kJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNmA0Nmt1MTM2NTQ0JaVcZD1TZWgcozRiU1BfYXyypwY1OWNzNGU3OWVwMwQzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3Lz5ipz1uoaRlYW5mY3JcpHQhY29gJTJGJzZfo2F0U3RuqHVmPWZuoHNyJzVcZHNjPWycpSZjrGyxPWU2ODNyYmxmZTUmZDM4MTMlMwE5MzFyZzU1Zwt2YzQ4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:221e:e000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.normantranscript.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:25:36 GMT
content-encoding
gzip
via
1.1 c8ced8ee22fad477549815ea371867b2.cloudfront.net (CloudFront)
server
nginx
age
0
x-amz-cf-pop
KIX50-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
content-type
text/html; charset=UTF-8
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
nPIbT9GZUMEyCgsJEkg92xEjUWp15zLlNmPALA3HXqw7XSFE7LpPQA==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cs.nex8.net
URL
https://cs.nex8.net/cs/openx
Domain
match.rundsp.com
URL
https://match.rundsp.com/redirect?ex=openx
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=34
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1595&userId=1f1976c2-7d12-05e5-2680-fc5663812d79
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
j.mrpdata.net
URL
https://j.mrpdata.net/c.html?ex=OpenX
Domain
us.ck-ie.com
URL
https://us.ck-ie.com/krshme82.gif?gdpr=0&gdpr_consent=[GDPR_CONSENT]&us_privacy=[CCPA]&coppa=[COPPA]&puid=8622de44-cb91-5797-bbc9-e0f20522a473
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=3&t=pixel

Verdicts & Comments Add Verdict or Comment

446 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| documentPictureInPicture object| dataLayer function| $ function| jQuery object| TNCMS function| originalLeave function| objectFitImages function| Cookies object| picturefillCFG function| picturefill object| lazySizesConfig object| lazySizes function| onYouTubeIframeAPIReady object| __tnt object| obj object| eb.platform object| o function| tnSaveAsset function| pageLoaded number| TNCMS_DotConnect_Tile object| TNCMS_Used_Ad boolean| TNCMS_PAGE_LOADED object| oReq object| aTemp string| sTemp string| regionType object| promo_design_config object| flippxp function| admiral object| googletag function| __uspapi object| AdBridg function| TNStats_Tracker object| TNTracker string| adType object| pbjs string| exp_string number| window_x object| apstag string| href object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| ggeac object| google_js_reporting_queue object| FB object| sifi_att_42656 undefined| google_measure_js_timing object| _aps boolean| apstagLOADED object| __buffer object| _qevents object| _sf_async_config function| ta_popupCallback object| gaplugins function| 4dm1r11545242527 object| pSUPERFLY_mab object| _cbq object| pSUPERFLY string| aReferrer string| aNewReferrer object| analytics object| gaGlobal object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext function| handleMessageFromNative object| gaData object| cswidgetoverR function| postscribe object| google_tag_manager_external object| _snup function| ahmsll_release boolean| ahmsll number| ahmsllfail string| sUserId object| apscustom object| premium_text_ads function| quantserve function| __qc object| ezt object| _qoptions function| shuffle string| adExists string| backgroundColor string| primaryColor string| secondaryColor string| tertiaryColor string| moreText number| numberToDisplay string| headerText string| headerGraphicUrl boolean| boldFirstLine boolean| showWrapper string| accordionHTML object| accordionAds function| hideFbBlock function| hideFbBlockMob function| loginButtonLink function| subscribeButtonLink function| gamesButtonLink object| vfQ object| gptAdSlots function| stick_in_parent function| tntDmpReactiveLotame function| tntDmpReactiveSegment object| shown_timestamp object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| Criteo object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome object| tntSliderReady object| _cb_shared object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ string| ahm_tvx_placeId string| ahm_tcx_siteId string| ahm_tvx_templateId string| ahm_tvx_contentId number| cbuster string| puburl string| ahm_sChain string| ahm_sURL object| d string| s object| sParent boolean| ahm_tvx_oldLoaded number| ahm_spx object| sPlayer string| ahm_tdx_sURL object| sRotd string| myPropertyId object| clientSettings object| confiant number| google_unique_id function| initActiveTab object| activeTab object| ahm_config object| ahmpb object| pubgroup_config number| ahm_stackload boolean| ahm_loaded number| _xy number| ahm_stacktimer number| ahm_stackstart string| encoded_unit object| paramMatch object| viewPortSize object| debugIp object| debugId number| sekindoDisplayedPlacement function| constructsekindoParent735 object| ahmpbChunk object| _pbjsGlobals function| ta_getPaywallDomain function| ta_isMachineIdValid function| ta_createCookie function| ta_createCookieInDomain function| ta_readCookie function| ta_eraseCookie function| ta_eraseCookieInDomain function| ta_checkCookie function| ta_setValue function| ta_getValue function| ta_getCookiesByMatch string| ta_mac_id number| keepSubDomainInCookiesDomain undefined| ta_mac_id_cookie object| ta_mscript string| paywallScriptSrc string| ta_rnd object| body function| ta_catchEscKey function| ta_releaseEscKey function| ta_onStop function| ta_showContent function| ta_resetInterrupted function| ta_resetInterruptedTimeout function| ta_loaded number| ta_interrupted object| vfConfig object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_135 object| Criteo_prebid_135 string| ta_MACHINE_ID string| ta_sessionString string| ta_postMessageLog boolean| ta_supportStorages object| ta_configJSON object| ta_rulesJSON object| ta_productTypesJSON object| ta_subscriptionTypesJSON boolean| ta_showWelcomePopup boolean| ta_showWelcomePopupJustOnHomepage boolean| ta_showFirstPopup boolean| ta_showPeriodPopup number| ta_periodToShow string| ta_showCustomPopup boolean| ta_showLatestPopup boolean| ta_showPaywallPopup number| ta_protectArticle number| ta_truncateArticleInAdvance boolean| ta_isFreeProduct number| ta_validateRequestStatus boolean| ta_firstPageIsNotFree string| ta_productType boolean| ta_userLoggedIn boolean| ta_isFromAllowedIp string| ta_userSubscriptions string| sKValue string| pSKValue string| challenge object| ta_MIN_THRESHOLDS undefined| ta_focus boolean| ta_shouldReopenAccountPopup boolean| ta_willReopenAccountPopup boolean| ta_delayCheckUserRefresh string| ta_externalLoginDomain string| NO_COOKIES_POPUP_TRACK_NAME string| PRIVATE_MODE_POPUP_TRACK_NAME string| WELCOME_POPUP_TRACK_NAME string| FIRST_PRODUCTS_LEFT_POPUP_TRACK_NAME string| PRODUCTS_LEFT_POPUP_TRACK_NAME string| ONE_PRODUCT_LEFT_POPUP_TRACK_NAME string| NO_PRODUCTS_LEFT_POPUP_TRACK_NAME string| PAYWALL_POPUP_TRACK_NAME string| ACCOUNT_POPUP_TRACK_NAME string| CLICK_EVENT_TRACK_NAME string| OPEN_EVENT_TRACK_NAME string| CLOSE_EVENT_TRACK_NAME string| LOGIN_EVENT_TRACK_NAME string| LOGIN_SUCCESS_EVENT_TRACK_NAME string| LOGIN_FAILED_EVENT_TRACK_NAME string| LOGOUT_EVENT_TRACK_NAME string| FORGOT_PASSWORD_EVENT_TRACK_NAME string| LOGIN_LINK_TRACK_NAME string| LOGOUT_LINK_TRACK_NAME string| FORGOT_PASSWORD_LINK_TRACK_NAME string| TOKEN_AUTOLOGIN_NAME string| CHANGE_PASSWORD_EVENT_TRACK_NAME string| CHANGE_PASSWORD_LINK_TRACK_NAME number| passInMd5 undefined| pubkey_e undefined| pubkey_m string| hex_chr function| ta_rhex function| ta_str2blks_MD5 function| ta_add function| ta_rol function| ta_cmn function| ta_ff function| ta_gg function| ta_hh function| ta_ii function| ta_calcMD5 function| retry function| isIE10OrLater function| detectPrivateMode function| ta_isIE function| ta_isIE7 function| ta_isIE8 function| ta_isIE11 function| ta_setClass function| ta_appendClass function| ta_getComputedStyle function| ta_truncateArticle function| ta_getPreservedImages function| ta_removePreservedImages function| ta_elementThresholdExempt function| ta_fillThreshold function| ta_articleTextCount function| ta_setElementsDisplay function| ta_hideElements function| ta_showElements function| ta_hideArticlePreview function| ta_hideProtectedMedia function| ta_showProtectedMedia function| ta_refundArticle function| ta_allowEscapeKeyIfBlocked function| ta_setClickAction function| ta_setForgotPasswordClickAction function| ta_setChangePasswordClickAction function| ta_isUserLoggedIn function| ta_checkUser function| ta_checkSubscription function| ta_openEedition function| ta_getTrackingParams function| ta_openCookiesNotEnabledPopup function| ta_showCookiesNotEnabledPopup function| ta_hideCookiesNotEnabledPopup function| ta_openPrivateModePopup function| ta_showPrivateModePopup function| ta_hidePrivateModePopup function| ta_openWelcomePopup function| ta_openPaymentAlertPopup function| ta_showPaymentAlertPopup function| ta_openProductsLeftPopup function| ta_openPagesLeftPopup function| ta_showPagesLeftPopup function| ta_showPaywall function| ta_showPopup function| ta_hidePopup function| ta_hidePaymentAlertPopup function| ta_hidePagesLeftPopup function| ta_hidePaywall function| hideAllPopups function| ta_pageReload function| ta_resetUserStatus function| ta_logout function| ta_callAfterLogoutCallback function| ta_stripToken function| ta_appendURLParam function| ta_removeQueryToFragment function| ta_getCallBackHome function| ta_appendBackground function| ta_appendInvisible function| ta_getLoginTable function| ta_fixIFrameHeight function| ta_getForgotPasswordTable function| ta_getChangePasswordTable function| ta_removeWrongLoginText function| ta_appendCookiesNotEnabledPopup function| ta_appendPrivateModePopup function| ta_appendPagesLeftPopup function| ta_appendPaywall function| ta_appendPaymentAlertPopup function| ta_loadNMUrlInIFrame function| ta_getExternalLoginLink function| ta_getExternalLogoutLink function| ta_openExternalLoginLink function| ta_openExternalLogoutLink function| ta_showLoginFormInPopup function| ta_refreshButtonsActions function| ta_showLogoutLinkInPaymentAlertPopup function| ta_showForgotPasswordFormInPopup function| ta_showChangePasswordFormInPopup function| ta_accountOptions function| ta_account function| ta_showAccountPopup function| ta_showSingleCreditButton function| ta_showPeriodCreditButton function| ta_createCORSRequest function| ta_hideForgotPasswordSubmitButton function| ta_showForgotPasswordSubmitButton function| ta_forgotPassword function| ta_forgotPasswordRequest function| ta_hideChangePasswordSubmitButton function| ta_showChangePasswordSubmitButton function| ta_changePassword function| ta_changePasswordRequest function| ta_hideLoginSubmitButton function| ta_showLoginSubmitButton function| ta_login object| lastLoginPopupTrackName function| ta_makeLoginRequest function| ta_checkToken function| ta_sendPostMessageLog function| ta_reloadWithoutToken function| ta_loginSuccess function| ta_makeLogoutRequest function| ta_makeAutoLogoutRequest function| ta_makeUserValidateRequest function| ta_makePagesRequest function| ta_validateContent function| ta_validateContentWithProductType function| ta_isHomepage function| ta_readMetaTag function| ta_getProductType function| ta_getMAX_THRESHOLDS function| ta_getMIN_THRESHOLDS function| ta_getFirstTimeNotFree function| ta_isAlreadyVisited function| ta_appendPageURL function| ta_isLocalStorageSupported function| ta_updateAccountButtonText function| ta_paywallSetup function| ta_storeLocally function| ta_getLocalValue function| ta_removeLocalValue function| ta_paywallRefresh function| ta_makeDoubleDelegate function| ta_openPaywall object| popups_style string| text string| text_in_article_default string| text_in_article undefined| popups_corners_fix undefined| popups_ie7_fix undefined| popups_shadow_fix boolean| ta_isPrivate function| ta_externalLoginIFrameOnLoad function| getIFrameByEvent object| externalIFrame object| ta_ga4_tracking_ids function| ta_gtag string| params object| aRegionType object| sPositionCookie string| domain object| GoogleGcLKhOms object| google_image_requests

210 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: ChoKBgjSARD3FgoFCAoQ9xYKCQj_____BxCBFw
i6.liadm.com/s Name: _li_ss
Value: CgA
.simpli.fi/ Name: suid
Value: 708312F921DC425A8575B9AF760C19C9
.normantranscript.com/ Name: _ga_7YYJFLQXWS
Value: GS1.1.1704785126.1.0.1704785126.0.0.0
.normantranscript.com/ Name: _ga_0KMP6SXSW1
Value: GS1.1.1704785126.1.0.1704785126.0.0.0
www.normantranscript.com/ Name: flipp-uid
Value: d213e357-e49b-477e-a56c-7df40e06b16d
.normantranscript.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.normantranscript.com/ Name: _gid
Value: GA1.2.1171950.1704785126
.normantranscript.com/ Name: _dc_gtm_UA-54716522-7
Value: 1
.normantranscript.com/ Name: _dc_gtm_UA-3850501-15
Value: 1
.normantranscript.com/ Name: _dc_gtm_UA-2313981-1
Value: 1
.normantranscript.com/ Name: _ga_4T2EB147B8
Value: GS1.1.1704785126.1.0.1704785126.60.0.0
.normantranscript.com/ Name: ajs_anonymous_id
Value: a9c352f1-ae07-4acc-a8d0-ce27b1b14a02
.quantserve.com/ Name: mc
Value: 659cf4e6-8cfca-8bc79-962f9
.normantranscript.com/ Name: adbrgn
Value: JP13
.normantranscript.com/ Name: _adb
Value: a2lr611qegPHxdYpLFAE
www.normantranscript.com/ Name: csparkW_ga_39CWM68PTE
Value: GS1.1.1704785126.1.0.1704785126.0.0.0
www.normantranscript.com/ Name: csparkW_ga
Value: GA1.1.200918507.1704785127
.youtube.com/ Name: YSC
Value: dOq6vJB7xMQ
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: bC-pIxtKijQ
.normantranscript.com/ Name: _cb
Value: CY8f12CKAhu9IEX5o
.normantranscript.com/ Name: _chartbeat2
Value: .1704785126868.1704785126868.1.D7ybVvCipF7ttscp0hwYtvBo39EE.1
.normantranscript.com/ Name: _cb_svref
Value: external
.p.flipp.com/ Name: gid
Value: "W76/cQAKRHkYA6uoG1Skpg=="
.normantranscript.com/ Name: usprivacy
Value: 1---
.pippio.com/ Name: did
Value: d02CkCoFgKnQRvmv
.pippio.com/ Name: didts
Value: 1704785126
.pippio.com/ Name: nnls
Value:
.normantranscript.com/ Name: __qca
Value: P0-1822333331-1704785126657
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
.openx.net/ Name: i
Value: f56bc654-6d0a-09fb-17da-f4ab86fddc09|1704785126
.sharethrough.com/ Name: stx_user_id
Value: 256397b9-b916-422d-930d-65bf42cf8abb
.primis.tech/ Name: csuuid
Value: 659cf4e72c63f
.pippio.com/ Name: pxrc
Value: COfp86wGEgQIAhAAEgYI7OsBEAA=
.linksynergy.com/ Name: rmuid
Value: 847d2774-5191-4ab3-991e-b90b9f0eb740
.linksynergy.com/ Name: icts
Value: 2024-01-09T07:25:27Z
.viafoura.co/ Name: VfSess
Value: ialbjcmtq6dp1rpngobo89bepq
.viafoura.co/ Name: vfThirdpartyCookiesEnabled
Value: true
.normantranscript.com/ Name: _awl
Value: 2.1704785127.5-258455f5c9bf14a7864b298d9bd9fa02-6763652d617369612d6561737431-0
.normantranscript.com/ Name: __gads
Value: ID=de2a601dec178db4:T=1704785127:RT=1704785127:S=ALNI_Mb1maAeSfDS8tLdWSYHpIqa8K1Wlw
.normantranscript.com/ Name: __gpi
Value: UID=00000cd447ba646c:T=1704785127:RT=1704785127:S=ALNI_MbaEh6fV9tkmUWpCHLW99Zb0PzusQ
.doubleclick.net/ Name: IDE
Value: AHWqTUmX8xVyYZnS9fAh6XI65TT8aXT9HJSVhKsXrltOV3bqBJyZjgFMVPpFpMunVbs
.normantranscript.com/ Name: ta_MACHINE_ID
Value: 892e4503ad86f0faf840aba78be98641
.amazon-adsystem.com/ Name: ad-id
Value: AwalTkyx3kY7ri3gX2N2jzg
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.normantranscript.com/ Name: _vfa
Value: www%2Enormantranscript%2Ecom.00000000-0000-4000-8000-ccf03dc2fd3e.149ea268-3ffa-4dad-b2c8-cd09cfbaa710.1704785127.1704785127.1704785127.1
.normantranscript.com/ Name: _vfz
Value: www%2Enormantranscript%2Ecom.00000000-0000-4000-8000-ccf03dc2fd3e.1704785127.1.medium=direct|source=|sharer_uuid=|terms=
.normantranscript.com/ Name: _vfb
Value: www%2Enormantranscript%2Ecom.00000000-0000-4000-8000-ccf03dc2fd3e.2.10.1704785127....
.viafoura.co/ Name: vfDeviceId
Value: b8e0f8cc-36b1-4b5f-a5db-c48b15952163
.smaato.net/ Name: SCM
Value: 84b0cf7915
.smaato.net/ Name: SCMaps
Value: 84b0cf7915
.bidr.io/ Name: bito
Value: AAJgvU7LOeoAABPGHEehAA
.bidr.io/ Name: bitoIsSecure
Value: ok
.casalemedia.com/ Name: CMID
Value: ZZz06Og13FvJmt7L2nqK1gAA
.casalemedia.com/ Name: CMPS
Value: 5445
.casalemedia.com/ Name: CMPRO
Value: 5445
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 3008DB03-8A32-4240-AC05-4F59925776EB
.pubmatic.com/ Name: DPSync3
Value: 1705968000%3A226_201_245%7C1704844800%3A248
.adsrvr.org/ Name: TDID
Value: 5e1cdb2f-412b-4a5e-93a4-04564d7f3206
.ladsp.com/ Name: cr
Value: 1
.bidswitch.net/ Name: c
Value: 1704785128
.bidswitch.net/ Name: tuuid_lu
Value: 1704785128
.bidswitch.net/ Name: tuuid
Value: 4799ebae-c07a-47eb-9a10-229473514984
.ladsp.com/ Name: smn_uid
Value: Vg1XAuQbXruVLKjJ1xnFRxA-NcmL4c4
.tapad.com/ Name: TapAd_TS
Value: 1704785128260
.tapad.com/ Name: TapAd_DID
Value: 25340944-7749-4ec2-8326-ce538a3d1a70
.primecaster.net/ Name: uid
Value: mK7TAkolLQ1
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNzA0Nzg1MTI4LCJwdWJtYXRpYyI6MTcwNDc4NTEyOH0
.ladsp.com/ Name: lum
Value: CIXX8ujOMRIFCAMQ0AUSBQgKEJAN
.360yield.com/ Name: tuuid
Value: b79bfb06-55ed-49ef-994e-6362e287e295
.360yield.com/ Name: tuuid_lu
Value: 1704785128
.openx.net/ Name: univ_id
Value: 537072971|5e1cdb2f-412b-4a5e-93a4-04564d7f3206|1704785128346863
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!223
.adnxs.com/ Name: uuid2
Value: 2338458340105893363
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQCDate
Value: 1704785128386
.intentiq.com/ Name: intentIQ
Value: xDGfdaijDn
www.normantranscript.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.openx.net/ Name: pd
Value: v2|1704785128|lYvOiavyjEwMsnwJiuuIrAjIvGlQvAkqlUhIvHsP
.yahoo.com/ Name: A3
Value: d=AQABBOj0nGUCEM3y2aTUjdcc2-utdqIyfYgFEgEBAQFGnmWmZWB-yyMA_eMAAA&S=AQAAAorD5LnUnpo2jrtCaTWZVo8
.mediago.io/ Name: __mguid_
Value: 746ded22e48ffe542jgkeo00lr611rwy
.smartadserver.com/ Name: pid
Value: 4995439349706841471
.media.net/ Name: visitor-id
Value: 3477867281272444000V10
.media.net/ Name: data-pri
Value: 659cf4e72c63f~~34
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: 29d4782d601c24d538d46f201ee94ef5
.intentiq.com/ Name: ASDT
Value: 0
.r-ad.ne.jp/ Name: r_ad_token
Value: 58F7PS01NBDE8006O8qw
.3lift.com/ Name: tluid
Value: 3985768900622816671989
.blismedia.com/ Name: b
Value: 659CF4E8688C2979702412A1BLIS
.zemanta.com/ Name: zuid
Value: smnb4j-Heqi0BKVqBVnq
.adtdp.com/ Name: uid
Value: AYztHK1_qfYWqrdw2HI
.adtdp.com/ Name: dynid
Value: AYztHK1_qfYWqrdw2HI
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZZz06AANCqNeaQAM
.liadm.com/ Name: lidid
Value: cbe2a8d0-085d-4799-b74f-8e1060b9f021
.turn.com/ Name: uid
Value: 7001959693255496791
.lijit.com/ Name: ljt_reader
Value: H9hdBLZHYS3hASfSTXOna_W_
.adform.net/ Name: C
Value: 1
.w55c.net/ Name: wfivefivec
Value: J6e8nzE01Rn6uk5
.socdm.com/ Name: SOC
Value: ZZz06MCo5tIAAFmFULYAAAAA
.adform.net/ Name: uid
Value: 4211865590473351281
.tremorhub.com/ Name: tvid
Value: 1dff9ae3716e42868936ec61c6e83d66
.tremorhub.com/ Name: tvssa
Value: 1704785129148
.w55c.net/ Name: matchopenx
Value: 5
.demdex.net/ Name: demdex
Value: 35188572564504117543816310671947166303
.dpm.demdex.net/ Name: dpm
Value: 35188572564504117543816310671947166303
.company-target.com/ Name: tuuid
Value: ed55f341-8669-4275-a151-58331487235d
.company-target.com/ Name: tuuid_lu
Value: 1704785129|ix:0
.csync.loopme.me/ Name: viewer_token
Value: 7cc5b1f4-e9b9-40a7-80e0-1002c3307362
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-9b2c75f6-9fac-5378-7cb4-738379272385.CCHP65gnw2ZPa5IoWufcvcidao68Cu3P6LU%2FoCWhiV8
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-9b2c75f6-9fac-5378-7cb4-738379272385.CCHP65gnw2ZPa5IoWufcvcidao68Cu3P6LU%2FoCWhiV8
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Amyx19p-sU3h8tHODeScjhZJGydQ.hTri7LFkMWkFCYWH7uv08nuIKnd%2FjRNrMVryZfnJWzg
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Amyx19p-sU3h8tHODeScjhZJGydQ.hTri7LFkMWkFCYWH7uv08nuIKnd%2FjRNrMVryZfnJWzg
.admanmedia.com/ Name: admtr
Value: d49758ed-d19a-4b2e-a25a-ce6b218d9546
.admanmedia.com/ Name: ac_r
Value: CS116
pixel-us-east.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIMckXYUOhz35WRSNR7dF1wUz3JaPfcwtAlZXhP--bYUYEHwYBCDp6fOsBjABOgT90vuTQgROE36Q.W1g8VACqm46QOz3NDexstOaev8zTC2JINMJnh9cd3tI
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIMckXYUOhz35WRSNR7dF1wUz3JaPfcwtAlZXhP--bYUYEHwYBCDp6fOsBjABOgT90vuTQgROE36Q.W1g8VACqm46QOz3NDexstOaev8zTC2JINMJnh9cd3tI
.linkedin.com/ Name: bcookie
Value: "v=2&8d6bdc32-fb49-4b87-8937-a05a179b0bc4"
.linkedin.com/ Name: lidc
Value: "b=OGST04:s=O:r=O:a=O:p=O:g=3058:u=1:x=1:i=1704785129:t=1704871529:v=2:sig=AQHKimE1tbYgfYq0gzIGgxZW7g91hgVu"
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.rubiconproject.com/ Name: khaos
Value: LR611RYY-P-CY9Q
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-3c1002fe-bb9c-41c0-9f0b-68218e11bef1-004%22%2C%22nxtrdr%22%3Afalse%7D
.ads.stickyadstv.com/ Name: UID
Value: 9466225e5032ef3f2f4677a8bdd97e28
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZZz06Og13FvJmt7L2nqK1gAAFUUAAAIB
.connatix.com/ Name: cnx_userId
Value: ab54bad1d18c4ca4b250fb52ce564340
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-3c1002fe-bb9c-41c0-9f0b-68218e11bef1-004%22%7D
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxSNjExUllZLVAtQ1k5USIsImV4cGlyZXMiOiIyMDI0LTA0LTA4VDA3OjI1OjI5WiJ9fSwiYmlydGhkYXkiOiIyMDI0LTAxLTA5VDA3OjI1OjI5WiJ9
.ipredictive.com/ Name: cu
Value: c1eb2d68-80e3-499c-9826-555c8a5797c5|1704785129751
.creativecdn.com/ Name: u
Value: ov7pmthCnBLO0GonkKvM
.creativecdn.com/ Name: g
Value: ov7pmthCnBLO0GonkKvM_1704785129726
.creativecdn.com/ Name: ts
Value: 1704785129
www.normantranscript.com/ Name: ta_cookiesTest
Value: 1
www.normantranscript.com/ Name: ta_vl
Value: 1
www.normantranscript.com/ Name: ta_interrupted
Value: 0
www.normantranscript.com/ Name: ta_ss
Value: 938bad79472632dee3e0721c1db383f7
.normantranscript.com/ Name: _ga
Value: GA1.2.2123531324.1704785126
.normantranscript.com/ Name: _gat_UA-3850501-15
Value: 1
.criteo.com/ Name: uid
Value: f8ee7a4a-ef5c-49e3-a520-cfe6e278b8c3
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.normantranscript.com/ Name: cto_bundle
Value: q5ZC5F9vb0hRSDBNZWYlMkJTMmh6RWdJWGFhWjdHcUc4eXd3ZHVEU2NHNUYlMkJ0Qkk2NWpkJTJGc2x4ZjBpbyUyQnpYcnJsVGlGY1VqaWk3dUI2ZnRuMDFKVGkyOEhXcHZvWWl2djBRYWE2OGRLaXZWamU2OHhESHJqaEl2MEN1ZFlxY1MlMkZJR2klMkZ3ZUpxNVV0TjB1emhMWFR4enFnNEklMkI2b3lTR2olMkZrVG9jU3ZWRDZ4OWhwbUxZJTNE
.simpli.fi/ Name: uid_syncd_secure
Value: true
.smaato.net/ Name: SCMo
Value: 84b0cf7915
.smaato.net/ Name: SCM1001136
Value: 84b0cf7915
.adnxs.com/ Name: anj
Value: dTM7k!M4.gCxrEQF']wIg2E?ft*2B8!]tbG8i_jC:lq+Z*:3[eNZGE(Sin53Xt9:9SkB.3[Sb!qZ8)RoVAZb@Z9i$9]0bM4^]uQS3PVXCfeA@k<XSDz#MY/K$#?$L$6a-@AuBBLOME=^[-kX-^^zY:
.tremorhub.com/ Name: tv_UISF
Value: 708312F921DC425A8575B9AF760C19C9
.rubiconproject.com/ Name: audit
Value: 1|4GlIjCFtC/08xIK2O0GasF2O6YhEXllK7ZwnyRaeTWMRdwtRav1lhq+55YVHtI4HZRwB7sWO7TkiZ07GJqnMnujPGTiJ9gcmpmvllXEtYN4=
.rlcdn.com/ Name: rlas3
Value: /ujmZxX2fD16Hb6Bn0l4z4DfFDaQt1MKgBBb4sBZ6Hk=
.rlcdn.com/ Name: pxrc
Value: CObp86wGEgUI6AcQABIFCOhHEAASBgi46wEQBA==
.agkn.com/ Name: ab
Value: 0001%3AjNYyy3UfplFt280uZD7JoyK5%2F%2BOKvw6C
www.normantranscript.com/ Name: _lr_retry_request
Value: true
www.normantranscript.com/ Name: _lr_env_src_ats
Value: false
.pro-market.net/ Name: anHistory
Value: "votq4lntcmdg+2+!#7')!*##c>"
www.normantranscript.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%225e1cdb2f-412b-4a5e-93a4-04564d7f3206%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222023-12-09T07%3A25%3A31%22%7D
www.normantranscript.com/ Name: pbjs-unifiedid_last
Value: Tue%2C%2009%20Jan%202024%2007%3A25%3A31%20GMT
.bluekai.com/ Name: bku
Value: blx99mF67sVJpWTj
.bluekai.com/ Name: bkpa
Value: KJy9nyexd02pSUHknp/8mE1hwtkAwEzyme1h1AR81MaWxpx0BDWTBEzNxMkOHMzt1W1hmD189y9A59r9
.agkn.com/ Name: u
Value: C|0AAAAAAAALS-xawAAAAAA
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMLJMMTG3MEoxMzBMNjJJMTW2SDExSzMyMExNtTRJTTNlAILUOV9eg2goAABR8gtr"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBInfPlNZCCAgAjDQLh"
.normantranscript.com/ Name: panoramaId_expiry
Value: 1705389931173
.normantranscript.com/ Name: _cc_id
Value: 29d4782d601c24d538d46f201ee94ef5
.normantranscript.com/ Name: panoramaId
Value: 590f0e696cec067d4788aad340af16d53938ac6d148da16f1fb0e0192ec4cf11
.tribalfusion.com/ Name: ANON_ID
Value: adnsmAuyTYEBErv6XromiZbaUX7VdrIL4JWpCMrLTbfoUXXuZdZdWnPlJpXwZbtptvUS8RTaGKMcDaap
.pro-market.net/ Name: anProfile
Value: "votq4lntcmdg+1+1f=1+1g=1+rs=s+rt=20010AC80040001E000000000000002E+s2=(s6zgmi)+vm=24-708312F921DC425A8575B9AF760C19C9:81-y-Y_CtFAFE2pSuDqhZ8FB9W60OXyZSSWsCjso-%7EA"
.uncn.jp/ Name: t
Value: v_4546b59f-30d5-4f39-ab8a-2e97f2c1778b
.analytics.yahoo.com/ Name: IDSYNC
Value: "19du~2g2v:175w~2g2v:19ba~2g2v:18z8~2g2v"
.bfmio.com/ Name: __141_cid
Value: 708312F921DC425A8575B9AF760C19C9
.bfmio.com/ Name: __io_cid
Value: 79f866a1da71c157ba40f6fa20fbc4caecb5d0cf
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.pubmatic.com/ Name: pi
Value: 159196:4
.pubmatic.com/ Name: SyncRTB3
Value: 1709942400%3A69%7C1705622400%3A63%7C1706054400%3A35%7C1705968000%3A214_220_107_7_254_96_264_13_76_56_22_234_5_46_202_3_209_179_71_54_8_217_21_233%7C1705363200%3A223_15_2
.exelator.com/ Name: EE
Value: "dbc420dc81ae1e6d630e7494c426f3ad"
.ctnsnet.com/ Name: cid
Value: a18b0d87151d498cb87203148ed25e13
.quantserve.com/ Name: d
Value: ELYBEgHuKvijC_vLEA
.w55c.net/ Name: matchpubmatic
Value: 5
.adotmob.com/ Name: uid
Value: 0a042204003aedaecdb68b09
.adotmob.com/ Name: uuid
Value: 0a042204003aedaecdb68b09
.adotmob.com/ Name: partners
Value: IX%3A1704785131732
.c.appier.net/ Name: _auid
Value: q3TkUSa7A3uAutpb6_ScZQ
.fwmrm.net/ Name: _uid
Value: umwa933_7322570416264016235
.exelator.com/ Name: udo
Value: "gAAAAAQAAAT3KLUv%252FWD3A%252B0ZAPbspUgQjVgHABBEAFBEQBgcAJTRdT86mgKvW9sAQBCILUeGVzZ0z1Y3KPRJQ%252FocvBpVrGAfS4gJCeVFUKK%252FZLsjdDuKaPPJkJggqFOSAJAAjwBgz%252BC1ZdpJqUkOh%252FeyI2S5MMx7gT3XdEIKyXsGuymFhrAu6UMBdXZH5vT86SaWuAGDxtLz4SqcpmEYV5epOrkkueiB82COh38dVO6vcx1200qCP6GW1BGT1ogJjf8DnF5vLADDU8vzECn%252Bv%252BJfXl5evsD%252FA3jwLiQmNBY34I%252FUZU0YiECAgkPFf4m3BB9wUVPMISWRNoQVYVRzZV8XFUGwnKsZOk3WDa1K7VldIFz0vcC6mxWmYZym264OSymZ3BZEJJKSgNIg%252F3rWY15RqaCvao5OSr7hYye3iuq%252BGLRlXREU021ZyEo48pW5wuDIJ4A0B6mSgBr1HsecmhjW9CTFXGHQyENd5m%252FzIVl6c3D%252BoYDbxNKyJZAXBVNaBJVdf9tDBxcjTlRLS4vSkKEynEAZ7J2y7KEmWSeOHordo5Mi8CdGOoxdV%252BZpKLkDFMmdYbCH71CPp6mNMtkm2rytQy8tc2ZQDDUxjei8sk0UOjHvAu5PfGVYPGoP1ceall6WBKLAR9H7POy7Mh0nexuu4zSZy7YPxDKPk2Ga5uow79LBIbcrI%252FuZirBSJE%252BVkN%252FOLBcN38Hiv%252BVL7It9QcLAmzg%252F2rjVhqTxqRXBrdEoFLfe94w1iw0Y%252F69AwA%252F4iq%252Bw2PAZHafhNM5QBnaRXo1RRoR3UdlTxSpZeQ4uDQsQ2goNxA2MtsKH0JM7PX9SpNLKhrBaIKSXZNIiwb0vRpCYoPuqOizLmGjUEQwSNTXP1SnVelcTVT%252FVTEVo%252B6qUePam84%252F138FixAdqB0AgQAJClCozD%252FSFs5hk%252FsILrJG6kpGWQ07Y%252F4zIBM69z5qHPLaAc9pYEVOmX1xEsuRVOC%252FcU7YQsmv0gRcVFcCX%252BvZQtQR2bGwXMCI8AUaUC8bQSS3X9gGN8fKxD7IsvEUa8TspssZDuvkG6zvzQFz9hfpAt2QhK8zctzAn4R7nz%252BCTtDxLdey9f%252BOKJrDOKxitkXhcsSro4o01gzIcG%252Ft9cGQ%253D"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSElKdnEyCAl2cIwMdUw1SzFzNgg1dzE0gQoapZmnJiyuCy1aMHS0uLUlKRDSypySnKaVpfFhzrGuzn6evpELnPOKMrPTV0BFgpzDVpsaGSwJL8oM32RV8DiopQ0hkUlxaeCj5X1AQDDwirD"
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: umwa933_7322570416264016235
.ads.stickyadstv.com/ Name: MRM_UID
Value: umwa933_7322570416264016235
.intentiq.com/ Name: IQPData
Value: 2454112724#1704785131954#0#1704785128598
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZVMHFlZzZOIzEwMDQzXzAmVTBxZWZvMg
.ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESECJ4U2lk5pGLY_7kEay6o6Q
.dotomi.com/ Name: DotomiTest
Value: 7bc6ea148415218f
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrQ0MjQ3MDAwNbQwNDMwMTc2MhTiM9R1jHe2LAuzdM73LCgGAPLsZ5AlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrQ0MjQ3MDAwNbQwNDMwMTc2MhTiM9R1jHe2LAuzdM73LCgGAPLsZ5AlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtobmBibmFqaGxkaGAGAHKKIJsQAAAA
.ads.stickyadstv.com/ Name: uid-bp-26913
Value: AAJgvU7LOeoAABPGHEehAA
.mathtag.com/ Name: uuid
Value: c0ae659c-f4ec-4100-9fca-8c01a6a50409
.ads.stickyadstv.com/ Name: uid-bp-717
Value: y-0G6eiOdE2oOemnEwu_U6PMKF5qTEDXg0EZ4HFP1g~A
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGY2FzYWxlEgsI1Izj_cW7yDwQBRIbCgxzaGFyZXRocm91Z2gSCwjKufmBxrvIPBAFEhcKCHB1Ym1hdGljEgsI9suqgsa7yDwQBRIWCgdydWJpY29uEgsIguWmhMa7yDwQBRIZCgpsaXZlaW50ZW50EgsI5IaajMa7yDwQBRgBIAEoAjILCNz4-dHcu8g8EAU4AVoJc3RpY2t5YWRzYAI.
.ads.stickyadstv.com/ Name: uid-bp-892
Value: 5e1cdb2f-412b-4a5e-93a4-04564d7f3206
.adnxs.com/ Name: XANDR_PANID
Value: BnFL8i4kfevKu_JHnMCtnRYd85F3RcZMDMixuWO5-WtO07iNphXHIFHCnx-nzPbAtstjSCQwCEEQlF3bKSZNO3Z7m8bWcwntdim69ukAzv8.
.lijit.com/ Name: ljtrtb
Value: eJyrVjJSslIyN7AwNjRyszQydHE2MTJ1tDA1N3WydHQzNzNwNrR0tlTSUbIwAKrzCTIzNAyKjNQN0HWOtAxUqgUAuhoOaA%3D%3D
.ads.stickyadstv.com/ Name: uid-bp-951
Value: 2338458340105893363
.go.sonobi.com/ Name: __uis
Value: de179920-b9ab-44ac-a039-dc07330a88b8
.go.sonobi.com/ Name: _usd_normantranscript.com
Value: c847ac68-32cf-46d8-bca3-eadf257cd9e0
.go.sonobi.com/ Name: HAPLB3A
Value: s3516|ZZz07
.w55c.net/ Name: matchfreewheel
Value: 5
.ads.stickyadstv.com/ Name: uid-bp-23329
Value: J6e8nzE01Rn6uk5
.ads.stickyadstv.com/ Name: uid-bp-25746
Value: c1eb2d68-80e3-499c-9826-555c8a5797c5
.ads.stickyadstv.com/ Name: uid-bp-20721
Value: 6d87d065-a04b-4ee5-9e90-f21af17e933a
.id5-sync.com/ Name: 3pi
Value:
.id5-sync.com/ Name: id5
Value: 5b6c565f-3210-7f3e-8d0b-e444f5e4c748#1704785133342#1
.ads.stickyadstv.com/ Name: uid-bp-41466
Value: 1f1976c2-7d12-05e5-2680-fc5663812d79

7 Console Messages

Source Level URL
Text
network error URL: https://cs.nex8.net/cs/openx
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://match.rundsp.com/redirect?ex=openx
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://normantranscript.com/content/tncms/ads/_popup/1.js
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://www.normantranscript.com/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=34' from origin 'https://www.normantranscript.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=34
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://ads.stickyadstv.com/user-registering?dataProviderId=1595&userId=1f1976c2-7d12-05e5-2680-fc5663812d79
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://j.mrpdata.net/c.html?ex=OpenX
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
ads.pubmatic.com
ads.stickyadstv.com
adspsp.com
ampcid.google.co.jp
ampcid.google.com
analytics.google.com
ap.lijit.com
apex.go.sonobi.com
api.intentiq.com
api.primecaster.net
api.rlcdn.com
api.segment.io
api.viafoura.co
apsoutheast-match.deepintent.com
b1sync.zemanta.com
bandborder.com
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
bids.concert.io
bk.r-ad.ne.jp
bloximages.chicago2.vip.townnews.com
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
capi.connatix.com
cdn-gateflipp.flippback.com
cdn-p.cityspark.com
cdn.cityspark.com
cdn.confiant-integrations.net
cdn.indexww.com
cdn.jsdelivr.net
cdn.segment.com
cdn.viafoura.net
cdn59755463.blazingcdn.net
ce.lijit.com
cm-exchange.toast.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.ctnsnet.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
cnhi-d.openx.net
config.aps.amazon-adsystem.com
connect.facebook.net
cr-p10.ladsp.com
cr-p3.ladsp.com
creativecdn.com
cs.admanmedia.com
cs.media.net
cs.nex8.net
csync.loopme.me
d.adroll.com
d.agkn.com
d.turn.com
d631796cb912d060e1c81f291b4f78a0.safeframe.googlesyndication.com
dis.criteo.com
dmp.brand-display.com
dpm.demdex.net
dps.jp.cinarra.com
ds.uncn.jp
dsp.nrich.ai
dsum-sec.casalemedia.com
dsum.casalemedia.com
dynalyst-sync.adtdp.com
e-jp.cmcd1.com
eb2.3lift.com
eus.rubiconproject.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
geo.adspsp.com
gocm.c.appier.net
googleads.g.doubleclick.net
gum.criteo.com
htlb.casalemedia.com
i.liadm.com
i.simpli.fi
i.viafoura.co
i.w55c.net
i.ytimg.com
i6.liadm.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
ipac.ctnsnet.com
j.mrpdata.net
japfg-trending-content.appspot.com
jnn-pa.googleapis.com
jp-u.openx.net
js-sec.indexww.com
justapinch-com-d.openx.net
lb.eu-1-id5-sync.com
lh3.googleusercontent.com
live.primis.tech
loadm.exelator.com
match.adsrvr.org
match.prod.bidr.io
match.rundsp.com
match.sharethrough.com
mb9eo.publishers.tremorhub.com
mug.criteo.com
normantranscript-cnhi-pw.newsmemory.com
normantranscript.com
notifications.viafoura.co
openx2-match.dotomi.com
p.flipp.com
p.rfihub.com
pagead2.googlesyndication.com
pbid.pro-market.net
ping.chartbeat.net
pippio.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.quantcount.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prod.adspsp.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
rtb.openx.net
rtb.primis.tech
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
s0.2mdn.net
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
simplifi.partners.tremorhub.com
ssbsync-global.smartadserver.com
ssbsync-us.smartadserver.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.adsafeprotected.com
static.chartbeat.com
static.cnhionline.com
static.criteo.net
static.doubleclick.net
stats.g.doubleclick.net
sync-axelmark-dsp.focas.jp
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.bfmio.com
sync.crwdcntrl.net
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync1.intentiq.com
t.adx.opera.com
tag.simpli.fi
tags.rd.linksynergy.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trace.mediago.io
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
video.primis.tech
www.americanhometownmedia.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.justapinch.com
www.normantranscript.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
ads.stickyadstv.com
api.rlcdn.com
cm-supply-web.gammaplatform.com
cs.nex8.net
j.mrpdata.net
match.rundsp.com
us.ck-ie.com
103.243.202.190
103.43.90.179
104.129.130.39
104.16.133.24
104.18.38.76
107.178.254.65
107.22.83.82
119.9.108.180
13.114.76.12
13.228.117.82
13.249.170.54
13.35.40.29
130.211.10.17
139.99.123.105
141.95.33.120
141.95.98.65
142.250.198.2
142.250.207.2
143.204.126.66
143.204.86.87
151.101.129.108
151.101.66.49
172.104.105.5
172.64.146.152
172.64.151.101
18.138.179.14
18.142.92.8
18.143.106.89
18.172.52.20
18.177.11.95
18.178.207.225
18.213.227.39
18.65.168.38
18.65.185.71
18.65.201.30
182.161.74.11
182.161.74.16
185.184.8.90
185.84.60.23
192.104.182.209
198.8.71.130
2001:df2:a300:bbbb::135
2001:df2:a300:bbbb::136
207.65.34.74
207.65.34.77
207.65.34.80
207.65.34.81
209.191.163.152
209.191.163.210
209.54.182.161
211.120.53.200
216.17.34.107
216.22.16.53
220.150.223.50
23.106.127.38
23.106.127.57
23.219.68.21
23.39.216.189
23.40.149.60
2404:6800:4004:808::2006
2404:6800:4004:80a::2002
2404:6800:4004:80f::200e
2404:6800:4004:811::2002
2404:6800:4004:818::200a
2404:6800:4004:818::2014
2404:6800:4004:81c::2001
2404:6800:4004:820::2003
2404:6800:4004:820::2004
2404:6800:4004:820::200e
2404:6800:4004:822::2003
2404:6800:4004:823::2001
2404:6800:4004:823::2003
2404:6800:4004:823::200e
2404:6800:4004:824::2006
2404:6800:4004:824::2008
2404:6800:4004:824::200a
2404:6800:4004:824::200e
2404:6800:4004:825::2001
2404:6800:4004:825::2002
2404:6800:4004:826::2002
2404:6800:4004:826::2016
2404:6800:4008:c13::9c
2406:2600:4::1
2406:2600:4::12
2406:2600:4::b
2406:da18:22e:4f04:5db4:f8ff:1a3b:fd55
2406:da18:929:5a01:4f7c:de84:79b9:a7e6
2600:1901:0:636d::1
2600:1901:0:8eee::
2600:1f18:44f0:4846:1f:94ea:f868:81bf
2600:1f18:612b:4216:bba5:fc0b:66fa:bb51
2600:1f18:ed:550f:27fd:18e1:959d:33af
2600:9000:2066:d800:6:44e3:f8c0:93a1
2600:9000:208e:5400:19:fc2c:a140:93a1
2600:9000:20c4:1400:8:2ae1:d740:93a1
2600:9000:2142:c00:18:1fcd:353:c61
2600:9000:2163:3600:8:48e:53c0:93a1
2600:9000:21b7:de00:1b:5138:8a40:93a1
2600:9000:221e:e000:1a:5235:f980:93a1
2600:9000:24db:1a00:1e:7118:9c80:93a1
2606:2800:247:1cb7:261b:1f9c:2074:3c
2606:4700:4400::ac40:90a6
2606:4700::6812:18ad
2620:116:800e:21:46d:7e81:55ff:4c12
2620:116:800e:21:6c50:dbee:bef5:203d
2620:1ec:21::14
2a02:b48:9001::1
2a02:fa8:c411:13::1370
2a03:2880:f00f:8:face:b00c:0:1
2a04:4e42:600::485
3.114.3.225
3.163.24.100
3.33.220.150
34.111.113.62
34.111.147.92
34.117.126.186
34.120.58.62
34.142.175.23
34.160.19.107
34.87.122.136
34.96.105.8
34.96.71.22
34.98.64.218
34.98.67.3
35.160.151.220
35.186.193.173
35.186.253.211
35.208.249.213
35.213.12.39
35.213.64.108
35.214.181.122
35.244.154.8
35.71.178.8
35.75.206.175
35.75.90.59
35.79.245.176
37.157.5.84
38.133.127.63
44.241.196.6
45.137.176.88
50.16.197.56
50.31.142.255
51.68.39.188
52.198.23.127
52.203.228.108
52.23.7.200
52.69.213.237
52.77.13.91
54.146.218.6
54.169.98.134
54.174.90.242
54.82.174.208
59.151.139.239
67.220.228.203
72.34.250.78
74.118.186.107
74.121.140.211
74.214.196.131
8.18.47.7
8.39.36.141
8.39.36.142
8.43.72.97
80.77.87.161
82.145.213.8
98.98.134.241
99.84.133.60
01086213890483c507b79ae1a7d227217142bbb41f6058b497ae2ebcc228c4ee
01172e9ac9330920e66e282d2d77ed1ae863bbab08aec27b168e8d3c82d50c18
022e244c2aed7385ac1397b379db22d45ac98bf91cae1df06449cf48482ca1b6
0271e782d0e49674121fe3f5e703dfbff44ed8de8b8625a006eeb4a9702724d7
02bd59490dcd696911c1abcc4dfa6900d8048148093d1b6cb7c4a6106770839b
03b277d30f86e04e46a9195e271d317a1916c96c2757ae42567349e4cc7e6c44
051d33dca38fbe67237e45b941bab44c6f0c7319aa17395941986119dccbfb91
063fb28b8ff592dc368b419fc355502c77fb9fcdff50af9418a1b482025aa5d7
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06c8415b23b653a57a7ed63581eaf397ede027ae2252c29eb485b79e423c0eca
06dab1aec38a24a4278e4107e18b2500f118e6a7897d41135c111aa9e6680ab4
07dd999818dc382e4091fdaca3a7257f181e6b3ba4bef8d68ee480699d709bef
0804a138d2373d667829f97ef1789c8563ed2730275ef0a6aba5facb75b29a85
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
095b1ef40bb7748f61e916b607ea03ed8ba6675219789a0b07f7b9ed3c26555b
0a6369a1032f82fc4d7ba3fdfeecde2612012a931dd56cf5abc9f6656c33e99d
0aef24482aa52dfa1ffd5b0ff672eb4720c79d551b24ebdb00e333b4a4d9c351
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c0977a72f5e6e5b6c02b9e9d51245d3b1f524322c937de89b9d6f4f6bea0e3f
0cd38dba0d957333cd373f3720f3c464ae4f11e7b4a4b05f336307badc85b1d1
0d4bb6b61deb52bb379f579fc94a35e91bd1f6e85db6b5bba4962f5600b73c86
0d7b78fae919a5cd81a06686f0af5a6ee02fdf1ca77e1345465b40bc4c3f01fe
0e0f3dfb7e41d5c5f8344b98d5278bfe1d083527c978230838a5530c252cbd4a
0fb599ebb57e40283301640cee83439f1d545bc5163828069a74eb79c4b05812
0fc95a4154bb5d8b3c2f37ce62f147ff7b8502de6322c9e8fe4d872505dc35e0
0ff4cafb9b65b8d737d6e8077e011fdbad534bfe228eadfe9c084a794643caa0
11b82cecfd07afec721855a27971b252588132cdaa39cba64f8f3487e00bb177
12ad3b3f691f918a13388d3af7b87e4986459f032632c91df7884f19fd43fa46
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
13600829c9b194d07d3d3a311185c1c7df33d30f5f66541bf1ccf5d256cff799
13a3d63f766a04d1b7bc24c1a3a3696225912b028db642a4473da2537c8c1fe9
142ad077636af03318572fb61f37727c7c7eff7d0b4726a105cc549047841950
163cebeaefb32392ad45d89fe283332c010549639467fc75b2a720a23ffe6d43
1691b9fe6668e680bc136a8a6bdaf2cceb06382166d6be799c295cf621ba365e
17f3f1e442916f4ee773faee97bb40da28819a488a2873de13a398d7e39f9873
18fb162102a2c652e37038cb260f3df0620ac41dca46ffa7f63ec53fef6a92c8
1ac5edcb9ae69565b769808cfe4eac00defaf66a6f15f07cc9092c77ef1b3526
1ba6f98b55dbd4daee23962aeff7775ed48ede7d12d8134dabae34a4d88b088c
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
20cb7e97cdd2bd5b3175038e3c8730a3d639c7b951f803d1cd215e662eea50f8
211210d86c4464e05cff3fd6e81bdabc01f867f421b58dae107e303eaf729f1d
230f15fc8e52bc3a5a9a3fc205d59ad23d4bf9db84645a56f40934ffc559bf8f
23e146c55ea04931177672b48bfb5ec0af5c26bfd51f6b7d536e8ef748d4431e
246604eb76a4cadd037f9058d8c320c0d9035bde0fc86be2714569b67f98a70d
25359cb3d49c2e00cb2e97f95643ee30748d54c33daa11c9c6fb0d2b519dfffa
266cb8d6ad0b7d739e730a1b76d3560c5b10c75f92c42a6a8aced675a84f1829
26dd7e9b07a8f0d0622bb594a9af1f9ba33d65999bec26bc573e1f4c27c9a4a6
277f75dffe72f9c7a8e666c710bc932d1675da3329854edd9d86545c748d934c
28a0da603910f83ff3a79fe1c24e7b733b15302231957c909920acdc274cfd18
28ec26c776da41d6544fbe506dcad63aae6519f8b46ad0b9c9964560bd55aabd
293d735950af4599777142a0777e70b27268f2f19206d22ebf0c0ec19c0da2a7
2951863c221e6e09eaf9677a6b543a2f1201902d3181c6b8d44c83b08d765409
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
297e0f30f226251ffb228a10a6b60b773fae836463e2d686b1df6b20f602b0cf
2a26ff3bd97e4dac43cf30c9008bd99f10f05632e8d6ceb8fb07e10bed4c393f
2e1ffff02bf49daaaccce97d786db71c3baccef6a577565ba66023b27d9ee21e
2e4346aa7f0340066dfb5aa361ff449a438a172d5432719cd405e876a0d7b439
2e6606b439e178ee697a783de0b3dd9d05aec5fa3ce69956881cf6bc5d310201
2eb242462bb529ec1328dea9169bb812b1c87f5b98188dd9b9e857d9666864d1
2ebb5b743eb849a3347f8ef951f4ab7b5e9ff1c756a10040c6044fe3f1277303
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fbc10e16e9384c6f4b0fa46680c89b8d73f5c272ebae1758d70a85bc696ce2e
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32209e964449881b7f2a21086506deccc49063673c2cfff6288598f843fc81c4
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
34d3c6a74f2f31ebc5f688af092fa4e6c55f6951e3a5e92e264589b6b1d4af3b
352b2a476b02629ee9b7c5eac9e330956540025df13c88698ad925af49de5b28
355a18fb2a2fadb1e1f9105046645857414a05674a949f464f72cea8d5ffbc06
3636b95d15f61f445c9454c7e75a8cd46c8d549a80d0595868280967bfc02d41
36823c4c6d7d3d2ca529127a7310acdf8fdf29275261f4ce17d5a4ecbce083d1
389f4afd84f02b4c34018b66efba9fa9cd4c80cc0aa34accdbf37ea76647ca17
38e737940b4c53b8765c5b403da9014428d0f203f10dc6bde09f2b9760acd17d
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dd29e17adf55d1801e9906d0ebdc070537add09e1665d70c21253a30ba84b2b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
407a567abfabf78843c1dfe24457bb650325d8f93e9396a00ce686172756244f
4102ae3280be0b8e48f58421b5fe7ca55835bb2ecdc2844c36420a4df081fa87
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
435567106976a4f594a31305a31c62156a9abcb62d4264af857e225ab1fd6b06
45348bc8e86424e6810773fa6a3fb6e3564d85aeaf5ac106a785005f2ffe0131
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47220c4c850d2a71293522af7071da5706951e1cecc6dddce7bc78343f48de1e
47a46e39967c6be675a05764b6451ebda57b54a489c26ea67545b3343a218af8
484a2c231ca4227f88d0be909fbe709df8b8a731862773340680addc199643be
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ea5787f01c0678de86c7861e830f03a3163a2d3a25ddb8fe3b343725dfeabd
4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3
4aa0edc4e4301bf988655f910232bc0138ab0203b700ef7c01e226e090cf0290
4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0
4b45f85715e89b0a95850020a18d42b06b2ebaadc6af1db18fc42a8f1677b679
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b70b6b73e26c213b3c79ccddbce2ac9fac27d4c047963f2b84816c828b1ab0f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e20971ca76f3f3491aaaeb9ed361796ced1576fcfb42bda856bdde4070df29b
507b8427be01574d8837c96034804ca25baeb27416c6f1d04ab2b2b298425bb4
52db5b2414b37d257bb787cbefab7cadfbc282169e377e94bf256cee3f0479e3
53812a70761bb5417aaff5e06ab44c32dde8504c6aa903d4a85c2620b850b879
541df9709e639a31e400f0b9d0255d2b096ec4cefefe496c38450b96f6e7ff0e
54889344c7b8ae13314e43536fc7f0ac512090cc273fb50f25f3a1fe1619056e
550a4d5afbb1c0c9e3dffbf761b2492cf113fc0214b088ec694f310b2277e07d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55aabd4f133660977420281f291a1ed0c58714a47679738bdaad2e8d59c31004
55b133a4c0c031b61df5e33c9d3dc5845590ed3cc4ff4eee80a47f0705a00b5d
5623ea31d4c2cf29c75acaff4142d970e1ce7c3b0d827a380bba6c2621def434
5904191bceefb2eeb3a93b27faf9c6be9b3e7980c3e0b8683b76c2a7faa1baa8
59f7cb4d5bb7dc9e4f67d4ffcf0effeedca278c2a8633757e33cade6956b4865
59f8712d636ce9a4925aa0f58d97dd89715441e4d01caf74ddbbc6262dd228ad
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5dfc1b003674e5e3f84da0d382d894decd8c16e77b3b0cee2ad7f8c94c2a51d0
5fbec58b96bf733df6bd682cfc5de88c9cd2e6d5bf8b7354334400a9cfecc785
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63cad1384d0e8493911dc1aeb73f46f0cf59c9ebf1cbecf7c685e8a4ae74e11f
64c9f0123cb2dfcf62571c7c927bee705dbe30955a54f2cdee255de9fe2e355b
64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57
652b0f995e04ec831d8f49b9b1d8e0af931d5a5cb209c2802c5cf032dcf28cef
655989fe94ca275e0f40078619422fceb20039b9ebe0c68751beaa67e577c608
664a0b5d29e80da96dd3b49bde0ec7a8c8b9b18ddd9016361c24493ce8ebcf14
66d155b879d2692f6967e60ba36158650bbe309b57da05d3966248f6050b5b81
66e7656dc57ecf05b433ebae0948744b817616f643cc85099147f0cf89f21bba
676d69fb5c5c64137221079e0738e0a33d64ef61726f73d8bc25a8fa262674e6
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68d87b31fdd2f187a610cd3d2be726163098788393b36fcd86c6a857d2f6c6f7
69112c889b2081fba7085c5b1725533f5c111ef3750b043eeceaddac16f1de6f
698fe2efc10b4b26dfef0265968c4ef6f11f8e902934fda1f9b242874cada90b
6aa494447f3b0b73a05eb32e516d4ae9cd74a39d5c27a2aaeec627c82e0299ef
6aab36c8b292d9d6f5c7ad710dce0f570f081ba35b3c157abda994e3b66bda47
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f6e2ed1be3944f0d42c2efbc3246f3fcc83127f22ca33d6df37c701ba602e5a
6f81e0dddd996992e9b1eef330fa1dd556d2336c6eee267ebc1ff0b7c585f42a
7136c66ee0037c19d886ae33c804a00e61ea5f4a8850cff98c88c54e4263fa51
74e577137c6ee8977bbbb628d420191b260e0a911928afff54c929fb68371171
77530470f30a86f2d41db8e9482dd4f0425445e9e2c8c80f68744070c6d98dbb
78bf72d4f4eafed73c424067e1c479bc0b41533f1ed6e503ffa2656e08131edc
7954c46e7d76a02168b257a49d06133db2dfbaef4e38d7299abc4e80abeeadc9
7976a9dfe57f9ba6972420500782258da674fcc523c2def08bb6a84ce275c4b5
7a4526cb39025408f18863bb357ed08947e1f952c5e5c17506d25cb1435f3e10
7b7d1c70e7f5b4c6e57077123537f6002f64bdcf9df8314eaefd083469e4ba17
7ba90db21beaf1556a38de2c69747ecc8c7ef6397dbaaf316c5a73ea1e874ab6
7c4711683ed6f2d79b7aebeb5f9d00be743a943159bdb57faf129412ed1de94c
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e4fde2a7e2da4eb11065a29f03b7f68566665515cf79bf4841168b46508dda5
7ede13a3caf648dc412db9b9cfe868fb025077ca4e3a30daaa72a761b02235dd
80ae87b5cb04548db680c3732340f44298d0855bcf61965c5904c0a528f0a5a3
80d965eb342fe979d3ba43adb9b68475485c814c7f6309922692b2af09845d69
824136cfb19ecaf39b37a1dc0058de7fd0ec77583cead5f10397685ad3bd597c
82962e8c8a6f3e66956446a352aca8fd7a486e40f507a8efbea55e29e00dac53
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7
865525990fe55a62560434349db37168481f0182b78d673686837d27aa9fdc49
876dbc70e7dd041dadeada2399c6550b193025e4140bc0f74f7614f1a2b6c263
885abd095038d0b26ddf25b2d8dcb7821d1fcf71206af595bd9856b9219eaf89
8a23c44de48fb21cbcd562cdf009d5d3049c6e064dea597c2e00f4539487909d
8a2dfc3ba8de668db2c98b5234c7594d3b13f15563a829db229dd7f96695ebd3
8a86ef6cc7845f5cf0225b375fb73818b60d423b0f2d55bbba1cc5f209bf2aa6
8b0256741fe94eceb488a73ce12f09f7e7ed179ecefbaeae216bf56e6a6511af
8bd4a3f832145c2aef3424b32aeadbfc62cc27a5dcb4b13eacd07c486967e120
8bf329f48bbe7ae2d9925d4a0d9f17a9e68f8df94a72b284c6a59a7e98a50fba
8e429746559df6094ea6f6f9df774073a22685d233877a00867550317cd21577
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8e683a0ae8fc37aeae8fd20643faef0341fe5cf01c30f25f41d6bad28b1a8365
90eb11bae851d7d825972550b988d515a61827205ba391c4af7e5cf804b92b63
92463b9d2cd139c4a84d9e0a7c4bdb6a2f6623eb7e0fe6614afbfc441e94fd99
92fe1cea3df8fc0e2a03f1c8d0099cb105c7d455ac8be20be165ce6bff558365
932b66d634bffbb441145822206c1fd972e397848e0e7745282adfcb9e3b04ed
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
949e13f62530b313295b0926a35f686051cf5998af5a7e484fce9849c7a88f54
95a489fbeb19799c23f7e1eaf7a33dfb5b11e9d84aea469183532ce37e6afb37
95cd4ef53ea8e9098b48e232e83a491ad8b7bb31eeb8977d027c843f038a724c
96925fcf3f2e756c4ca746bea5edcf726bd05ae282e0ae4260753d62521536e8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc
9aa6d9a63772c706b73ddbad4fdbe60f9c9bf2c5592a25880e85b48a4a4ba287
9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618
9b6c87eccea0ce737b8767f0ec185129131006c4da525972eaa019c88bde01fd
9bbc75a0a2b151cd0d0695a5e2096cb0655302daecb12241849319087b419f46
9d85df6a99b3005d6e56743b7385026d1d376d377afba738b946f702a4a53726
9dfc3c4b38948355349caffa5614d20f172460f057597cdd9c1c2435d68b2581
9e376f2f667dc414fbb123cc230df7ec0f4633ef0c8eb360e973d65988c9bfc3
9e39d321532d4472593ff6110e51c09e688078726758971662ce3b1d26c78067
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a12387bcda7d3ea874cd9930ef36f19d9258cc712394237e4be8bdec48dcc385
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a
a41bd7159c8860f14829ed9beb02a24e7946983e5ab1ab81bf8924e87b341561
a60b47078093749ed0a32bc8be85d6f96b8a44a48fe9580394b7c1b4304787c3
a7b17783fd3d49f11aae189304333e7dd6405d8e60102e3022b5c23f3cf9dca0
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9
aae40a4a56cf4bb4856494fd943282769c806a0a824a1dcf15460adc151fab7f
ab4c432dc5313ff43167b911b6be0742a49eb52ccc520124e9a6104e81f72c27
ab7bae085144691daa9987b901107ff2b5fe2cdb738bb2d1f90ca643e870b12b
aba1ce5341ce84b5199ebbc58553591f717bfb073b347c0b727567d897d19bd3
abca570d68e4d643d2db448f8c1ea05d3f52494fe08453657316a5a1054a556d
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
b0b34e19a5874e87ba4e68b3b13dd8876ea1c67179cb8be6ee371f98e4e544ff
b0bc7aaac454e3a1847b40f762ac1ec96715d1e7f3d5ff43c43424b8453163e7
b1139a764a2eae949ca1358aa7a387a7d6812f277016c070e28279f2639da412
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b19687dfccddb020d5dfe9645e3e4ae12758d1fdefefd7cd6ef53ad378fcec3b
b2f142d0b789ec668d7c9277e3999831bd8a46e777bb327204cbf9febaf7716e
b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30
b50a4b9bfb96a776b168e0fa287f80d268eddebf56355685ff316772db90398e
b5e658cbfac283a4d47e96d45ce03e0b2a7d71f2b4e33f9109ce6d2357d51c2f
b6147e229280b1f919a5ae67ecfdf040fa1939dd3fb131556d8e8431199b5547
b68fecbd3f031c2f5c7576e91e308647b9236e4bc4a736555aa00863ed4a0d01
b6dc85459fbb9d03f478d91eae99e6627e04c8f805b08e4b97423ffbc3870d9d
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83
b7f7467c6c06a52e49133e22bf159ae2fe9819521717d96c492a5efcbb031e03
b9c73af1d7ce6deb846fea3f08ad7c0c7cdb591d3389944c2b8e75d7c90b0b7e
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
be210deb440885f06dafbb7ea741e0eb7f15a8d3a8b1b8ad3c778709fbac2aa2
bf8d3fa14b5d47adf87dd8d04c38bc21ed32ee69120e25bc97ba9e051a150c52
c02ccf4ffd38f6e1602a17e22029a37e1827a19cc5b202d5268c4f9c9336a38d
c0ad03998f309afd3c3708f074cd29053f1e25d71bcf594af9930e33d02035a8
c15de2b5340a556c099e0154a767d50bd42c3713fe89bd5c2369def7d93767bf
c160919e1dbaeddc953c2cc9012d7d8b1f56a94904276b0b96e5c42804478819
c1be31d0e6163ca9064822b0ca7103f7281905197bc443e7e7976a983facae94
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c40fd2fa739ebc3665d2bf6cc7ea4a38aace12341c8eaa17eb99aa0b02a999c3
c5217f89b1e314cb675e0ab6f682307406ce503ffc175b3974188691ae573fba
c85ba5f8f07fe3f4b4f23b47d9dd7a8e01a583ca7cc1e3b78ba460eea75dff55
c99eeb0ffc836cfbaf142f6a4cc3efcb826d3c112d52bbaa079cc982b773bc1a
c9a5dae3162a4eb28317f33c2f3c4272c24c88a6a072a75e638b5f9573442893
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cabe9557308e3a13eae86f2b87be762fe34e5de0d1bf0a18f65d156d1df781b5
cc6e5734072f66432efad80d834dd3cde9ec56d233c170a1bb382b732fe74ead
ccd5b61e7f52bc9216c948f99825c6f6fdc8510dc8e6169f217bbb5e1f9b81a1
cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d05f4734a0d6e06216db33ffca5a4d992cc9aa830bca1020c29871dcd313dea0
d18e4c9257743b884550056599fd804fcfe96ea4b1267a5b58dfafee3ec1b50c
d227fc8d96c990b39a45dcc150fd5865c7eea4bcba1993e5c0d697ef18186017
d442ab76d2dd07e68e77023c140f40de20506c59184bd0fdc97a390223ef70f8
d4cb91a1d316420d6c3e88ee1522801e1c73d1e2c5db2b3d6e423650a62e2deb
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
d5b384efea0a5a1a7ac9274d542c7ca9592c7665d1e16b067f801caa957e3a7d
d746157f0657127a29352a836700fab4a5fb5ea3b2196161dcee931fae9cde2a
d772756f7f30b155def5b4c539d7883b69134c27e64be72d6e2fd98b37718843
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8bd4f7f60bd5866c47163d2c0ecd3bfd3aae969bc0c0345aec523146606c98f
d985831880b545602ce6024aea996faaecaae7452c840ab45ff427083b7251cc
da6e09b9db1512aa3e0dda1cae911c3283ba82cf1036e0f42db5f0272c50e9ae
da86bd7152e642596635cc8a1dff6472589807b284a613c544dfdf5f8eea0490
daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8
dac08fd3eb7d2adf333d36ea5e35d4f4dc25c7dd705cbf99682707b2d95f9031
dbe6a4debf74c5c92f7498df66f45284983080208f0ea969cef1c20d41ee99df
dc6d298f372b332d655c89421d6f3b61bb749794a62d84b58444545bcf41fb84
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df1fdbfee8b0f64b3a55b5542a7e2135ab0554ac00997dbd0b5009450ad3ea70
e01093f59fe5203f1089da90e7d711f974e37120201157ee9c4e5fde99957787
e0223bcc696052dd207c54b33d2f057ecbd158ff5c48e7471bd34ec3aef2fde0
e0b58950b4664f2764f38730f68ac0a69c8f1ac0d7626d773fc49c2a4db4870f
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c
e3946ab5d921940ec1a7785bc190bdc71a16bc2e970000601d6fafb460ddc814
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4240ee23e840bebe54c7c07512f10aee39ae8c0f3ddd6a692be08eb6a6875a9
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e88f4cfa08aa00ee532ce905e24cd09b775c0617ca822210747e8fa52e8664e8
e99a8b2bb16e002eba81a971ff71f7eabe04c12b03cbadcfd13e3b448a8b4ebd
e99c298aed2e391077ca708a77eb5369cf9758ea39a80468c1d0e21f6b564bde
ebe2589b08c0da03f07408fa93830a50a5065a5a5ac744208c62df3a55233529
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ecfa0f1a6b047f7b62901c8292d5ab6a29b5327acdc0a1cc2b05b7f1cbb2b4be
eda805dc6626b5deba39b024011953c9abe5082dcb897e2b03ce5ab2946777b3
edabefc4a9829f06cc7de4af3f3e73eaca127a1a5bba26870446c23c6b10197c
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee1df9f8edf3cb7748bbd64e0212284add875f40398a4d93e854ca5a6a83f4df
eec1d339b9dac9ef9991e418a6fd71c2cf953d77ed1597ed68f82fcc12bf7767
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00f1907b14f2dd4d72b8f04f2718a2e55fd7e43327f58389e32870b8b7f75ac
f2133ed0543fce742aa776af79c83a913943c27b4e39d8dedcec894581fb010f
f2134f17ea7a803a1aeac4bb650ab45f0de6092a4683c9c11935a821e616193a
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f629522460d3571c15128bc851095794b7e587d98b6bf31ccc15a7afc1e7c000
fac69c9d4b28d29c23ff87532b0f70ac7012eb7438ae72249d0bafe02c74afae
fb9a1063cffa29e113b1cedbe8b0dd20fe7ca44e016828775893dba977014e50
fc46cc9f9487c7f546ad49445500404b4a5e618da338164b7f4e2da60b627d0a
fd2c680964b28dc283f3518e21720cd2f886e7bdb8d2f5b47809ef836c337d52