urlscan.io logo urlscan.io
SecurityTrails logo

anotepad.com Open in urlscan Pro
216.22.3.241  Public Scan

Go To Rescan Add Verdict Report
URL: https://anotepad.com/notes/32ay37df
Submission: On November 07 via manual from NL — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 120 IPs in 15 countries across 116 domains to perform 518 HTTP transactions. The main IP is 216.22.3.241, located in Manassas, United States and belongs to LEASEWEB-USA-WDC, US. The main domain is anotepad.com. The Cisco Umbrella rank of the primary domain is 256417.
TLS certificate: Issued by R3 on October 9th 2022. Valid for: 3 months.
This is the only time anotepad.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 216.22.3.241 30633 (LEASEWEB-...)
4 104.17.25.14 13335 (CLOUDFLAR...)
7 108.139.243.7 16509 (AMAZON-02)
7 104.18.20.206 13335 (CLOUDFLAR...)
5 96.16.116.154 16625 (AKAMAI-AS)
2 142.251.12.97 15169 (GOOGLE)
3 74.125.130.95 15169 (GOOGLE)
1 172.217.194.94 15169 (GOOGLE)
3 34.110.181.170 396982 (GOOGLE-CL...)
3 142.251.10.102 15169 (GOOGLE)
1 3 13.33.88.81 16509 (AMAZON-02)
1 23.72.45.156 16625 (AKAMAI-AS)
2 104.18.16.107 13335 (CLOUDFLAR...)
6 142.251.10.157 15169 (GOOGLE)
1 1 104.26.9.50 13335 (CLOUDFLAR...)
1 104.26.6.139 13335 (CLOUDFLAR...)
1 108.139.243.47 16509 (AMAZON-02)
1 74.125.24.156 15169 (GOOGLE)
10 74.125.68.157 15169 (GOOGLE)
2 104.26.3.70 13335 (CLOUDFLAR...)
1 172.253.118.149 15169 (GOOGLE)
1 5 74.125.24.103 15169 (GOOGLE)
1 142.250.4.94 15169 (GOOGLE)
9 34.160.110.8 15169 (GOOGLE)
2 35.227.238.208 15169 (GOOGLE)
2 130.211.23.194 15169 (GOOGLE)
1 54.188.185.41 16509 (AMAZON-02)
16 17 35.71.131.137 16509 (AMAZON-02)
2 74.125.24.154 15169 (GOOGLE)
5 74.125.200.155 15169 (GOOGLE)
16 142.251.12.154 15169 (GOOGLE)
3 74.125.24.132 15169 (GOOGLE)
1 18.155.68.67 16509 (AMAZON-02)
12 172.217.194.132 15169 (GOOGLE)
1 52.36.23.219 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 104.22.52.86 13335 (CLOUDFLAR...)
1 3.22.200.52 16509 (AMAZON-02)
1 141.95.98.64 16276 (OVH)
14 13.250.192.86 16509 (AMAZON-02)
2 4 103.229.10.171 16509 (AMAZON-02)
9 34.107.140.113 396982 (GOOGLE-CL...)
3 103.231.98.193 62713 (AS-PUBMATIC)
28 13.250.173.68 16509 (AMAZON-02)
3 182.161.73.145 55569 (CRITEO-AS...)
3 12 104.18.18.126 13335 (CLOUDFLAR...)
2 24 34.98.64.218 396982 (GOOGLE-CL...)
7 25 104.254.151.69 29990 (ASN-APPNEX)
13 52.77.9.69 16509 (AMAZON-02)
7 34.202.80.64 14618 (AMAZON-AES)
3 80.77.87.217 46636 (NATCOWEB)
12 13.228.105.246 16509 (AMAZON-02)
3 72.34.250.78 27630 (AS-XFERNET)
3 74.125.24.94 15169 (GOOGLE)
2 8 51.79.234.101 16276 (OVH)
4 142.251.12.155 15169 (GOOGLE)
2 35.213.117.18 15169 (GOOGLE)
2 69.173.158.65 26667 (RUBICONPR...)
2 42.99.128.161 4637 (ASN-TELST...)
2 182.161.73.129 55569 (CRITEO-AS...)
6 6 103.229.206.240 30419 (MEDIAMATH...)
1 69.173.144.139 26667 (RUBICONPR...)
10 14 69.173.158.64 26667 (RUBICONPR...)
23 38 172.253.118.157 15169 (GOOGLE)
1 2 23.106.127.53 59253 (LEASEWEB-...)
4 6 35.190.60.146 15169 (GOOGLE)
5 11 52.46.128.147 16509 (AMAZON-02)
14 20 103.231.98.197 62713 (AS-PUBMATIC)
5 7 52.74.13.196 16509 (AMAZON-02)
12 14 35.213.12.39 15169 (GOOGLE)
1 34.236.45.231 14618 (AMAZON-AES)
6 20 139.5.84.243 27381 (CASALE-MEDIA)
5 142.251.12.148 15169 (GOOGLE)
2 104.17.119.107 13335 (CLOUDFLAR...)
4 23.72.44.183 16625 (AKAMAI-AS)
3 23.72.44.196 16625 (AKAMAI-AS)
6 23.15.148.136 16625 (AKAMAI-AS)
2 104.18.13.76 13335 (CLOUDFLAR...)
1 54.192.150.55 16509 (AMAZON-02)
6 6 18.178.91.110 16509 (AMAZON-02)
8 8 103.231.98.194 62713 (AS-PUBMATIC)
1 2 23.106.127.52 59253 (LEASEWEB-...)
1 1 74.214.196.131 19189 (PULSEPOINT)
2 13.228.50.99 16509 (AMAZON-02)
4 5 185.84.60.30 198622 (ADFORM)
2 2 69.173.151.100 26667 (RUBICONPR...)
1 1 23.36.252.26 16625 (AKAMAI-AS)
4 4 34.227.51.174 14618 (AMAZON-AES)
6 6 35.227.202.26 15169 (GOOGLE)
5 6 107.178.244.193 15169 (GOOGLE)
2 2 18.155.68.53 16509 (AMAZON-02)
4 4 89.207.22.108 41041 (VCLK-EU-SE)
2 4 35.186.253.211 15169 (GOOGLE)
3 202.131.200.84 17941 (BIT-ISLE ...)
4 4 50.116.239.135 6336 (TURN-US-ASN)
3 3 202.241.208.54 4694 (IDCF IDC ...)
4 4 13.33.88.71 16509 (AMAZON-02)
1 13.33.88.61 16509 (AMAZON-02)
4 104.16.201.58 13335 (CLOUDFLAR...)
3 3 175.41.187.173 16509 (AMAZON-02)
1 1 18.177.254.176 16509 (AMAZON-02)
2 2 13.33.88.32 16509 (AMAZON-02)
1 1 3.114.121.152 16509 (AMAZON-02)
2 3 213.180.193.90 208722 (GLOBAL_DC)
12 23.66.153.10 16625 (AKAMAI-AS)
2 151.101.129.108 54113 (FASTLY)
2 13.49.167.89 16509 (AMAZON-02)
2 103.231.98.196 62713 (AS-PUBMATIC)
2 2 2.20.137.181 16625 (AKAMAI-AS)
21 54.192.150.46 16509 (AMAZON-02)
12 16 67.199.150.85 62713 (AS-PUBMATIC)
3 3 66.155.71.149 13768 (COGECO-PEER1)
2 3 52.220.14.31 16509 (AMAZON-02)
2 4 52.41.79.126 16509 (AMAZON-02)
1 23.73.13.201 16625 (AKAMAI-AS)
1 35.84.109.80 16509 (AMAZON-02)
4 104.16.118.195 13335 (CLOUDFLAR...)
8 8 67.202.105.21 32748 (STEADFAST)
1 2 67.202.105.31 32748 (STEADFAST)
1 4 13.229.186.111 16509 (AMAZON-02)
2 3 54.239.38.253 16509 (AMAZON-02)
1 13.107.42.14 8068 (MICROSOFT...)
2 182.161.73.136 55569 (CRITEO-AS...)
1 1 34.111.151.213 396982 (GOOGLE-CL...)
1 104.18.19.126 13335 (CLOUDFLAR...)
2 104.18.12.76 13335 (CLOUDFLAR...)
2 52.220.237.110 16509 (AMAZON-02)
1 184.27.123.25 20940 (AKAMAI-ASN1)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
10 14 67.199.150.86 3257 (GTT-BACKB...)
3 3 151.101.130.49 54113 (FASTLY)
1 1 18.138.18.111 16509 (AMAZON-02)
1 182.161.73.146 55569 (CRITEO-AS...)
1 1 139.162.58.205 63949 (LINODE-AP...)
1 1 35.186.193.173 15169 (GOOGLE)
2 18.177.223.79 16509 (AMAZON-02)
1 3.1.14.27 16509 (AMAZON-02)
1 2 104.18.25.173 13335 (CLOUDFLAR...)
1 195.5.165.20 44968 (IPROM-AS)
1 35.214.236.176 15169 (GOOGLE)
1 38.91.45.7 398989 (DEEPINTENT)
4 4 35.230.38.116 396982 (GOOGLE-CL...)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
2 2 18.177.178.108 16509 (AMAZON-02)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 1 104.254.150.228 29990 (ASN-APPNEX)
1 54.65.116.136 16509 (AMAZON-02)
28 104.16.12.64 13335 (CLOUDFLAR...)
6 34.117.239.71 396982 (GOOGLE-CL...)
4 4 74.118.186.45 26120 (RHYTHMONE)
1 2 119.9.108.180 45187 (RACKSPACE...)
1 1 13.228.240.119 16509 (AMAZON-02)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 1 18.176.234.133 16509 (AMAZON-02)
518 120
2    216.22.3.241 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
PTR: anotepad.com
anotepad.com
4    104.17.25.14 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
7    108.139.243.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-243-7.mxp63.r.cloudfront.net
cdn.anotepad.com
7    104.18.20.206 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
a.pub.network
d.pub.network
5    96.16.116.154 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-116-154.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
m.addthis.com
cw.addthis.com
2    142.251.12.97 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f97.1e100.net
www.googletagmanager.com
3    74.125.130.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f95.1e100.net
fonts.googleapis.com
1    172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net
fonts.gstatic.com
3    34.110.181.170 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 170.181.110.34.bc.googleusercontent.com
curvedhoney.com
3    142.251.10.102 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f102.1e100.net
www.google-analytics.com
3    13.33.88.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-81.sin2.r.cloudfront.net
sb.scorecardresearch.com
1    23.72.45.156 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-45-156.deploy.static.akamaitechnologies.com
z.moatads.com
2    104.18.16.107 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
6    142.251.10.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f157.1e100.net
www.googletagservices.com
googleads4.g.doubleclick.net
1    104.26.9.50 (United States)

ASN13335 (CLOUDFLARENET, US)
freestar-io.videoplayerhub.com
1    104.26.6.139 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    108.139.243.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-243-47.mxp63.r.cloudfront.net
static.adsafeprotected.com
1    74.125.24.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f156.1e100.net
stats.g.doubleclick.net
10    74.125.68.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f157.1e100.net
securepubads.g.doubleclick.net
2    104.26.3.70 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    172.253.118.149 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f149.1e100.net
ad.doubleclick.net
5    74.125.24.103 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f103.1e100.net
www.google.com
1    142.250.4.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f94.1e100.net
www.google.co.nz
9    34.160.110.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.110.160.34.bc.googleusercontent.com
c.pub.network
2    35.227.238.208 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 208.238.227.35.bc.googleusercontent.com
api.floors.dev
2    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
1    54.188.185.41 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-188-185-41.us-west-2.compute.amazonaws.com
id.hadron.ad.gt
17    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    74.125.24.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f154.1e100.net
adservice.google.co.nz
5    74.125.200.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f155.1e100.net
adservice.google.com
16    142.251.12.154 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f154.1e100.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
3    74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net
126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com
1    18.155.68.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-67.sin52.r.cloudfront.net
hb.undertone.com
12    172.217.194.132 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f132.1e100.net
tpc.googlesyndication.com
1    52.36.23.219 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-23-219.us-west-2.compute.amazonaws.com
id.sharedid.org
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    104.22.52.86 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    3.22.200.52 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-22-200-52.us-east-2.compute.amazonaws.com
prod.uidapi.com
1    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
14    13.250.192.86 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
4    103.229.10.171 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
cms.quantserve.com
pixel.quantserve.com
9    34.107.140.113 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 113.140.107.34.bc.googleusercontent.com
s2s.t13.io
3    103.231.98.193 (Japan)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
28    13.250.173.68 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
c2shb.pubgw.yahoo.com
3    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
12    104.18.18.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
24    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
freestar-d.openx.net
jp-u.openx.net
us-u.openx.net
25    104.254.151.69 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
lax1-ib.adnxs.com
13    52.77.9.69 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-9-69.ap-southeast-1.compute.amazonaws.com
ads.yieldmo.com
7    34.202.80.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-80-64.compute-1.amazonaws.com
mantodea.mantisadnetwork.com
ecs.mantisadnetwork.com
3    80.77.87.217 (Clifton, United States)

ASN46636 (NATCOWEB, US)
colossusssp.com
12    13.228.105.246 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-105-246.ap-southeast-1.compute.amazonaws.com
btlr.sharethrough.com
3    72.34.250.78 (Los Angeles, United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
3    74.125.24.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f94.1e100.net
www.gstatic.com
8    51.79.234.101 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip101.ip-51-79-234.net
onetag-sys.com
4    142.251.12.155 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f155.1e100.net
googleads.g.doubleclick.net
adservice.google.co.nz
2    35.213.117.18 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 18.117.213.35.bc.googleusercontent.com
grid.bidswitch.net
2    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    42.99.128.161 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-128-161.pacnet.net
qsearch-a.akamaihd.net
2    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
6    103.229.206.240 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
14    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
pixel-apac.rubiconproject.com
token.rubiconproject.com
38    172.253.118.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f157.1e100.net
cm.g.doubleclick.net
2    23.106.127.53 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync-global.smartadserver.com
6    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
11    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
20    103.231.98.197 (Japan)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
7    52.74.13.196 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
pixel.advertising.com
14    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
1    34.236.45.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-45-231.compute-1.amazonaws.com
cs.emxdgt.com
20    139.5.84.243 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
5    142.251.12.148 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f148.1e100.net
s0.2mdn.net
2    104.17.119.107 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
4    23.72.44.183 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-44-183.deploy.static.akamaitechnologies.com
acdn.adnxs.com
3    23.72.44.196 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-44-196.deploy.static.akamaitechnologies.com
ads.pubmatic.com
6    23.15.148.136 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-15-148-136.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    104.18.13.76 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
1    54.192.150.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-55.sin2.r.cloudfront.net
cdn.undertone.com
6    18.178.91.110 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-178-91-110.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
8    103.231.98.194 (Japan)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    23.106.127.52 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
rtb-csync.smartadserver.com
ssbsync.smartadserver.com
1    74.214.196.131 (Sunnyvale, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    13.228.50.99 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-50-99.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
5    185.84.60.30 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    23.36.252.26 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-252-26.deploy.static.akamaitechnologies.com
hbx.media.net
4    34.227.51.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-51-174.compute-1.amazonaws.com
sync.srv.stackadapt.com
6    35.227.202.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com
odr.mookie1.com
6    107.178.244.193 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 193.244.178.107.bc.googleusercontent.com
pixel.tapad.com
2    18.155.68.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-53.sin52.r.cloudfront.net
aa.agkn.com
4    89.207.22.108 (Singapore, Singapore)

ASN41041 (VCLK-EU-SE, US)
PTR: sin02-login-ds.dotomi.com
yieldmo-match.dotomi.com
pubmatic-match.dotomi.com
4    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
3    202.131.200.84 (Japan)

ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP)
sync-dsp.ad-m.asia
4    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
3    202.241.208.54 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
4    13.33.88.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-71.sin2.r.cloudfront.net
cr-p3.ladsp.com
1    13.33.88.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-61.sin2.r.cloudfront.net
rules.quantcount.com
4    104.16.201.58 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
pixel.yabidos.com
3    175.41.187.173 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-175-41-187-173.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
1    18.177.254.176 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-254-176.ap-northeast-1.compute.amazonaws.com
v9999.adv.admeme.net
2    13.33.88.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-32.sin2.r.cloudfront.net
cr-p1.ladsp.com
1    3.114.121.152 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-114-121-152.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
3    213.180.193.90 (Russian Federation)

ASN208722 (GLOBAL_DC, FI)
PTR: bs.yandex.ru
an.yandex.ru
12    23.66.153.10 (Tseung Kwan O, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-66-153-10.deploy.static.akamaitechnologies.com
ssl.connextra.com
2    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
2    13.49.167.89 (Stockholm, Sweden)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-49-167-89.eu-north-1.compute.amazonaws.com
protected-by.clarium.io
2    103.231.98.196 (Japan)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    2.20.137.181 (Tseung Kwan O, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-137-181.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
21    54.192.150.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-46.sin2.r.cloudfront.net
usr.undertone.com
16    67.199.150.85 (Los Angeles, United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
3    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
3    52.220.14.31 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-14-31.ap-southeast-1.compute.amazonaws.com
sync.crwdcntrl.net
4    52.41.79.126 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-41-79-126.us-west-2.compute.amazonaws.com
dpm.demdex.net
1    23.73.13.201 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-13-201.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    35.84.109.80 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-84-109-80.us-west-2.compute.amazonaws.com
beacon.krxd.net
4    104.16.118.195 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
pre.glotgrx.com
8    67.202.105.21 (Tinley Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
2    67.202.105.31 (Tinley Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net
de.tynt.com
hde.tynt.com
4    13.229.186.111 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-229-186-111.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
3    54.239.38.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    34.111.151.213 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
1    104.18.19.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
dsum.casalemedia.com
2    104.18.12.76 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
2    52.220.237.110 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-237-110.ap-southeast-1.compute.amazonaws.com
d.adroll.com
1    184.27.123.25 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-27-123-25.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
14    67.199.150.86 (Los Angeles, United States)

ASN3257 (GTT-BACKBONE GTT, US)
simage2.pubmatic.com
3    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    18.138.18.111 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com
cm.ambientdsp.com
1    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
1    139.162.58.205 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1471-205.members.linode.com
gocm.c.appier.net
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
2    18.177.223.79 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-223-79.ap-northeast-1.compute.amazonaws.com
dps.jp.cinarra.com
1    3.1.14.27 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-14-27.ap-southeast-1.compute.amazonaws.com
cm.adgrx.com
2    104.18.25.173 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    35.214.236.176 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 176.236.214.35.bc.googleusercontent.com
csync.loopme.me
1    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
4    35.230.38.116 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 116.38.230.35.bc.googleusercontent.com
um.simpli.fi
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
2    18.177.178.108 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-178-108.ap-northeast-1.compute.amazonaws.com
pool.admedo.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    104.254.150.228 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
secure.adnxs.com
1    54.65.116.136 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-65-116-136.ap-northeast-1.compute.amazonaws.com
rtb.gumgum.com
28    104.16.12.64 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
c.bannerflow.net
6    34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com
events-ssc.33across.com
4    74.118.186.45 (Serangoon, Singapore)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    119.9.108.180 (Hong Kong)

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)
uipglob.semasio.net
1    13.228.240.119 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-240-119.ap-southeast-1.compute.amazonaws.com
i.w55c.net
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    18.176.234.133 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-234-133.ap-northeast-1.compute.amazonaws.com
bk.r-ad.ne.jp
Apex Domain
Subdomains		 Transfer
66 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 724
image8.pubmatic.com — Cisco Umbrella Rank: 886
ads.pubmatic.com — Cisco Umbrella Rank: 732
image2.pubmatic.com — Cisco Umbrella Rank: 1407
image6.pubmatic.com — Cisco Umbrella Rank: 922
image4.pubmatic.com — Cisco Umbrella Rank: 1503
simage2.pubmatic.com — Cisco Umbrella Rank: 979
simage4.pubmatic.com — Cisco Umbrella Rank: 1586
40 KB
56 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 166
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 264
ad.doubleclick.net — Cisco Umbrella Rank: 208
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
cm.g.doubleclick.net — Cisco Umbrella Rank: 320
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 367
244 KB
52 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1180
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1519
ups.analytics.yahoo.com — Cisco Umbrella Rank: 407
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 715
8 KB
33 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 743
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 819
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 666
dsum.casalemedia.com — Cisco Umbrella Rank: 2183
26 KB
32 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 313
acdn.adnxs.com — Cisco Umbrella Rank: 880
lax1-ib.adnxs.com — Cisco Umbrella Rank: 3240
cdn.adnxs.com — Cisco Umbrella Rank: 2040
secure.adnxs.com — Cisco Umbrella Rank: 690
162 KB
28 bannerflow.net
c.bannerflow.net — Cisco Umbrella Rank: 9669
320 KB
28 openx.net
oajs.openx.net — Cisco Umbrella Rank: 3636 Failed
freestar-d.openx.net — Cisco Umbrella Rank: 13918
jp-u.openx.net — Cisco Umbrella Rank: 7685
rtb.openx.net — Cisco Umbrella Rank: 2255
us-u.openx.net — Cisco Umbrella Rank: 683
5 KB
28 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 131
126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 167
152 KB
27 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 681 Failed
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2815
pixel.rubiconproject.com — Cisco Umbrella Rank: 483
eus.rubiconproject.com — Cisco Umbrella Rank: 826
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1250
pixel-apac.rubiconproject.com — Cisco Umbrella Rank: 27708
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1289
token.rubiconproject.com — Cisco Umbrella Rank: 1059
45 KB
23 undertone.com
hb.undertone.com — Cisco Umbrella Rank: 4342
cdn.undertone.com — Cisco Umbrella Rank: 9079
usr.undertone.com — Cisco Umbrella Rank: 5951
10 KB
17 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 457
9 KB
16 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1351 Failed
x.bidswitch.net — Cisco Umbrella Rank: 415
8 KB
16 pub.network
a.pub.network — Cisco Umbrella Rank: 7409
d.pub.network — Cisco Umbrella Rank: 8195
c.pub.network — Cisco Umbrella Rank: 8196
449 KB
14 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 1473
events-ssc.33across.com — Cisco Umbrella Rank: 3641
5 KB
14 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 412
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1256
10 KB
14 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1559
match.sharethrough.com — Cisco Umbrella Rank: 756
9 KB
13 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 946
11 KB
12 connextra.com
ssl.connextra.com — Cisco Umbrella Rank: 7971
14 KB
10 google.com
www.google.com — Cisco Umbrella Rank: 17
adservice.google.com — Cisco Umbrella Rank: 134
3 KB
9 t13.io
s2s.t13.io — Cisco Umbrella Rank: 5691
2 KB
9 anotepad.com
anotepad.com — Cisco Umbrella Rank: 256417
cdn.anotepad.com
44 KB
8 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1095
4 KB
7 mantisadnetwork.com
mantodea.mantisadnetwork.com — Cisco Umbrella Rank: 25645
ecs.mantisadnetwork.com — Cisco Umbrella Rank: 46023
2 KB
6 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 20824
cr-p1.ladsp.com — Cisco Umbrella Rank: 127483
3 KB
6 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 712
980 B
6 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1394
866 B
6 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 818
3 KB
6 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 723
3 KB
6 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 866
gum.criteo.com — Cisco Umbrella Rank: 481
dis.criteo.com — Cisco Umbrella Rank: 941
8 KB
6 rlcdn.com
api.rlcdn.com Failed
id.rlcdn.com — Cisco Umbrella Rank: 899
idsync.rlcdn.com — Cisco Umbrella Rank: 578
938 B
6 google.co.nz
www.google.co.nz — Cisco Umbrella Rank: 20584
adservice.google.co.nz — Cisco Umbrella Rank: 86771
2 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 1002
2 KB
5 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 352
149 KB
4 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1432
2 KB
4 glotgrx.com
pre.glotgrx.com — Cisco Umbrella Rank: 7781
483 B
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 285
3 KB
4 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1319
i.w55c.net — Cisco Umbrella Rank: 2541
3 KB
4 yabidos.com
pixel.yabidos.com — Cisco Umbrella Rank: 7865
50 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 1214
2 KB
4 dotomi.com
yieldmo-match.dotomi.com — Cisco Umbrella Rank: 6557
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4676
1 KB
4 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1051
2 KB
4 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 903
cdn.indexww.com — Cisco Umbrella Rank: 2284
3 KB
4 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 2623
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 805
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1182
1 KB
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1410
cms.quantserve.com — Cisco Umbrella Rank: 989
pixel.quantserve.com — Cisco Umbrella Rank: 911
11 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
169 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
39 KB
4 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 2247
m.addthis.com — Cisco Umbrella Rank: 2262
cw.addthis.com — Cisco Umbrella Rank: 5307
142 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 361
112 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 784
2 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 916
868 B
3 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1112
2 KB
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 930
2 KB
3 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 3452
1 KB
3 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1530
3 KB
3 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 4474
729 B
3 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 2786
sync.go.sonobi.com Failed
5 KB
3 colossusssp.com
colossusssp.com — Cisco Umbrella Rank: 2285
717 B
3 btloader.com
btloader.com — Cisco Umbrella Rank: 1895
api.btloader.com — Cisco Umbrella Rank: 2068
105 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 207
3 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 97
20 KB
3 curvedhoney.com
curvedhoney.com — Cisco Umbrella Rank: 68551
28 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 118
3 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1916
854 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 6413
1 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 1124
718 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1486
s.tribalfusion.com — Cisco Umbrella Rank: 3468
1 KB
2 cinarra.com
dps.jp.cinarra.com — Cisco Umbrella Rank: 15177
440 B
2 adroll.com
d.adroll.com — Cisco Umbrella Rank: 2070
361 B
2 tynt.com
de.tynt.com — Cisco Umbrella Rank: 2274
hde.tynt.com — Cisco Umbrella Rank: 5631
4 KB
2 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 2391
690 B
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 759
1 KB
2 brealtime.com
biddr.brealtime.com — Cisco Umbrella Rank: 4646
2 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 782
58 KB
2 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 2767
592 B
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1469
id5-sync.com — Cisco Umbrella Rank: 678
17 KB
2 floors.dev
api.floors.dev — Cisco Umbrella Rank: 12467
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 2067
1 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 2083
92 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 121
120 KB
1 r-ad.ne.jp
bk.r-ad.ne.jp — Cisco Umbrella Rank: 27089
548 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 3919
173 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1759
527 B
1 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1753
209 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4946
463 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 5674
390 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1443
44 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1264
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 7375
279 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 2319
230 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 16302
459 B
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 3582
395 B
1 ambientdsp.com
cm.ambientdsp.com — Cisco Umbrella Rank: 18116
652 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 5294
420 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 982
694 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 3232
366 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 815
571 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 774
338 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 760
448 B
1 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 1774
271 B
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 4180
460 B
1 admeme.net
v9999.adv.admeme.net — Cisco Umbrella Rank: 164766
358 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1196
1 KB
1 media.net
hbx.media.net — Cisco Umbrella Rank: 1890
643 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 813
842 B
1 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 1377
67 B
1 uidapi.com
prod.uidapi.com — Cisco Umbrella Rank: 3901
5 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 3817
8 KB
1 sharedid.org
id.sharedid.org — Cisco Umbrella Rank: 3578
903 B
1 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 5292
269 B
1 addthisedge.com
v1.addthisedge.com — Cisco Umbrella Rank: 2630
325 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 747
466 B
1 videoplayerhub.com
freestar-io.videoplayerhub.com — Cisco Umbrella Rank: 9652
450 B
1 moatads.com
z.moatads.com — Cisco Umbrella Rank: 598
1 KB
0 rundsp.com Failed
match.rundsp.com Failed
0 admanmedia.com Failed
cs.admanmedia.com Failed
0 nex8.net Failed
cs.nex8.net Failed
518 116
Domain Requested by
38 cm.g.doubleclick.net 23 redirects onetag-sys.com
googleads.g.doubleclick.net
ads.yieldmo.com
jp-u.openx.net
126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com
28 c.bannerflow.net ssl.connextra.com
c.bannerflow.net
28 c2shb.pubgw.yahoo.com a.pub.network
21 usr.undertone.com cdn.undertone.com
ssum-sec.casalemedia.com
ads.pubmatic.com
eus.rubiconproject.com
20 dsum-sec.casalemedia.com 6 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
20 image8.pubmatic.com 14 redirects onetag-sys.com
ads.pubmatic.com
19 ib.adnxs.com 7 redirects a.pub.network
googleads.g.doubleclick.net
acdn.adnxs.com
17 match.adsrvr.org 16 redirects a.pub.network
14 simage2.pubmatic.com 10 redirects ads.pubmatic.com
14 image4.pubmatic.com 12 redirects ads.pubmatic.com
14 x.bidswitch.net 12 redirects onetag-sys.com
14 c2shb.ssp.yahoo.com a.pub.network
13 ads.yieldmo.com a.pub.network
ads.yieldmo.com
13 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com
googleads.g.doubleclick.net
anotepad.com
www.googletagservices.com
12 ssl.connextra.com anotepad.com
ssl.connextra.com
12 us-u.openx.net 2 redirects jp-u.openx.net
hde.tynt.com
us-u.openx.net
12 btlr.sharethrough.com a.pub.network
12 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
anotepad.com
126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com
11 s.amazon-adsystem.com 5 redirects onetag-sys.com
ssum-sec.casalemedia.com
us-u.openx.net
10 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
anotepad.com
9 ssum-sec.casalemedia.com 3 redirects js-sec.indexww.com
cdn.undertone.com
ssum-sec.casalemedia.com
9 jp-u.openx.net a.pub.network
jp-u.openx.net
us-u.openx.net
9 pixel.rubiconproject.com 5 redirects onetag-sys.com
9 s2s.t13.io a.pub.network
onetag-sys.com
hde.tynt.com
9 c.pub.network a.pub.network
8 ssc-cms.33across.com 8 redirects
8 image2.pubmatic.com 8 redirects
8 onetag-sys.com 2 redirects a.pub.network
onetag-sys.com
7 cdn.anotepad.com anotepad.com
cdn.anotepad.com
6 events-ssc.33across.com hde.tynt.com
us-u.openx.net
eus.rubiconproject.com
6 lax1-ib.adnxs.com anotepad.com
cdn.adnxs.com
6 pixel.tapad.com 5 redirects
6 odr.mookie1.com 6 redirects
6 match.prod.bidr.io 6 redirects
6 eus.rubiconproject.com a.pub.network
eus.rubiconproject.com
cdn.undertone.com
hde.tynt.com
6 ups.analytics.yahoo.com 4 redirects onetag-sys.com
us-u.openx.net
6 sync.mathtag.com 6 redirects
6 a.pub.network anotepad.com
a.pub.network
securepubads.g.doubleclick.net
5 c1.adform.net 4 redirects ads.pubmatic.com
5 s0.2mdn.net anotepad.com
126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com
s0.2mdn.net
5 mantodea.mantisadnetwork.com a.pub.network
5 adservice.google.com securepubads.g.doubleclick.net
5 adservice.google.co.nz securepubads.g.doubleclick.net
5 www.google.com 1 redirects anotepad.com
tpc.googlesyndication.com
126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com
4 um.simpli.fi 4 redirects
4 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
us-u.openx.net
4 token.rubiconproject.com 4 redirects
4 pre.glotgrx.com mantodea.mantisadnetwork.com
4 idsync.rlcdn.com 2 redirects cdn.undertone.com
ads.pubmatic.com
4 dpm.demdex.net 2 redirects cdn.undertone.com
ssum-sec.casalemedia.com
4 pixel.yabidos.com mantodea.mantisadnetwork.com
pixel.yabidos.com
4 cr-p3.ladsp.com 4 redirects
4 ad.turn.com 4 redirects
4 rtb.openx.net 2 redirects jp-u.openx.net
4 sync.srv.stackadapt.com 4 redirects
4 acdn.adnxs.com a.pub.network
anotepad.com
4 googleads.g.doubleclick.net 126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com
anotepad.com
4 www.googletagservices.com a.pub.network
anotepad.com
126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
4 cdnjs.cloudflare.com anotepad.com
3 sync.1rx.io 3 redirects
3 sync-tm.everesttech.net 3 redirects
3 aax-eu.amazon-adsystem.com 2 redirects
3 sync.crwdcntrl.net 2 redirects
3 pixel-sync.sitescout.com 3 redirects
3 an.yandex.ru 2 redirects 126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com
3 pm.w55c.net 3 redirects
3 tg.socdm.com 3 redirects
3 sync-dsp.ad-m.asia jp-u.openx.net
ads.pubmatic.com
3 ads.pubmatic.com a.pub.network
ads.pubmatic.com
3 www.gstatic.com anotepad.com
126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com
3 apex.go.sonobi.com a.pub.network
3 colossusssp.com a.pub.network
3 freestar-d.openx.net a.pub.network
3 htlb.casalemedia.com a.pub.network
3 bidder.criteo.com a.pub.network
3 hbopenbid.pubmatic.com a.pub.network
3 126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 sb.scorecardresearch.com 1 redirects a.pub.network
anotepad.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 curvedhoney.com a.pub.network
curvedhoney.com
3 fonts.googleapis.com cdn.anotepad.com
126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com
anotepad.com
2 uipglob.semasio.net 1 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 pubmatic-match.dotomi.com 2 redirects
2 pool.admedo.com 2 redirects
2 pippio.com 2 redirects
2 dps.jp.cinarra.com ads.pubmatic.com
us-u.openx.net
2 d.adroll.com ssum-sec.casalemedia.com
2 cdn.indexww.com ssum-sec.casalemedia.com
2 cms.quantserve.com 2 redirects
2 gum.criteo.com static.criteo.net
gum.criteo.com
2 googleads4.g.doubleclick.net anotepad.com
2 secure-assets.rubiconproject.com 2 redirects
2 image6.pubmatic.com ads.pubmatic.com
2 protected-by.clarium.io anotepad.com
2 cdn.adnxs.com anotepad.com
2 cr-p1.ladsp.com 2 redirects
2 ecs.mantisadnetwork.com mantodea.mantisadnetwork.com
2 yieldmo-match.dotomi.com 2 redirects
2 aa.agkn.com 2 redirects
2 pixel-us-east.rubiconproject.com 2 redirects
2 match.sharethrough.com
2 js-sec.indexww.com a.pub.network
2 biddr.brealtime.com a.pub.network
2 id.rlcdn.com 2 redirects
2 ssbsync-global.smartadserver.com 1 redirects onetag-sys.com
2 static.criteo.net a.pub.network
static.criteo.net
2 qsearch-a.akamaihd.net
2 grid.bidswitch.net a.pub.network
2 fastlane.rubiconproject.com a.pub.network
2 api.btloader.com freestar-io.videoplayerhub.com
2 api.floors.dev a.pub.network
2 ad-delivery.net anotepad.com
2 cdn.confiant-integrations.net a.pub.network
cdn.confiant-integrations.net
2 www.googletagmanager.com anotepad.com
www.googletagmanager.com
2 s7.addthis.com anotepad.com
s7.addthis.com
2 anotepad.com cdnjs.cloudflare.com
1 bk.r-ad.ne.jp 1 redirects
1 tr.blismedia.com us-u.openx.net
1 i.w55c.net 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 pixel.quantserve.com
1 rtb.gumgum.com ads.pubmatic.com
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 csync.loopme.me ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 ipac.ctnsnet.com 1 redirects
1 gocm.c.appier.net 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 cm.ambientdsp.com 1 redirects
1 s.company-target.com 1 redirects
1 ads.stickyadstv.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 px.ads.linkedin.com
1 hde.tynt.com a.pub.network
1 de.tynt.com 1 redirects
1 beacon.krxd.net cdn.undertone.com
1 tags.bluekai.com cdn.undertone.com
1 cw.addthis.com cdn.undertone.com
1 pixel.advertising.com 1 redirects
1 cc.adingo.jp 1 redirects
1 v9999.adv.admeme.net 1 redirects
1 rules.quantcount.com secure.quantserve.com
1 pixel-apac.rubiconproject.com 1 redirects
1 hbx.media.net 1 redirects
1 ssbsync.smartadserver.com
1 bh.contextweb.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 cdn.undertone.com a.pub.network
1 cs.emxdgt.com a.pub.network
1 pixel-eu.rubiconproject.com onetag-sys.com
1 secure.quantserve.com a.pub.network
1 id5-sync.com cdn.id5-sync.com
1 prod.uidapi.com securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 id.sharedid.org securepubads.g.doubleclick.net
1 hb.undertone.com a.pub.network
1 id.hadron.ad.gt a.pub.network
1 m.addthis.com s7.addthis.com
1 v1.addthisedge.com s7.addthis.com
1 www.google.co.nz anotepad.com
1 ad.doubleclick.net anotepad.com
1 stats.g.doubleclick.net www.google-analytics.com
1 static.adsafeprotected.com curvedhoney.com
1 btloader.com anotepad.com
1 freestar-io.videoplayerhub.com 1 redirects
1 z.moatads.com s7.addthis.com
1 d.pub.network a.pub.network
1 fonts.gstatic.com fonts.googleapis.com
0 match.rundsp.com Failed us-u.openx.net
0 sync.go.sonobi.com Failed
0 cs.admanmedia.com Failed cdn.undertone.com
0 cs.nex8.net Failed jp-u.openx.net
0 oajs.openx.net Failed
0 api.rlcdn.com Failed a.pub.network
518 183
Subject Issuer Validity Valid
anotepad.com
R3		 2022-10-09 -
2023-01-07		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
*.anotepad.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
*.pub.network
E1		 2022-10-31 -
2023-01-29		 3 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
curvedhoney.com
R3		 2022-10-04 -
2023-01-02		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
*.confiant-integrations.net
E1		 2022-09-26 -
2022-12-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.google.co.nz
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
api.floors.dev
GTS CA 1D4		 2022-10-03 -
2023-01-01		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2022-10-20 -
2023-01-18		 3 months crt.sh
id.hadron.ad.gt
Amazon RSA 2048 M02		 2022-10-31 -
2023-11-29		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.undertone.com
Amazon		 2022-09-03 -
2023-10-01		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
id.sharedid.org
Amazon		 2021-12-09 -
2023-01-06		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2022-10-06 -
2023-01-04		 3 months crt.sh
*.uidapi.com
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
s2s.t13.io
GTS CA 1D4		 2022-09-27 -
2022-12-26		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.yieldmo.com
Amazon		 2022-09-12 -
2023-10-12		 a year crt.sh
*.mantisadnetwork.com
Amazon		 2022-09-13 -
2023-10-12		 a year crt.sh
*.colossusssp.com
Go Daddy Secure Certificate Authority - G2		 2022-09-08 -
2023-10-10		 a year crt.sh
*.sharethrough.com
Amazon		 2022-10-24 -
2023-11-21		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-09-27 -
2023-03-22		 6 months crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2022-01-21 -
2023-02-22		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-12-10 -
2022-12-09		 a year crt.sh
sync-dsp.ad-m.asia
GlobalSign GCC R3 DV TLS CA 2020		 2022-07-21 -
2023-08-22		 a year crt.sh
*.connextra.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-26 -
2023-05-26		 a year crt.sh
protected-by.clarium.io
Gandi Standard SSL CA 2		 2022-04-10 -
2023-04-26		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-20 -
2023-10-19		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-07 -
2023-09-30		 a year crt.sh
*.adroll.com
Amazon		 2021-12-18 -
2023-01-15		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-14 -
2023-06-16		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-14 -
2023-06-13		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.iprom.net
R3		 2022-09-13 -
2022-12-12		 3 months crt.sh
loopme.com
R3		 2022-09-26 -
2022-12-25		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
events-ssc.33across.com
GTS CA 1D4		 2022-09-17 -
2022-12-16		 3 months crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-10-16 -
2023-01-14		 3 months crt.sh

This page contains 73 frames:

Primary Page: https://anotepad.com/notes/32ay37df
Frame ID: 84779DB59F2B2B2B0A520AF0E75CAB61
Requests: 185 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: CA6D085BE5609218D3720B6EB15ED9DB
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: FB2EF62EE8E46700C49875647EA5F52E
Requests: 1 HTTP requests in this frame

Frame: https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 771D2A7C5AE0E35ABA681F63FCA88B61
Requests: 1 HTTP requests in this frame

Frame: https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: A64B2F626AC9D77B76C79415FFD1B51C
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D1FDF86FE6E2AF92CAAD8204722EFC13
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1E47E087AE5141B6E1D667CE00F59536
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: FA39AAD89082AFE46D878AE41E2B8EA9
Requests: 8 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Frame ID: C2A5E6632292DB35726A72AB16737515
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E8CFCB15D22A12882391254CF3EBA92E
Requests: 2 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24UID
Frame ID: 3E7337808351808A7EA1596D7DB4456F
Requests: 1 HTTP requests in this frame

Frame: https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 2F813063DD90DC67D2A485714C6B658E
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI27HBDml7T5Axj905fUATAB&v=APEucNXwzpAKbTiD3FoX5IrfjsCpmluUhei1ug7hV49Id8oPYiDb1-8ej9hypbKYJqFrNYb5B7OSlJzHzwbxZU2ybE7UOEYKlw
Frame ID: 014E905A0A8993E1BA85C87E3B4FB191
Requests: 5 HTTP requests in this frame

Frame: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1667825422608&secure=true&version=9&uuid=bbbd2e19-9bb4-41d0-8975-3079e1f0287a&title=Flight%20ticket%20price%20from%20Tehran%20to%20Najaf%20-%20Online%20Notepad&url=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df
Frame ID: F080804E9B29F560AEB9FA66606663FE
Requests: 6 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: A19C8283D355DB015079407B780B7A48
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 87F478556A0786D0C6C4FFF3318E026F
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A2CF5FF4347C2491EC46FD45A1A39616
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 194C9E3185FFA6A6483044BDC64161A8
Requests: 3 HTTP requests in this frame

Frame: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Frame ID: 35E5CA5551911B58A8600156ED5F06D8
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Frame ID: CD996F88BD907D92056D18E319F07FA3
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: EBAF93C8F715A35A09018A214E36FE8F
Requests: 10 HTTP requests in this frame

Frame: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1667825423174&secure=true&version=9&uuid=bbbd2e19-9bb4-41d0-8975-3079e1f0287a&title=Flight%20ticket%20price%20from%20Tehran%20to%20Najaf%20-%20Online%20Notepad&url=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df
Frame ID: BA995C7641EB7D125B51B3A7337E09F0
Requests: 6 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Frame ID: 23F8F6762EBE577E40F707AFABD434AA
Requests: 6 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Frame ID: E110397D2EF56D429B4CDA1D196ABE55
Requests: 6 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: F54CE1AB5B85E93512622BBF414FC2FB
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 911FDCFBC9675D2A5D4991E35D6B5F3B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: 040F0E0FF8C0A07CA9DD911DC3FB9B30
Requests: 15 HTTP requests in this frame

Frame: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Frame ID: F960968DF1536BFD6A92F744315FDA07
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Frame ID: BAF0B6190979DF76B18C89530C0D0E43
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DC3F6B0FB74F3DD1CF65378AA97073FE
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvqOIe6UVHeHoIV6o00qxOvMp--_hE7q1I9n4AJW-EoHPdUI0n4Atjr3loguEblxtkZtgiSi5VkmVXnOB2uoIq8tjaUcWHsnh8aihJn7RV-rfhWdp8elNQ3qHPto9ySaM66Lj7xVEXBD3m2vvJMQF1KjhNd5cfb859SMDMIO4FotMJ0f1Zmkc1-iPeXUdtoCtDvzjizLej2zqYVGxz10JRh0Q4MngitEgn7aUty9o8LNPA2Jcr6n0pwuiTETlq-mVhvkrHDk3fvJNNQYDOAOCY8lRkaxu_n2A2bm5-bMJz0x4MjiF3l0d0K-KcWGzbFM9B3V0KN5prUqhZI&sai=AMfl-YQ1N9QCvp6aw_PQdwjg07GWzSM9TeBef1_O5vAwMSJU0UXRXEtvVDaUEd6xqKgRCxDiY86N1Q0OPrWkx_8ZwYxet3S1L27LZTYns3NE9oC3d95rv5Gr8emxqppHppHd&sig=Cg0ArKJSzOkx3yUKaAy7EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 507E15B5EE5971CB45B887654CC40E4E
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 67550E4D7D0B72A5A6A3253DFD728B65
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fanotepad.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 0E54EA6ADC0A74DDB7DEC2DEEA6B0E77
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fanotepad.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 6D0DF390B3F7CE5AD36A288EB7ACFBF8
Requests: 10 HTTP requests in this frame

Frame: https://ssl.connextra.com/Videoslots/selector/client?client=Videoslots&placement=DDM_APN_CAS_ACQ_NZ_300x250&_cb=708776318&apnauc=6395989821403982122&bidid=6395989821403982122&dspid=3bc1d7fd2e&tclk=https://lax1-ib.adnxs.com/click?pCTON1n53D91A12pwSnOPwAAAAApXAlAKSIamdvP0T-yaDo7GRzhPyppzOvaHsNYBkhHiYKqFhQO_2hjAAAAAM3nWQHVGwAAmBwAAAIAAAAvuykXvt4QAAAAAABVU0QAVVNEACwB-gCYHQAAAAABAQUCAAAAAK4AuCJZ9gAAAAA./bcr=AAAAAAAA8D8=/cnd=%21txUMUQjBiecZEK_2prkBGL69QyAAKAAxmpmZmZmZ7T86CUxBWDE6NTUzN0DZL0kAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=NzMyMCNMQVgxOjU1Mzc=/bn=93919/clickenc=
Frame ID: 86EA08A976B7A69030D4F647F45C2811
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7125&pub_id=863137
Frame ID: 3B3EE097A5A0C56A379F8A0913FC0520
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Frame ID: 88570E61FB0F4FAF63018A0A50CA4018
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 3761BFB0ACED9CA02C05AB0786DABE44
Requests: 3 HTTP requests in this frame

Frame: https://ssl.connextra.com/Videoslots/selector/client?client=Videoslots&placement=DDM_APN_CAS_ACQ_NZ_300x250&_cb=708776318&apnauc=6395989821403982122&bidid=6395989821403982122&dspid=3bc1d7fd2e&tclk=https://lax1-ib.adnxs.com/click?pCTON1n53D91A12pwSnOPwAAAAApXAlAKSIamdvP0T-yaDo7GRzhPyppzOvaHsNYBkhHiYKqFhQO_2hjAAAAAM3nWQHVGwAAmBwAAAIAAAAvuykXvt4QAAAAAABVU0QAVVNEACwB-gCYHQAAAAABAQUCAAAAAK4AuCJZ9gAAAAA./bcr=AAAAAAAA8D8=/cnd=%21txUMUQjBiecZEK_2prkBGL69QyAAKAAxmpmZmZmZ7T86CUxBWDE6NTUzN0DZL0kAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=NzMyMCNMQVgxOjU1Mzc=/bn=93919/clickenc=
Frame ID: BB4F0EE4B132B0F0C507C24DA743C667
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7125&pub_id=863137
Frame ID: 14FC54970CE1AB7F4FE92373759C3FA7
Requests: 3 HTTP requests in this frame

Frame: https://lax1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&e=wqT_3QL1DvDtdQcAAAMA1gAFAQiO_qObBhCrmYnC9OKs7TcYhpCdyqjQqosUKjYJRs56mOxZ2j8RBmPx5MZuyz8ZAAAAAClcCUAhKSIamdvP0T8psmg6Oxkc4T8xAAAAoJmZuT8wzc_nCjjVN0CYOUgCUL_2prkBWL69Q2AAaJi7XHjf3QWAAQGKAQNVU0SSAQNVU0SYAcoHoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCAxNDgzMTU1LCAwKTt1ZignaScsIDc2NzMxOTcsIDApO3VmKCdnJywgMTkxNTI3NTksIDApOwE9PHMnLCAyNzg3NTM1ODUsIDAJPzByJywgMzg4NjEwODc5BRbwi5ICqQQhMzIxZGdBakJpZWNaRUxfMnBya0JHQUFndnIxRE1BSTRBRUFBU0pnNVVNM1A1d3BZQUdELUJHZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJDcWdCQ3JBQkFMa0JaUUQ0RkI0YzRUX0JBV1VBLUJRZUhPRV95UUVBQUFBQUFBRHdQOWtCQUFBBQ50OERfZ0FlMnExQVAxQWVPLWd6LVlBZ0NnQWdHMUFnASMEQzkJCNhEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnR0FBd0dZQXdHaUF3NElzc2F0SlJBTEdBSXRBAUPQTG9EQ1V4QldERTZOVFV6Ti1BRDJTLUFCUGlNeWdtSUJQeU15Z21RQkFHWUJBR2dCQlRCQkEBOQkBCHlRUQkJAQEYTmdFQVBFRQELCQFgQ0lCYUVya0FYNi16NllCYkhpOVlRQnFRVQkfGEFEd1A3RUYBDVBZRzl5NnpfQkJjM016R3pjZF9BX3kuKAAAOQkoCQEIRFpCEXfIUEFfNEFYY29RUHdCZmYta0FuNEJaUERXb0lHQTFWVFJJZ0dCSkFHQVpnR0FLRUdtcG1aAQIsN1Qtb0JnU3lCaVFKCVQFAQBSBQYJAQBaCQcFAQBoBQYFAUBDNEJnby6aApkBIXh4VnNWdzotAihMNjlReUFBS0FBeBltBDg2MmUBFDBEWkwwawVPJQUAMT00AEYRGAxBQUFHHRgARx0YAEgdGAxIZ0FpLkEC8Gl3Li7YAp5I4AKd_1vqAiNodHRwczovL2Fub3RlcGFkLmNvbS9ub3Rlcy8zMmF5MzdkZvICEQoGQURWX0lEEgcxNDgzMTU18gISCgZDUEdfSUQSCDE5MTUyNzU58gISCgVDUF9JRBIJMjc4aVIQ8gINCggBPhhGUkVREgEwBRAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPCENQRxUPEAsKB0NQFQ4QEAoFSU8BYSAHNzY3MzE5N_IBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HBUKCFNQTElUAU0Z2fCkgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDxcOTAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA0xMTYuOTAuNzQuMjAzqAQAsgQQCAAQARjKByD6ASgAMAA4ArgEAMAEAMgEANIEDjczMjAjTEFYMTo1NTM32gQCCAHgBAHwBL_2prkBiAUBmAUAoAX___________8BwAUAyQUAoZYYAPA_0gUJCQUL8EwAAADYBQHgBQHqBRcKDWZzX2FkX3Byb2R1Y3QSBmJhbm5lcvAF9PEl-gUECAAQAJAGAJgGAKIGDjcxMjUjTEFYMTo2MzAyuAYAwQYAAAFOKPA_0AapJdoGFgoQAQ8uAQBgEAAYAOAGAfIGhwEI-vs-EoABMXhObVFsb0G72ERBQWtDQlFFSS10dklCaENiMGJzQ0dJMzR4UUlnQnlnQVFLLVNyd1ZJNkxTdkJWRFpMMWllTVg22QIAZ1XZDEFBQUmtWixKb0JBZ2dBcUFFQXMuIAA8QS4ugAcBiAcAoAcBugcPCAWgACAhZyyMFkAAyAff3QXSBw0tJwQ5QAG-CNoHBgkn8F7gBwDqBwIIAPAHluQLighGCkIAAAGEUiROsDfasxdIQkyr1LBbZw_BJeQwWjrqG_WgStmeuAYPL1s2-b_edYFyxtrhovOMzcogmKSyGVD06Lojan0QAZUIAACAP5gIAQ..&s=fedf0423aa58e152e5c8ea08bba150aef4ac46fb&bdref=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df,https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&
Frame ID: 8F068C2FDC8564B4D29FBCFA2B5F494B
Requests: 5 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Frame ID: 153AD1252A299C4EDC294CB2F2D3CACD
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js
Frame ID: AB4650B2BDA1DB952FDA7511AC3BCACA
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=anotepad.com
Frame ID: 29D785A4B72052629CD1DAA05941AC9A
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B&gdpr=0&gdpr_consent=
Frame ID: CA9E03A2F6DD00FF0F4E0ED5BB8BF778
Requests: 1 HTTP requests in this frame

Frame: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
Frame ID: C1D69F82D630C43EA64641EA1D73BC5D
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 5BCB3C1ECB4F1BB0380FB6848FAE1F1C
Requests: 1 HTTP requests in this frame

Frame: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
Frame ID: DF6B562D517D56508AE5335F00A1F44E
Requests: 1 HTTP requests in this frame

Frame: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
Frame ID: 23DB2F7F6C1592B730150D85DC3CD801
Requests: 1 HTTP requests in this frame

Frame: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
Frame ID: 8A1C367FB2137E271F9EE41FDA66DF78
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 8F81103844B2D259A4EF9B477CE358A9
Requests: 1 HTTP requests in this frame

Frame: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
Frame ID: BE863A253F9359BC6E903558A7EE9BD9
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 1C7A6AEE105B6350C395FDBBA6543EA5
Requests: 1 HTTP requests in this frame

Frame: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
Frame ID: CAAFC78FDF4D2F69B87FC12B7C597E8A
Requests: 1 HTTP requests in this frame

Frame: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
Frame ID: 4D765DCABEA9CD26B4AF39AE00A6E59C
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
Frame ID: BBA693741D12138937A8805D8D34A041
Requests: 1 HTTP requests in this frame

Frame: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
Frame ID: 4075AF97390F5CB6502FAA8BA1D3269D
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 2FB06A51C5D8A1ACFC526601C90877ED
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 722F0B7D158D617493C4837D9D7C17A0
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: B076595C2907B9CD49D811835DBAC4E2
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Frame ID: 7CA9D82C0B091B3426E5D61B8F982217
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 30183ABBB9C071CE6A928FE3B66A0E9C
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 724EE7B549FDA902CB3E7DE2EFC040FA
Requests: 1 HTTP requests in this frame

Frame: https://ssl.connextra.com/servlet/controller?service=DDM_CAS_ACQ_NZ_WelcomeOfferOct2022_300x250&pubhost=anotepad.com&apnauc=6395989821403982122&tclk=https%3A%2F%2Flax1-ib.adnxs.com%2Fclick%3FpCTON1n53D91A12pwSnOPwAAAAApXAlAKSIamdvP0T-yaDo7GRzhPyppzOvaHsNYBkhHiYKqFhQO_2hjAAAAAM3nWQHVGwAAmBwAAAIAAAAvuykXvt4QAAAAAABVU0QAVVNEACwB-gCYHQAAAAABAQUCAAAAAK4AuCJZ9gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21txUMUQjBiecZEK_2prkBGL69QyAAKAAxmpmZmZmZ7T86CUxBWDE6NTUzN0DZL0kAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNMQVgxOjU1Mzc%3D%2Fbn%3D93919%2Fclickenc%3D&client=Videoslots&dspid=3bc1d7fd2e&placement=DDM_APN_CAS_ACQ_NZ_300x250&bidid=6395989821403982122&_cb=708776318
Frame ID: 1DC14F0E593B64E9C18D4362B306B53E
Requests: 15 HTTP requests in this frame

Frame: https://ssl.connextra.com/servlet/controller?service=DDM_CAS_ACQ_NZ_WelcomeOfferOct2022_300x250&pubhost=anotepad.com&apnauc=6395989821403982122&tclk=https%3A%2F%2Flax1-ib.adnxs.com%2Fclick%3FpCTON1n53D91A12pwSnOPwAAAAApXAlAKSIamdvP0T-yaDo7GRzhPyppzOvaHsNYBkhHiYKqFhQO_2hjAAAAAM3nWQHVGwAAmBwAAAIAAAAvuykXvt4QAAAAAABVU0QAVVNEACwB-gCYHQAAAAABAQUCAAAAAK4AuCJZ9gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21txUMUQjBiecZEK_2prkBGL69QyAAKAAxmpmZmZmZ7T86CUxBWDE6NTUzN0DZL0kAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNMQVgxOjU1Mzc%3D%2Fbn%3D93919%2Fclickenc%3D&client=Videoslots&dspid=3bc1d7fd2e&placement=DDM_APN_CAS_ACQ_NZ_300x250&bidid=6395989821403982122&_cb=708776318
Frame ID: BCEA6CE1BC0E362588802D8471DC565E
Requests: 15 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15382550933627157751/728x90/728x90_aws_banner.html
Frame ID: 6BFA8929756A1E2CA70F168478B1D005
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: 178FAAC8E60351F2EB7706000443EDDB
Requests: 3 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Frame ID: E467D7B0F79789CD36E906B1273FF55C
Requests: 12 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d198bfc5-cb4a-4f60-b1da-4878327bd77c-004
Frame ID: DC98416035BA74D30D0B606356F8E757
Requests: 1 HTTP requests in this frame

Frame: blob://https://ssl.connextra.com/105e45cd-79ca-45b1-ac5a-5eb7ccf75aad
Frame ID: E135DFBB0B6F33D369C62D03D3E7B684
Requests: 1 HTTP requests in this frame

Frame: blob://https://ssl.connextra.com/434115c4-eaf1-4ecc-b29a-58ca276a7635
Frame ID: 2709AE1D6D5668D68AD8B55EC1152AD2
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fvideoslots%2F5b51d34868173955bc45cde2%2Fimages%2F1b53a974-18d2-4422-930f-2a8579ca537c.jpg&w=321&h=563&q=85&f=webp&rt=contain
Frame ID: B51E9195FF302C48B23A744303D69887
Requests: 5 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fvideoslots%2F5b51d34868173955bc45cde2%2Fimages%2F1b53a974-18d2-4422-930f-2a8579ca537c.jpg&w=321&h=563&q=85&f=webp&rt=contain
Frame ID: F09A842EE722F2ED682F473850AE5B23
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Flight ticket price from Tehran to Najaf - Online Notepad

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

518
Requests

75 %
HTTPS

0 %
IPv6

116
Domains

183
Subdomains

120
IPs

15
Countries

2689 kB
Transfer

7965 kB
Size

193
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://freestar-io.videoplayerhub.com/gallery.js HTTP 301
  • https://btloader.com/tag?h=freestar-io&upapi=true
Request Chain 29
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1667825417015&ns_c=UTF-8&c7=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&c8=Flight%20ticket%20price%20from%20Tehran%20to%20Najaf%20-%20Online%20Notepad&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1667825417015&ns_c=UTF-8&c7=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&c8=Flight%20ticket%20price%20from%20Tehran%20to%20Najaf%20-%20Online%20Notepad&c9=
Request Chain 74
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&rid=esp&cc=1
Request Chain 166
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 167
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=fecc6368-ff0f-4500-8782-ef9de7e74b2d&gdpr=1&gdpr_consent=
Request Chain 169
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1447531807871813638
Request Chain 171
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhFIkVFQIvHwQxeXD8AhBIpA7_J48gCFk0g
Request Chain 173
  • https://id.rlcdn.com/711916.gif?ct=4&cv= HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCI_-o5sGEgUI6AcQAEIASgA HTTP 307
  • https://onetag-sys.com/match/?int_id=110&uid=
Request Chain 174
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=O-oRwzYQXGzF4CzjnVUfTZF_ORQ-_KIBP5CDy2Y-4mU
Request Chain 176
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGcdp1OUF2PEfP25iwoW65M&google_cver=1
Request Chain 178
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=aecd6e24-a5c6-432b-b87d-76314db61f68&gdpr=0&gdpr_consent=
Request Chain 197
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN4SQa1OALnhuyPoYIq7Y6w&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN4SQa1OALnhuyPoYIq7Y6w&google_cver=1&C=1
Request Chain 198
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y2j-ELQHPsPZv3bjUYpljgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN4SQa1OALnhuyPoYIq7Y6w&google_cver=1
Request Chain 199
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECeXAXz8Yj0kXQwAAaBwdcs&google_cver=1
Request Chain 200
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ0NzUzMTgwNzg3MTgxMzYzOA%3D%3D
Request Chain 220
  • https://match.prod.bidr.io/cookie-sync/shr?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/shr?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDOTBrN0cwZjRBQUJfdGdTblFCdw&gdpr=0&gdpr_consent=&bee_sync_partners=pm%2Csas%2Cpp%2Cshr&bee_sync_current_partner=adx&bee_sync_initiator=shr&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pm%2Csas%2Cpp%2Cshr&bee_sync_current_partner=adx&bee_sync_initiator=shr&bee_sync_hop_count=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC90k7G0f4AAB_tgSnQBw&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpp%252Cshr%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpp%2Cshr&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAC90k7G0f4AAB_tgSnQBw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cshr%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cshr&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=5107663499214103132&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAC90k7G0f4AAB_tgSnQBw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D5107663499214103132%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dshr%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?userid=5107663499214103132&gdpr=0&gdpr_consent=&bee_sync_partners=shr&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAC90k7G0f4AAB_tgSnQBw&pid=558502&do=add&gdpr=0 HTTP 303
  • https://match.sharethrough.com/sync/v1?source_id=vyXkw8rSq3j4JmKvTgxR3x1c&source_user_id=AAC90k7G0f4AAB_tgSnQBw&gdpr=0
Request Chain 222
  • https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=themediagrid HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=6175201927420910676&ssp=themediagrid
Request Chain 223
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LA6S718R-H-JE1C&gdpr=0
Request Chain 224
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%3Cvsid%3E HTTP 302
  • https://s2s.t13.io/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=3108270277444370000V10
Request Chain 228
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ads.yieldmo.com/v000/sync?userid=1447531807871813638&pn_id=an
Request Chain 229
  • https://sync.srv.stackadapt.com/sync?nid=21 HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=YTbg-sP2TNVaGVKyssoX_HRaSss&gdpr=&gdpr_consent=
Request Chain 230
  • https://x.bidswitch.net/sync?ssp=yieldmo HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=yieldmo HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=14323083-42d2-4ecd-8a59-be6a0c1ecd3d&ssp=yieldmo&gdpr=&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10524138275672831780&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dyieldmo%26gdpr_consent%3D%26gdpr%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10524138275672831780&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dyieldmo%26gdpr_consent%3D%26gdpr%3D HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=10f90be7-2fc3-48af-b44a-471735ad387f&ssp=yieldmo&gdpr_consent=&gdpr= HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10524138275672831780&ssp=yieldmo&gdpr=&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=209460804328003676604&ssp=yieldmo&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10524138275672831780&ssp=yieldmo&gdpr=&gdpr_consent= HTTP 302
  • https://ads.yieldmo.com/sync?userid=fc240e64-2c43-4293-a491-f4a75f6549c2&pn_id=bsw&extinit=&gdpr=&gdpr_consent=
Request Chain 232
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=g9163c1f9ba564c926ff HTTP 302
  • https://ads.yieldmo.com/v000/sync?tdid=aecd6e24-a5c6-432b-b87d-76314db61f68
Request Chain 233
  • https://pixel-apac.rubiconproject.com/exchange/sync.php?p=yieldmo HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LA6S718R-H-JE1C
Request Chain 234
  • https://yieldmo-match.dotomi.com/match/bounce/current?networkId=42851&version=1 HTTP 302
  • https://yieldmo-match.dotomi.com/match/bounce/current?DotomiTest=4cdbf1dc2d812062&is_secure=true&networkId=42851&version=1 HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=eps&id=AAALXEaF39AMIQMmhHTOAAAAAAA&expiration=1667911825&is_secure=true
Request Chain 236
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=g1c16bcd983f7de09596 HTTP 302
  • https://ads.yieldmo.com/v000/sync?tdid=aecd6e24-a5c6-432b-b87d-76314db61f68
Request Chain 237
  • https://sync.srv.stackadapt.com/sync?nid=21 HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=6tV1AYqSSLBHjMFoFpEXBXRaSss&gdpr=&gdpr_consent=
Request Chain 239
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=sbJruLT7ww0cVEfSKzuMag==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 241
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fjp-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=536872786&val=fecc6368-ff0f-4500-8782-ef9de7e74b2d
Request Chain 242
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3170436936017303866&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 243
  • https://match.adsrvr.org/track/cmf/openx?oxid=6ee4e184-1d7d-7a23-fa20-0b65f822b6d0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=aecd6e24-a5c6-432b-b87d-76314db61f68&ttd_puid=6ee4e184-1d7d-7a23-fa20-0b65f822b6d0&gdpr=0&gdpr_consent=
Request Chain 244
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y2j-EMCo5s4AAKt1bv4AAAAA
Request Chain 245
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AYs24KYSfKVlks8ADwG0vBd2O88AAAGEUiRbzQ
Request Chain 247
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELTkqqrkujz4sgteiM5KKmo&google_cver=1
Request Chain 249
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=sbJruLT7ww0cVEfSKzuMag==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 251
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fjp-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=536872786&val=fecc6368-ff0f-4500-8782-ef9de7e74b2d
Request Chain 252
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2666033777751808314&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 253
  • https://match.adsrvr.org/track/cmf/openx?oxid=6ee4e184-1d7d-7a23-fa20-0b65f822b6d0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=aecd6e24-a5c6-432b-b87d-76314db61f68&ttd_puid=6ee4e184-1d7d-7a23-fa20-0b65f822b6d0&gdpr=0&gdpr_consent=
Request Chain 254
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y2j-EMCo5sIAAHUkLZsAAAAA
Request Chain 255
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AfGEo2-EQhS0ks8ADwG0vBd2P88AAAGEUiRb0w
Request Chain 257
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELTkqqrkujz4sgteiM5KKmo&google_cver=1
Request Chain 260
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rjrqv8k&ttd_tpi=1 HTTP 302
  • https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=aecd6e24-a5c6-432b-b87d-76314db61f68
Request Chain 267
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rjrqv8k&ttd_tpi=1 HTTP 302
  • https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=aecd6e24-a5c6-432b-b87d-76314db61f68
Request Chain 269
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENusNUgCOqeDToLCzLfL4VE&google_cver=1&google_push=ASkJ3FbuVBJn8q1SI-B4mblK9hzNJHCJ1c6DmPkDJ_ICXF2wh12YJywFOYitZ-pZfT52naUI1EkOGzK2kBNgco5JkAd6t4jBoff2Dnk9sWqXbbSoCQvczNBJG9Rt6rnk0_X14SS25MEs2Kh6sShFQxEV9cI HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENusNUgCOqeDToLCzLfL4VE&google_cver=1&google_push=ASkJ3FbuVBJn8q1SI-B4mblK9hzNJHCJ1c6DmPkDJ_ICXF2wh12YJywFOYitZ-pZfT52naUI1EkOGzK2kBNgco5JkAd6t4jBoff2Dnk9sWqXbbSoCQvczNBJG9Rt6rnk0_X14SS25MEs2Kh6sShFQxEV9cI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RU1BbWJMbDgxT1MxQTU1&google_gid=CAESENusNUgCOqeDToLCzLfL4VE&google_cver=1&google_push=ASkJ3FbuVBJn8q1SI-B4mblK9hzNJHCJ1c6DmPkDJ_ICXF2wh12YJywFOYitZ-pZfT52naUI1EkOGzK2kBNgco5JkAd6t4jBoff2Dnk9sWqXbbSoCQvczNBJG9Rt6rnk0_X14SS25MEs2Kh6sShFQxEV9cI
Request Chain 270
  • https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEBan_aaXL642oexneRndVls&google_cver=1&google_push=ASkJ3Fa3xds2Luu9zyQAPFvJJ0uvBanTuuF8VKeUgtxkBQSK0bLu-NIPL0X6HAzHi8siV0SzIR88V6gJ3pTfWbVVlQbFk_3AgAhu-ImhRynp5J2DPF02qr5klGKfhpTvHVkIyXgJuXdvJZm4Fd0EB9lOMdM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=ASkJ3Fa3xds2Luu9zyQAPFvJJ0uvBanTuuF8VKeUgtxkBQSK0bLu-NIPL0X6HAzHi8siV0SzIR88V6gJ3pTfWbVVlQbFk_3AgAhu-ImhRynp5J2DPF02qr5klGKfhpTvHVkIyXgJuXdvJZm4Fd0EB9lOMdM
Request Chain 271
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=ASkJ3FYXRwkLtIYbUwLEJGpSgPFR9GIVyClWPR7LxHkWNo0BNgLw_uHQmw1B5dKOwb38kCcfNRI8VIArzgzbY2H9sbjZOrYMNl4ee7NXrdWrrQtq3q1TYyRBpBK7quf5rCoY-Vl0is7fRwmNZZwGMvs6Svw&google_gid=CAESEBNxRrSrDb6HTS6q-kTQgco&google_cver=1 HTTP 302
  • https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=ASkJ3FYXRwkLtIYbUwLEJGpSgPFR9GIVyClWPR7LxHkWNo0BNgLw_uHQmw1B5dKOwb38kCcfNRI8VIArzgzbY2H9sbjZOrYMNl4ee7NXrdWrrQtq3q1TYyRBpBK7quf5rCoY-Vl0is7fRwmNZZwGMvs6Svw&google_gid=CAESEBNxRrSrDb6HTS6q-kTQgco&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=ASkJ3FYXRwkLtIYbUwLEJGpSgPFR9GIVyClWPR7LxHkWNo0BNgLw_uHQmw1B5dKOwb38kCcfNRI8VIArzgzbY2H9sbjZOrYMNl4ee7NXrdWrrQtq3q1TYyRBpBK7quf5rCoY-Vl0is7fRwmNZZwGMvs6Svw&google_hm=Ad5bi9lsIN4iks8ADv76PiwkX8A
Request Chain 272
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEPe1Z0KiaEPVUj5yIAvaA0A&google_cver=1&google_push=ASkJ3FYaBqngQD4NUQ0mMr48rA10mul9nWoKPxbtmIumh2FH-lUNsDinEYHCQ0e9VuDkk8nFJx7vIC9T3dpCH4PhDkri050lgtUZH6rv17mw_GQwvd8dIO87K997P7DHjWPqytC0bRgd522SaeQCq4u0eQU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ASkJ3FYaBqngQD4NUQ0mMr48rA10mul9nWoKPxbtmIumh2FH-lUNsDinEYHCQ0e9VuDkk8nFJx7vIC9T3dpCH4PhDkri050lgtUZH6rv17mw_GQwvd8dIO87K997P7DHjWPqytC0bRgd522SaeQCq4u0eQU&google_hm=WTJqLUVjQ281czBBQVBWcEJOWUFBQUFB
Request Chain 273
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEMZocYXBxNsJEepmK2W366s&google_cver=1&google_push=ASkJ3FaAKNXE5_7z7z6RYZLyYme5MmIdT1vr5-mNcC5TvmcH-qr-l9R7DJOG4cXuskAwjnXqeJSIop_fJLwfqZdrmsU4IiHQrt3NwFt76UTp6PFfcV2bubyVPhzTgW25oH9KW2hb50pBap653etkP0YdSb0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3FaAKNXE5_7z7z6RYZLyYme5MmIdT1vr5-mNcC5TvmcH-qr-l9R7DJOG4cXuskAwjnXqeJSIop_fJLwfqZdrmsU4IiHQrt3NwFt76UTp6PFfcV2bubyVPhzTgW25oH9KW2hb50pBap653etkP0YdSb0&google_hm=abe6d8ee1230d0783d6850ccc87d12ba
Request Chain 274
  • https://an.yandex.ru/mapuid/google/CAESEDqlw1VtilrkMCIKASTQL_Q?ext-param=ASkJ3FZPArTms9HqLdJ8gH9wPzWdWNcT3cB0OZWuMdn4mGxOk-sWpWYXxVOjHlAlMhKatMI4kIv_-NxJed8q_4PnRDsvL88k0rTeHnJ7akB1mzcoBrEbttl0Uw1SYV5U_aMxIv_RcWs4Bh6JrE6SHPqyJtEQ&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEDqlw1VtilrkMCIKASTQL_Q?redir-setuniq=1&ext-param=ASkJ3FZPArTms9HqLdJ8gH9wPzWdWNcT3cB0OZWuMdn4mGxOk-sWpWYXxVOjHlAlMhKatMI4kIv_-NxJed8q_4PnRDsvL88k0rTeHnJ7akB1mzcoBrEbttl0Uw1SYV5U_aMxIv_RcWs4Bh6JrE6SHPqyJtEQ&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEDqlw1VtilrkMCIKASTQL_Q&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 275
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26&google_push=ASkJ3FZUfDHn1F5hhddYkxAzk3wlZzP5fPvUoV3b7l2wUTLsKRit4p2t1tlj-WHsmd96jX-VSjrY3FrV17rE6msSOwfLoN-WxqQHe_8-5hIGkD8FyJ_ScHpRchzB9BKrchc19iaIfK-iUQ-nOCqCGay0-EOD?google_gid=CAESEFi-dx4aIx7Qy3iz88KxKfY&google_cver=1 HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26&google_push=ASkJ3FZUfDHn1F5hhddYkxAzk3wlZzP5fPvUoV3b7l2wUTLsKRit4p2t1tlj-WHsmd96jX-VSjrY3FrV17rE6msSOwfLoN-WxqQHe_8-5hIGkD8FyJ_ScHpRchzB9BKrchc19iaIfK-iUQ-nOCqCGay0-EOD?google_gid=CAESEFi-dx4aIx7Qy3iz88KxKfY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=fc240e64-2c43-4293-a491-f4a75f6549c2&&google_push=ASkJ3FZUfDHn1F5hhddYkxAzk3wlZzP5fPvUoV3b7l2wUTLsKRit4p2t1tlj-WHsmd96jX-VSjrY3FrV17rE6msSOwfLoN-WxqQHe_8-5hIGkD8FyJ_ScHpRchzB9BKrchc19iaIfK-iUQ-nOCqCGay0-EOD
Request Chain 278
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fanotepad.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fanotepad.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 279
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fanotepad.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fanotepad.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 289
  • https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Request Chain 290
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 291
  • https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=1447531807871813638
Request Chain 292
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=258986a3-1dd2-4640-90a5-14a20f8e9682
Request Chain 293
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-z4o2mKZE2uEI1hoIy8ekMnM.ZFLUcwVa~A
Request Chain 294
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=aecd6e24-a5c6-432b-b87d-76314db61f68&ttl=1670417424
Request Chain 295
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LA6S718R-H-JE1C
Request Chain 297
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkJBMUMwOUMtOENENC00OTM0LThCQkEtQUQzQzcwREE5QzJF&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8BEF0174-B64A-4E0E-8223-1C141AF7A63B HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
Request Chain 298
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=0cedcec1-0595-4a97-9e3c-1b0a7c3569e7-6368ff11-4e5a&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D0cedcec1-0595-4a97-9e3c-1b0a7c3569e7-6368ff11-4e5a%26partner_url%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D54%2526uid%253D0cedcec1-0595-4a97-9e3c-1b0a7c3569e7-6368ff11-4e5a HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=0cedcec1-0595-4a97-9e3c-1b0a7c3569e7-6368ff11-4e5a&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D0cedcec1-0595-4a97-9e3c-1b0a7c3569e7-6368ff11-4e5a%26partner_url%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D54%2526uid%253D0cedcec1-0595-4a97-9e3c-1b0a7c3569e7-6368ff11-4e5a&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=0cedcec1-0595-4a97-9e3c-1b0a7c3569e7-6368ff11-4e5a&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D0cedcec1-0595-4a97-9e3c-1b0a7c3569e7-6368ff11-4e5a HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=0cedcec1-0595-4a97-9e3c-1b0a7c3569e7-6368ff11-4e5a
Request Chain 299
  • https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-eVaSTF1E2uGV1w.yBEeB33i_xZSYu2r4Pw.rcBM-~A
Request Chain 301
  • https://dpm.demdex.net/ibs:dpid=152416&dpuuid=4bsdjqwqbccx9qtwk2lqzo3fu HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=4bsdjqwqbccx9qtwk2lqzo3fu
Request Chain 303
  • https://idsync.rlcdn.com/403716.gif?partner_uid=4bsdjqwqbccx9qtwk2lqzo3fu HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=3b229ee2-d03a-4c43-a559-8b96c1b9d708
Request Chain 347
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Request Chain 351
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=bbKSG2YzRkywCiUijFUM7Q&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=bbKSG2YzRkywCiUijFUM7Q
Request Chain 352
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/amZOOkLx5N1g2j81g5SqEQ?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=9014975176109573877
Request Chain 353
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=uHLWG2o0SiSeV3D5j9J3wQ&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=uHLWG2o0SiSeV3D5j9J3wQ
Request Chain 354
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=ZDM4YzljNWEyMmNiODhkYzVlOWFlMDljYzQ4YjEzMjE3ZDg0NDU0Zg&google_cm HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFz_aoXEISYBSz9li5K3k-s&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEE2UzcxOFItSC1KRTFD&google_push=
Request Chain 355
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPy7hgK70Jd4nct3e9lkzq4&google_cver=1
Request Chain 356
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=aecd6e24-a5c6-432b-b87d-76314db61f68&gdpr=0&gdpr_consent=&expires=30
Request Chain 357
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LA6S718R-H-JE1C
Request Chain 358
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEE2UzcxOFItSC1KRTFD
Request Chain 365
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y2j-ELQHPsPZv3bjUYpljgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN4SQa1OALnhuyPoYIq7Y6w&google_cver=1
Request Chain 366
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=aecd6e24-a5c6-432b-b87d-76314db61f68&expiration=1670417425&gdpr=0&gdpr_consent=
Request Chain 367
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y2j_EAd7Z_oQdoUVVA8JQQAAEmQAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBDtyP-HU6-URD6w5BUhMr0&google_cver=1
Request Chain 368
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2j_EAd7Z_oQdoUVVA8JQQAAEmQAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2j_EAd7Z_oQdoUVVA8JQQAAEmQAAAIB&dcc=t
Request Chain 369
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y2j_EAd7Z_oQdoUVVA8JQQAAEmQAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y2j_EAd7Z_oQdoUVVA8JQQAAEmQAAAIB
Request Chain 370
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=3e116b3e-d2a7-036e-2abdccb7
Request Chain 371
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=NtxKD2aJTQYt1kgPNY1RAmKJGFItiU9TOd8phXua
Request Chain 372
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1447531807871813638
Request Chain 374
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=aecd6e24-a5c6-432b-b87d-76314db61f68&expiration=1670417426&gdpr=0&gdpr_consent=
Request Chain 375
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y2j_ELQHPsPZv3bjUYpljgAAFMIAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBDtyP-HU6-URD6w5BUhMr0&google_cver=1
Request Chain 376
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2j_ELQHPsPZv3bjUYpljgAAFMIAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2j_ELQHPsPZv3bjUYpljgAAFMIAAAAB&dcc=t
Request Chain 377
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y2j-ELQHPsPZv3bjUYpljgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN4SQa1OALnhuyPoYIq7Y6w&google_cver=1
Request Chain 380
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1683463826&external_user_id=e5942ac9-15b6-4f9f-a1d0-c65df4a77304
Request Chain 381
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=VqA0OO2CTj1jmXkEhs-heHRaSss
Request Chain 385
  • https://c1.adform.net/serving/cookie/match?party=14&cid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B&gdpr=0&gdpr_consent=
Request Chain 386
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:fecc6368-ff0f-4500-8782-ef9de7e74b2d&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8BEF0174-B64A-4E0E-8223-1C141AF7A63B HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
Request Chain 387
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y2j-EgAGTIs6agAO HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y2j-EgAGTIs6agAO&gdpr=0&gdpr_consent=&_test=Y2j-EgAGTIs6agAO HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 388
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1447531807871813638&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8BEF0174-B64A-4E0E-8223-1C141AF7A63B HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
Request Chain 389
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xq51zsjdhgk HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8BEF0174-B64A-4E0E-8223-1C141AF7A63B HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
Request Chain 390
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=x7-2Q5fqsUrc7bdNxuqtTsO64h3ctLRNwO5_Itiu HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8BEF0174-B64A-4E0E-8223-1C141AF7A63B HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
Request Chain 392
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=JuyJllLzRP5fddEZArGtwXRaSss HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8BEF0174-B64A-4E0E-8223-1C141AF7A63B HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
Request Chain 394
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=hUCdsSvsBUCtDCbFEv9oYw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8BEF0174-B64A-4E0E-8223-1C141AF7A63B HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
Request Chain 395
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=15989db9f61442c79a4145281c70897b HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8BEF0174-B64A-4E0E-8223-1C141AF7A63B HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
Request Chain 397
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:EMAmbLl81OS1A55&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8BEF0174-B64A-4E0E-8223-1C141AF7A63B HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
Request Chain 399
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 403
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5CD9ABE038A94558A4EDA8DC9C7BD82B&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 404
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=i-8BdLZKTg6CIxwUGvemOw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 405
  • https://idsync.rlcdn.com/420486.gif?partner_uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=565a60a2125d62208428c469df44259f06262657d7aa6a246b16bda1c95d8ffa791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA1NjVhNjBhMjEyNWQ2MjIwODQyOGM0NjlkZjQ0MjU5ZjA2MjYyNjU3ZDdhYTZhMjQ2YjE2YmRhMWM5NWQ4ZmZhNzkxNDI2YjU0MTdkY2UyMRAAGgwIkv6jmwYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA1NjVhNjBhMjEyNWQ2MjIwODQyOGM0NjlkZjQ0MjU5ZjA2MjYyNjU3ZDdhYTZhMjQ2YjE2YmRhMWM5NWQ4ZmZhNzkxNDI2YjU0MTdkY2UyMRAAGgwIkv6jmwYSBAgCEABCAEoA&google_gid=CAESEME6gZ7atujZ3DmBzNa0zRU&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=2218b310-3bed-4d17-a611-7e4f5f07a76d
Request Chain 406
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=fecc6368-ff0f-4500-8782-ef9de7e74b2d
Request Chain 407
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEJFRjAxNzQtQjY0QS00RTBFLTgyMjMtMUMxNDFBRjdBNjNC&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8BEF0174-B64A-4E0E-8223-1C141AF7A63B HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
Request Chain 408
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEK_0jnOvaTjmfRy-Lmwt59A&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8BEF0174-B64A-4E0E-8223-1C141AF7A63B HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
Request Chain 409
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:EFB58C39959848CF98FAFE5E90FBBA3A HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 411
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=aecd6e24-a5c6-432b-b87d-76314db61f68&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8BEF0174-B64A-4E0E-8223-1C141AF7A63B HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
Request Chain 412
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6175201927420910676
Request Chain 413
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7osKyzxE2uV2NV5nR88USJ_7vlKf8s0-~A&gdpr=0&gdpr_consent=
Request Chain 414
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=fc240e64-2c43-4293-a491-f4a75f6549c2 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=fc240e64-2c43-4293-a491-f4a75f6549c2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=5a23bee7-cf80-482b-83af-8635d41aecd9&user_group=1&ssp=pubmatic&bsw_param=fc240e64-2c43-4293-a491-f4a75f6549c2 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=fc240e64-2c43-4293-a491-f4a75f6549c2&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 415
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2666033777751808314&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 416
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=167d5ef7982920a8&is_secure=true&networkId=17100&version=1&nuid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALmhe7Dh2e-gNIpIfVAAAAAAA&expiration=1667911827&nuid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 417
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1447531807871813638
Request Chain 419
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2j_EOPXzZ1yIvSljRgADwAAEpIAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2j_EOPXzZ1yIvSljRgADwAAEpIAAAAB&dcc=t
Request Chain 420
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y2j-EOPXzZ1yIvSljRgADwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN4SQa1OALnhuyPoYIq7Y6w&google_cver=1
Request Chain 421
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=aecd6e24-a5c6-432b-b87d-76314db61f68&expiration=1670417426&gdpr=0&gdpr_consent=
Request Chain 422
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y2j_EOPXzZ1yIvSljRgADwAAEpIAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBDtyP-HU6-URD6w5BUhMr0&google_cver=1
Request Chain 424
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2666033777751808314
Request Chain 425
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=9B4E31979F8D4E72B480B22951A5C75C
Request Chain 426
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y2j-EOPXzZ1yIvSljRgADwAA%264754?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y2j-EOPXzZ1yIvSljRgADwAA%264754
Request Chain 434
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&khaos=LA6S718R-H-JE1C HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LA6S718R-H-JE1C
Request Chain 457
  • https://x.bidswitch.net/sync?ssp=sortable HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=fc240e64-2c43-4293-a491-f4a75f6549c2&ssp=sortable&gdpr=&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10524138275672831780&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dsortable%26gdpr_consent%3D%26gdpr%3D HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=10f90be7-2fc3-48af-b44a-471735ad387f&ssp=sortable&gdpr_consent=&gdpr= HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10524138275672831780&ssp=sortable&gdpr=&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=207460804328003677870&ssp=sortable&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10524138275672831780&ssp=sortable&gdpr=&gdpr_consent= HTTP 302
  • https://s2s.t13.io/setuid?bidder=bidswitch&gdpr=&gdpr_consent=&us_privacy=&uid=fc240e64-2c43-4293-a491-f4a75f6549c2
Request Chain 461
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 462
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1667825427329.6&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Request Chain 463
  • https://ssc-cms.33across.com/ps/?_=1667825427329.&ri=zzz000000000002zzz&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X HTTP 302
  • https://s2s.t13.io/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=&f=b&uid=212025377257192
Request Chain 464
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=the33across&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=aecd6e24-a5c6-432b-b87d-76314db61f68&expires=30&ssp=the33across&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21} HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=fc240e64-2c43-4293-a491-f4a75f6549c2 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=fc240e64-2c43-4293-a491-f4a75f6549c2&ts=1667825428&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 465
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1667825427329.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=fecc6368-ff0f-4500-8782-ef9de7e74b2d
Request Chain 466
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=0cedcec1-0595-4a97-9e3c-1b0a7c3569e7-6368ff11-4e5a HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=45&external_user_id=0cedcec1-0595-4a97-9e3c-1b0a7c3569e7-6368ff11-4e5a&ts=1667825428&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 467
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1667825427329.7&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D90%2526external_user_id%253D%2524UID HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID HTTP 302
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=1447531807871813638
Request Chain 476
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1667825428861 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3307588191 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/aecd6e24-a5c6-432b-b87d-76314db61f68 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-d198bfc5-cb4a-4f60-b1da-4878327bd77c-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-d198bfc5-cb4a-4f60-b1da-4878327bd77c-004 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d198bfc5-cb4a-4f60-b1da-4878327bd77c-004
Request Chain 477
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=8BEF0174-B64A-4E0E-8223-1C141AF7A63B&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=8BEF0174-B64A-4E0E-8223-1C141AF7A63B&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 479
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=8BEF0174-B64A-4E0E-8223-1C141AF7A63B HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=10f90be7-2fc3-48af-b44a-471735ad387f%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=aecd6e24-a5c6-432b-b87d-76314db61f68&ttd_puid=10f90be7-2fc3-48af-b44a-471735ad387f%2C
Request Chain 482
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=9B4E31979F8D4E72B480B22951A5C75C
Request Chain 485
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=EMAmbLl81OS1A55
Request Chain 486
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y2j-EgAGTIs6agAO
Request Chain 488
  • https://bk.r-ad.ne.jp/3/cs HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537097918&val=51LCoT007BDAY008SkuH
Request Chain 491
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsmartadserver%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://s2s.t13.io/setuid?bidder=smartadserver&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=5107663499214103132
Request Chain 494
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LA6S718R-H-JE1C HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LA6S718R-H-JE1C HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LA6S718R-H-JE1C&ts=1667825428&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

518 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 32ay37df
anotepad.com/notes/ 		17 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://anotepad.com/notes/32ay37df
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.22.3.241 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
anotepad.com
Software
Microsoft-IIS/10.0 /
Resource Hash
aa9b104349488eae675c7bffc141d805121107e76a10f1215ef9f5069ea67d71
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
private
content-encoding
gzip
content-length
7345
content-type
text/html; charset=utf-8
date
Mon, 07 Nov 2022 12:50:13 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.1/css/ 		119 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.1/css/bootstrap.min.css
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://anotepad.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
417143
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16120
last-modified
Mon, 04 May 2020 16:17:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04010-1da71"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VwuDYOe%2FUKtAZD%2FoCRF%2Fb37fY%2FMsDpK%2BEZk1AcuTXMVTngVcgjQgEdcBR7XAumO0efagzSQIaU0OMH%2B7U4ZzmLgDO7aAJL6sXfO2LhPkyByXdBsK2%2FFbMHL0sxGIRy%2BBP5kuR4o6"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
76663186bb35a831-SYD
expires
Sat, 28 Oct 2023 12:50:14 GMT
site-css
cdn.anotepad.com/bundles/ 		23 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.anotepad.com/bundles/site-css?v=4hu3a1rsFp3t7IDaLit_XEsdHIVqr-K1iQ_z2Iuwybs1
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.243.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-243-7.mxp63.r.cloudfront.net
Software
Microsoft-IIS/10.0 /
Resource Hash
fe7d3629df2573982a89639c7f273039095ba42bf6c2d6ab00af2ffa0539e567
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 05:53:42 GMT
content-encoding
gzip
via
1.1 fcd8545d1b62265bb65a45721c43e6ac.cloudfront.net (CloudFront)
last-modified
Wed, 12 Oct 2022 05:53:43 GMT
server
Microsoft-IIS/10.0
x-amz-cf-pop
MXP63-P3
age
2271390
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
x-cache
Hit from cloudfront
cache-control
public
x-amz-cf-id
KwuKhQKbyL0EK5ML9nP2Itk_vGg7LJ84_--UuTAm4_pWzF6v-vkHbw==
expires
Thu, 12 Oct 2023 05:53:43 GMT
cls.css
a.pub.network/core/pubfig/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/cls.css
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.206 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36367e0c3f5a8b490bebc5bfc526b10c7d4e4c371eb2b73d438f80f167fb9ca4

Request headers

Referer
Origin
https://anotepad.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:14 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2000
x-guploader-uploadid
ADPycduVffItkyYjSyIr3TRVxxM-mmpt__1gqTXKmmye5h7r3BtVr11i9tMqypQnRYWir2CkZX3DxWYoo6t33XV3FlXSjA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Fri, 28 Oct 2022 14:36:10 GMT
server
cloudflare
etag
W/"816783146b3907e634d0e822ca759864"
vary
Accept-Encoding
x-goog-hash
crc32c=4G+Zdg==, md5=gWeDFGs5B+Y00OgiynWYZA==
x-goog-generation
1666967770269941
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
2096
cf-ray
766631866856fb80-AKL
expires
Mon, 07 Nov 2022 13:50:14 GMT
anotepad.svg
cdn.anotepad.com/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.anotepad.com/images/anotepad.svg
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.243.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-243-7.mxp63.r.cloudfront.net
Software
Microsoft-IIS/10.0 /
Resource Hash
00a1081b52175533a7f3b857f50cd13add6909e438464b56998e51d827ada440
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 05 Nov 2022 05:53:43 GMT
content-encoding
gzip
via
1.1 fcd8545d1b62265bb65a45721c43e6ac.cloudfront.net (CloudFront)
last-modified
Sat, 13 Feb 2021 21:52:25 GMT
server
Microsoft-IIS/10.0
x-amz-cf-pop
MXP63-P3
age
197790
etag
W/"8fdbe283522d71:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
x-cache
Hit from cloudfront
cache-control
max-age=604800
x-amz-cf-id
eKziYmBd_TMiyAokawvZElOPdO_rdbfoibPD0g1Wna_QGBokAShs5Q==
pubfig.min.js
a.pub.network/anotepad-com/ 		165 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/anotepad-com/pubfig.min.js
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.206 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3ced260cba8dbd420fa2a127062350d681174c4ed26cdf80ce1c64014b7694f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:14 GMT
content-encoding
gzip
cf-cache-status
HIT
age
227331
x-guploader-uploadid
ADPycdu89KqZCeTnbw71WnveUHeT_RgrS1tJ0i6Wrw-j0RQfu_3BW1Kzzp4Jbts-R7MOY-uirf7oX6WECP7BfxXU76ABMQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Fri, 04 Nov 2022 20:33:34 GMT
server
cloudflare
etag
W/"104d87eff83ff0174df4fd9370be49a7"
vary
Accept-Encoding
x-goog-generation
1667594013928584
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=Bmmdqw==, md5=EE2H7/g/8BdN9P2TcL5Jpw==
access-control-expose-headers
*
cache-control
public, max-age=1800
x-goog-stored-content-length
168966
cf-ray
7666318a0e63fb88-AKL
expires
Mon, 07 Nov 2022 13:20:14 GMT
badge_applestore.png
cdn.anotepad.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.anotepad.com/images/badge_applestore.png
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.243.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-243-7.mxp63.r.cloudfront.net
Software
Microsoft-IIS/10.0 /
Resource Hash
7f9164a13476744c911fea7dbab9a2924750f69f82ec1d51d2a09e64638952c0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 13:38:54 GMT
via
1.1 fcd8545d1b62265bb65a45721c43e6ac.cloudfront.net (CloudFront)
last-modified
Sun, 12 Jan 2020 18:32:03 GMT
server
Microsoft-IIS/10.0
x-amz-cf-pop
MXP63-P3
age
256280
etag
"82bdb9576c9d51:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
x-cache
Hit from cloudfront
cache-control
max-age=604800
accept-ranges
bytes
content-length
3050
x-amz-cf-id
ICMxm18EVNobdBDT_U4Zu4VtgAuaWr_aA7SHp_8-M7j3mq_ulIQzxw==
badge_playstore.png
cdn.anotepad.com/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.anotepad.com/images/badge_playstore.png
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.243.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-243-7.mxp63.r.cloudfront.net
Software
Microsoft-IIS/10.0 /
Resource Hash
f45f42097ab97da2bd3034f5f7331e2283a38f7147638825cd71912fe8dcbbb6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 05 Nov 2022 18:02:07 GMT
via
1.1 fcd8545d1b62265bb65a45721c43e6ac.cloudfront.net (CloudFront)
last-modified
Sun, 12 Jan 2020 18:32:03 GMT
server
Microsoft-IIS/10.0
x-amz-cf-pop
MXP63-P3
age
432387
etag
"bf8eda9576c9d51:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
x-cache
Hit from cloudfront
cache-control
max-age=604800
accept-ranges
bytes
content-length
3709
x-amz-cf-id
MrbQ1vhYlK7gHz5hn04sVHf1x2qdEzglQnKZenUez_T9A4IWMrPvCg==
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://anotepad.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
808761
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30360
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P5Z1vc0MicqAbKysJMr4cdg1lFT63oQ0yD6r2VycG47dj5X8HOW59P4WnvzxiTnY7IHs2RQTgz%2FFvK4oX9x3iOfqOumD9KzLpM842pNVicx7PrCFeXTbMdH59lz4gMaVn44idT3B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
766631875bbaa831-SYD
expires
Sat, 28 Oct 2023 12:50:14 GMT
jquery-ui.min.js
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/ 		248 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://anotepad.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1626873
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
57137
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-3dee5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IzDzZK%2B9l9Kh5ofoMl%2FAuz%2FQEdm19kpF6pmwYVv2mKhCvUqiCAO8W3Vy6J%2BtRKUBlUJ00O84MZDIIlki10ac%2BBW9nE1Vuq0tqXdHgfPpvBNFLfo6olmw7cFeHK4z4oQ5l%2Fcv0xB7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
766631875bbba831-SYD
expires
Sat, 28 Oct 2023 12:50:14 GMT
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.1/js/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.1/js/bootstrap.min.js
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://anotepad.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
494290
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9687
last-modified
Mon, 04 May 2020 16:17:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04010-9b00"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GYi7on2OoUmE1x3W%2FG57CcpMtnEmgphLRo5p1aHDWMs1FwUEm%2FCbM4arpQDUUI6U7aLPfIJoo3MPGHhAuTFJHhRApj6DqTRhxLFTHEWNE%2FWJ6%2FwKUOeMB6kAFYKT5UqVwGSAqx87"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
76663187bc19a831-SYD
expires
Sat, 28 Oct 2023 12:50:14 GMT
site-js
cdn.anotepad.com/bundles/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.anotepad.com/bundles/site-js?v=gvft93-f_EIjqMbaLCGGu05OimEkamlLxMpcKFZJMHk1
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.243.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-243-7.mxp63.r.cloudfront.net
Software
Microsoft-IIS/8.5 /
Resource Hash
b22985e70370df24230b8e906631c7fca30d8b251232d20be31b107228fd1903
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 05:46:45 GMT
content-encoding
gzip
via
1.1 fcd8545d1b62265bb65a45721c43e6ac.cloudfront.net (CloudFront)
last-modified
Sat, 01 Oct 2022 05:46:46 GMT
server
Microsoft-IIS/8.5
x-amz-cf-pop
MXP63-P3
age
3222208
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-cache
Hit from cloudfront
cache-control
public
x-amz-cf-id
2nsyt3qnTL1NGC6OFGUOYAcLlfqNIYEAbIhgjScj32bKryfnP-9dBg==
expires
Sun, 01 Oct 2023 05:46:46 GMT
addthis_widget.js
s7.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.116.154 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-116-154.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Mon, 07 Nov 2022 12:50:15 GMT
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
x-host
s7.addthis.com
content-length
116325
gtm.js
www.googletagmanager.com/ 		116 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NQC99C3
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
c1b10d4a6e077f317e6ff7e03854087ce4d004cdff1c8ed683d26b951aa3b622
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45939
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 07 Nov 2022 12:50:15 GMT
css2
fonts.googleapis.com/ 		716 B
874 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@700&display=swap
Requested by
Host: cdn.anotepad.com
URL: https://cdn.anotepad.com/bundles/site-css?v=4hu3a1rsFp3t7IDaLit_XEsdHIVqr-K1iQ_z2Iuwybs1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f95.1e100.net
Software
ESF /
Resource Hash
442a9b031afd1f2ce0f3952d288c522c35ee3f1c924ac0303cff18f139e01bbb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 07 Nov 2022 12:50:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 12:50:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 07 Nov 2022 12:50:15 GMT
icon_language_light.png
cdn.anotepad.com/Images/icons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.anotepad.com/Images/icons/icon_language_light.png
Requested by
Host: cdn.anotepad.com
URL: https://cdn.anotepad.com/bundles/site-css?v=4hu3a1rsFp3t7IDaLit_XEsdHIVqr-K1iQ_z2Iuwybs1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.243.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-243-7.mxp63.r.cloudfront.net
Software
Microsoft-IIS/10.0 /
Resource Hash
84d8eb6af559cc3d679dcbbdc021f2bcd43b699edaf99c7443b0e30c1e65e205
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.anotepad.com/bundles/site-css?v=4hu3a1rsFp3t7IDaLit_XEsdHIVqr-K1iQ_z2Iuwybs1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 05 Nov 2022 04:01:44 GMT
via
1.1 fcd8545d1b62265bb65a45721c43e6ac.cloudfront.net (CloudFront)
last-modified
Fri, 17 Dec 2021 20:59:14 GMT
server
Microsoft-IIS/10.0
x-amz-cf-pop
MXP63-P3
age
204555
etag
"29b381f288f3d71:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
x-cache
Hit from cloudfront
cache-control
max-age=604800
accept-ranges
bytes
content-length
2752
x-amz-cf-id
fQZZYp-2A33cq1YOZb7tfxtvulivDi0BSiGvQnDalfisV01tOvmY4w==
icon_sprites.png
cdn.anotepad.com/Images/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.anotepad.com/Images/icon_sprites.png?v2
Requested by
Host: cdn.anotepad.com
URL: https://cdn.anotepad.com/bundles/site-css?v=4hu3a1rsFp3t7IDaLit_XEsdHIVqr-K1iQ_z2Iuwybs1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.243.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-243-7.mxp63.r.cloudfront.net
Software
Microsoft-IIS/10.0 /
Resource Hash
83082bb4bb6a5e5d829a8b5eed8d7b3f7376cd124713a42d485dde21c26454cf
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.anotepad.com/bundles/site-css?v=4hu3a1rsFp3t7IDaLit_XEsdHIVqr-K1iQ_z2Iuwybs1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 05 Nov 2022 09:44:54 GMT
via
1.1 fcd8545d1b62265bb65a45721c43e6ac.cloudfront.net (CloudFront)
last-modified
Wed, 21 Sep 2022 04:34:37 GMT
server
Microsoft-IIS/10.0
x-amz-cf-pop
MXP63-P3
age
184064
etag
"ad6487573cdd81:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
x-cache
Hit from cloudfront
cache-control
max-age=604800
accept-ranges
bytes
content-length
15608
x-amz-cf-id
IzMoAKWJoPVAgZKCYc9cb5LJVcZn4VVusUV3oNr9uRHZvwuO08D_HA==
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://anotepad.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 11:54:50 GMT
x-content-type-options
nosniff
age
521726
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Nov 2023 11:54:50 GMT
v2ngb0s69zL1SvMtafNBaiy6oeOUA3KSLu_fpFM-TmuQSm7Twnol_tDSsIQ
curvedhoney.com/ 		92 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://curvedhoney.com/v2ngb0s69zL1SvMtafNBaiy6oeOUA3KSLu_fpFM-TmuQSm7Twnol_tDSsIQ
Requested by
Host: a.pub.network
URL: https://a.pub.network/anotepad-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.181.170 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
170.181.110.34.bc.googleusercontent.com
Software
/
Resource Hash
ee02f3067b0e2b082aef93be179c0ca1e2a3204c78a610ca6189174db5ba04f8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Mon, 07 Nov 2022 12:50:16 GMT
x-datacenter
gce-us-west1
etag
"2107bc678fdfefbb75449fbbead19a9f79eb2aadd4f2adfdde05003f30932ca7"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-us-west1-spot-vjtw
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
686128341
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
init
d.pub.network/v2/ 		36 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/v2/init?siteId=2321&env=PROD
Requested by
Host: a.pub.network
URL: https://a.pub.network/anotepad-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.206 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49309e5aeccd601a6720ba553a17ad61c1f3f740de90ca6c3ab9304867c0ddc8

Request headers

Accept
application/json, text/plain, */*
Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:16 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
cf-ray
766631915e92fb80-AKL
loadcomment
anotepad.com/note/ 		523 B
423 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://anotepad.com/note/loadcomment
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.22.3.241 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
anotepad.com
Software
Microsoft-IIS/10.0 /
Resource Hash
c4cbcc68d7a949e09034b1bdf19f4da6d9727b7f0d91bfaa146579d84d027f25
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://anotepad.com/notes/32ay37df
X-Requested-With
XMLHttpRequest
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 07 Nov 2022 12:50:15 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
private
content-length
360
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQC99C3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 07 Nov 2022 11:48:15 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
3721
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Mon, 07 Nov 2022 13:48:15 GMT
js
www.googletagmanager.com/gtag/ 		214 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6PG3MM86KX&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQC99C3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
d08b654bbde3895f2aa76475df2a1b8ef409d4402a5ac58ad67adbf7fbd34ba9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76468
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 07 Nov 2022 12:50:16 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/anotepad-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-81.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 02:17:18 GMT
content-encoding
gzip
via
1.1 cccd1c02ebcc6a46e3ee52075ec059e8.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
37984
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
aLHrw_WdNtJWPR9oQCt8Y_Q7FlxRI2ebByPXiuFQJ0NaaVu_K4Bg6Q==
pubfig.engine.4.35.0.e0d13514c58243f74fadfae994357dea0b370718.js
a.pub.network/core/pubfig/ 		441 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/pubfig.engine.4.35.0.e0d13514c58243f74fadfae994357dea0b370718.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/anotepad-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.206 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39c1cd3d955799c71f8f85a01290ff02425b3b92340a8f83d46213fd65050183

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:16 GMT
content-encoding
gzip
cf-cache-status
HIT
age
227658
x-guploader-uploadid
ADPycdsaCgbyL6bfvs9swnjQ9WcftIWBJAAqmwoIgdt1NE9VQGzey4igajSrHaR9Sz_D3YmXx4l7AM-FCz4Qz-pAxRY-ZNXAqVRb
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Fri, 04 Nov 2022 20:12:41 GMT
server
cloudflare
etag
W/"7c33dce329089985204b23b52823a204"
vary
Accept-Encoding
x-goog-generation
1667592761308512
content-language
en
content-type
application/javascript
x-goog-hash
crc32c=CIBmRg==, md5=fDPc4ykImYUgSyO1KCOiBA==
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
452087
access-control-allow-origin
*
cf-ray
766631965c93fb88-AKL
expires
Mon, 07 Nov 2022 13:50:16 GMT
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.72.45.156 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-45-156.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

unused62
8096267
date
Mon, 07 Nov 2022 12:50:17 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
9C19F84C300AB21E
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=28725
accept-ranges
bytes
content-length
948
x-amz-id-2
Ra356N8tIoL0n/Q1Pk0o2L06qrqQE5D2z7xBrlWvTT4dvoQSdLidy3QEc6Zsh5SagE6BmbajT6s=
config.js
cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/ 		114 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.35.0.e0d13514c58243f74fadfae994357dea0b370718.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.107 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
244048e73946a6788e9376e826d4717d50bdaeff7ab1be560fcdaa43f3864163

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 07 Nov 2022 11:50:03 GMT
server
cloudflare
x-amz-request-id
KG2DXF9P2G79RX5H
age
270
etag
W/"f497653768e4dd5a8d9dede9a54d29bd"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
7666319a19feee96-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
JLJiwpD33kCXH2ut8J9CEFlCRN+L+2+341vAwHceHdh6UjcLX735+8gnVn6qLooD4fqIaJfdg6g=
gpt.js
www.googletagservices.com/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.35.0.e0d13514c58243f74fadfae994357dea0b370718.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
sffe /
Resource Hash
ecba68e0d565219c117d5b851f2f6d60847655f1502e49aa83eeac8d4e3ede7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27376
x-xss-protection
0
server
sffe
etag
"1386 / 315 of 1000 / last-modified: 1667822841"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 07 Nov 2022 12:50:17 GMT
tag
btloader.com/
Redirect Chain
  • https://freestar-io.videoplayerhub.com/gallery.js
  • https://btloader.com/tag?h=freestar-io&upapi=true
876 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=freestar-io&upapi=true
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
H2
Server
104.26.6.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f5cb13f54997c6eb4c0a2be63c170b50bc1cae0599f5ba3d3dc710bcd9901d1

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:17 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 07 Nov 2022 11:58:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3134
etag
W/"ed2e29ea0ef44eaee45e53f958dfa086"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RjLHjYbT1SlVquHIl5JHZ%2BD8XGHnA6vsTgpeQdmqgcxUWWLHSLFEgFe3d%2Baimo8hwPj2DyZXBPL5P03jWwqwxd8oXqv0RsZcU0q6RJmr%2FJQPvRQsMx4BUMEQVLqE6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=86400
cf-ray
7666319d5865aafc-SYD

Redirect headers

date
Mon, 07 Nov 2022 12:50:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MRBOdnTKuoQpebdgwhnbUNedaSnviNka3ycZfOWCteGxnlIBAVHE488NgnWSVeztucquoo1NmacU4T76u%2Bj7QFheYkRExhVyR%2FxKb5fT1gY9hs%2F2CTQiElEbw%2FrUiRXffnW2h0zHa1XJYOKPS%2BKYCg%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=freestar-io&upapi=true
cache-control
max-age=3600
cf-ray
7666319a9f67a94a-SYD
expires
Mon, 07 Nov 2022 13:50:17 GMT
prebid-analytics-7.19.4.js
a.pub.network/core/ 		542 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-analytics-7.19.4.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.35.0.e0d13514c58243f74fadfae994357dea0b370718.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.206 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc0a663389200c5c44fc2389dbcd17ac03a7c8d51e39f8468c590c0a047318c9

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:17 GMT
content-encoding
gzip
cf-cache-status
HIT
age
54853
x-guploader-uploadid
ADPycdu8mOhxxTVLbFaSJNHXXIkKYKBBYTSR-CfJ_9WJDzD6D5k0MxxszYL-hwD4kveit5Ttz9HnoLfzO_jjaf4MmJm0OA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
last-modified
Thu, 27 Oct 2022 16:32:08 GMT
server
cloudflare
etag
W/"9ff3981df241fac09663c9b33ed874a8"
vary
Accept-Encoding
x-goog-generation
1666888328115930
content-type
text/html
access-control-allow-origin
*
x-goog-hash
crc32c=c2UxXg==, md5=n/OYHfJB+sCWY8mzPth0qA==
content-language
en
access-control-expose-headers
*
cache-control
public, max-age=31481137
x-goog-stored-content-length
555138
cf-ray
76663198adf7fb88-AKL
expires
Mon, 06 Nov 2023 21:35:54 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1667825417015&ns_c=UTF-8&c7=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&c8=Flight%20ticket%20price%20fr...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1667825417015&ns_c=UTF-8&c7=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&c8=Flight%20ticket%20price%20f...
0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1667825417015&ns_c=UTF-8&c7=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&c8=Flight%20ticket%20price%20from%20Tehran%20to%20Najaf%20-%20Online%20Notepad&c9=
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
H2
Server
13.33.88.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-81.sin2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:17 GMT
via
1.1 cccd1c02ebcc6a46e3ee52075ec059e8.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-cf-id
zbwJ9g8P66fC7_nv3SLHb8_cQTnMV4JVSO4ISAXZ381nWmvfMPnX-w==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1667825417015&ns_c=UTF-8&c7=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&c8=Flight%20ticket%20price%20from%20Tehran%20to%20Najaf%20-%20Online%20Notepad&c9=
date
Mon, 07 Nov 2022 12:50:17 GMT
via
1.1 cccd1c02ebcc6a46e3ee52075ec059e8.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
content-length
0
x-amz-cf-id
8kDChyW__0wxbuhOSGfzrm-pXaMt2vL1OXUBJ6KjVVQsdmAjJ0G8QA==
x-cache
Miss from cloudfront
skeleton.js
static.adsafeprotected.com/ 		17 B
466 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: curvedhoney.com
URL: https://curvedhoney.com/v2ngb0s69zL1SvMtafNBaiy6oeOUA3KSLu_fpFM-TmuQSm7Twnol_tDSsIQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.243.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-243-47.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 dcfd78c05ae02ba7df7f221cacf87f22.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP63-P3
age
22891935
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
Tfoa1LEH4ZFB8VhCIIerN66WgZxU_eDMbfG7EqbrUHgVmaWXtIWrAQ==
collect
www.google-analytics.com/j/ 		2 B
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=974140358&t=pageview&_s=1&dl=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&ul=en-us&de=UTF-8&dt=Flight%20ticket%20price%20from%20Tehran%20to%20Najaf%20-%20Online%20Notepad&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1942507002&gjid=1857930574&cid=1744394758.1667825417&tid=UA-8870545-1&_gid=1054080811.1667825417&_r=1&gtm=2wgb20NQC99C3&z=1711761069
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://anotepad.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-6PG3MM86KX&gtm=2oeb20&_p=974140358&cid=1744394758.1667825417&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1667825417&sct=1&seg=0&dl=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&dt=Flight%20ticket%20price%20from%20Tehran%20to%20Najaf%20-%20Online%20Notepad&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6PG3MM86KX&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://anotepad.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202210271001/ 		209 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202210271001/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.107 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65622e9d48714f0fffd17f51dc0bf5bf1ca784c7225a6ec451ffda1307e05b51

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 27 Oct 2022 14:04:01 GMT
server
cloudflare
x-amz-request-id
NH5A62VPNGKT0KDR
age
937168
etag
W/"eef946e938c3f6c3a618e1f4a39b3b7d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7666319c2d0efb90-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
6SYlK96amaThAXklwQzkzO/gK5k/U5E+jI0MXjV1BtanRIaHi+0LfBRW0uyJK7fX9Ax9AmBxcx8=
collect
stats.g.doubleclick.net/j/ 		7 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-8870545-1&cid=1744394758.1667825417&jid=1942507002&gjid=1857930574&_gid=1054080811.1667825417&_u=YEBAAEAAAAAAACAAI~&z=70523698
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
350a787a722a405da6e1c1c8de24d50a63726bef3d25e8fb020352e60ef35ee2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 07 Nov 2022 12:50:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://anotepad.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022110101.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
sffe /
Resource Hash
ce331bf5c6c5e330f399d37e697146dd66cbc23038c122adba0b3cd3b1fe2781
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 00:47:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
302583
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130882
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 08:35:09 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 04 Nov 2023 00:47:15 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		111 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=anotepad.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
a6fa77e3cb4472bc0f034ddf6155c196c0b5574e33877675c60df2aa6750dcb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70
x-xss-protection
0
expires
Mon, 07 Nov 2022 12:50:18 GMT
pubfig.messaging.2.35.0.e0d13514c58243f74fadfae994357dea0b370718.js
a.pub.network/core/pubfig/ 		229 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/pubfig.messaging.2.35.0.e0d13514c58243f74fadfae994357dea0b370718.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.35.0.e0d13514c58243f74fadfae994357dea0b370718.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.206 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a10a5768f359b6049db53f3771864d770b1da81dbbcddb9785a5f31105d9de16

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:18 GMT
content-encoding
gzip
cf-cache-status
HIT
age
227661
x-guploader-uploadid
ADPycdtzXSeZl38w5SBZdtj14yGekuJ3-7JkiLocnMH3c7wRu788jT7fevUB28iTyl-dEvyInd0A3JHWh-jqbNvnQKD0gw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Fri, 04 Nov 2022 20:12:45 GMT
server
cloudflare
etag
W/"2c7a36a16a399da88908f86a9cd3157a"
vary
Accept-Encoding
x-goog-generation
1667592765266325
content-language
en
content-type
application/javascript
x-goog-hash
crc32c=aa7Z/w==, md5=LHo2oWo5naiJCPhqnNMVeg==
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
234509
access-control-allow-origin
*
cf-ray
766631a06ad5fb88-AKL
expires
Mon, 07 Nov 2022 13:50:18 GMT
px.gif
ad-delivery.net/ 		43 B
922 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
403041
x-guploader-uploadid
ADPycdtFHX0TTT7JUlf345IZI-YuHAtHGOhcuV2iYiEohv2Rz_3_r_owODrakMHFU2MZrKa01A0dhkk_TjrXv-C2Uuss3g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GT5LZbjm68asyv75eaOk7ZigKhIgd4HFMwIo8Kwq4486wTnw4ZUCKaQ2UAqWLd5lCZ7rPVsjXVLOge0Y4GBz6Asgs%2BKf5jss7o3d6ouFVNd1bx5MfYYETyfsUHG0yZk%2FuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
766631a35b21ab01-SYD
expires
Wed, 02 Nov 2022 21:41:50 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f149.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 09:45:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11092
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 09:45:27 GMT
px.gif
ad-delivery.net/ 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.6112208344826611
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:19 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
403042
x-guploader-uploadid
ADPycdtFHX0TTT7JUlf345IZI-YuHAtHGOhcuV2iYiEohv2Rz_3_r_owODrakMHFU2MZrKa01A0dhkk_TjrXv-C2Uuss3g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vY%2BKwY%2BLPlXg7Gp92FnepwfVxfUA9p3G5xWsh4ijpcUPVQGxyd4n%2FHXxar6s9Q2ZTMXr7WzIvZGH9K2QRKs4HIJEN0vAZ2PJY9hqef7tYqOhCqm7g2jSgt7m4divIoeFHg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
766631a4dc70ab01-SYD
expires
Wed, 02 Nov 2022 21:41:50 GMT
v2unchv0e9k6gXCHWu2AUUoGZY1rCTX_yAj2YP9qf1Fr6mOruxyMErKhFeFVPNge5z2XhI3KXr_I
curvedhoney.com/ 		183 B
210 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://curvedhoney.com/v2unchv0e9k6gXCHWu2AUUoGZY1rCTX_yAj2YP9qf1Fr6mOruxyMErKhFeFVPNge5z2XhI3KXr_I
Requested by
Host: curvedhoney.com
URL: https://curvedhoney.com/v2ngb0s69zL1SvMtafNBaiy6oeOUA3KSLu_fpFM-TmuQSm7Twnol_tDSsIQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.181.170 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
170.181.110.34.bc.googleusercontent.com
Software
/
Resource Hash
dbac848192e838123fd05c4dafd8a3e350f9d34cbe3794b7feb8d49e3a472702
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Mon, 07 Nov 2022 12:50:18 GMT
via
1.1 google
x-buildnumber
686128341
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
183
x-datacenter
gce-us-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://anotepad.com
x-hostname
fen-hoothoot-us-west1-spot-vjtw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Mon, 07 Nov 2022 12:50:17 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-8870545-1&cid=1744394758.1667825417&jid=1942507002&_u=YEBAAEAAAAAAACAAI~&z=566805654
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f103.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.nz/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.nz/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-8870545-1&cid=1744394758.1667825417&jid=1942507002&_u=YEBAAEAAAAAAACAAI~&z=566805654
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c
c.pub.network/ 		36 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.35.0.e0d13514c58243f74fadfae994357dea0b370718.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.110.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.110.160.34.bc.googleusercontent.com
Software
/
Resource Hash
0f0f3b998098773e2c44efc426ddf2389b690e652fee53b2dcc0686bc96cffd2

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 07 Nov 2022 12:50:18 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
v2sowwHEyUsTIYG7bAc3o_ZSczWFLKXc_-B8xa3YkZ3vxAU4JITH7Xa273ZBJTZsV2PniR1GAc1c
curvedhoney.com/ 		3 B
27 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://curvedhoney.com/v2sowwHEyUsTIYG7bAc3o_ZSczWFLKXc_-B8xa3YkZ3vxAU4JITH7Xa273ZBJTZsV2PniR1GAc1c
Requested by
Host: curvedhoney.com
URL: https://curvedhoney.com/v2ngb0s69zL1SvMtafNBaiy6oeOUA3KSLu_fpFM-TmuQSm7Twnol_tDSsIQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.181.170 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
170.181.110.34.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Mon, 07 Nov 2022 12:50:19 GMT
via
1.1 google
x-buildnumber
686128341
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-us-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://anotepad.com
x-hostname
fen-hoothoot-us-west1-spot-vjtw
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
floors
api.floors.dev/sgw/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.floors.dev/sgw/v1/floors
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.238.208 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
208.238.227.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://anotepad.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
content-type
text/html; charset=UTF-8
date
Mon, 07 Nov 2022 12:50:19 GMT
referrer-policy
no-referrer
floors
api.floors.dev/sgw/v1/ 		0
0
country
api.btloader.com/ 		16 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
a33084b0430d0aa46ba1c806d614bab52aa16868d848c6cff2d5c6fff613b8b1

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:20 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=bv6Al97OtW&w=5749887104712704&o=5714937848528896&cv=2.1.0&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&upapi=true
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 07 Nov 2022 12:50:20 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-56846750fb16a611/ 		166 B
325 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-56846750fb16a611/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.116.154 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-116-154.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:20 GMT
content-encoding
gzip
etag
659743217
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=41, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
154
300lo.json
m.addthis.com/live/red_lojson/ 		101 B
914 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=6368ff083be8f533&bkl=0&bl=1&pdt=1087&sid=6368ff083be8f533&pub=ra-56846750fb16a611&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=anotepad.com&fp=notes%2F32ay37df&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=0&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1667825419669&jsl=1&uvs=6368ff08e003811b000&skipb=1&callback=addthis.cbs.jsonp__52828311097062410
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.116.154 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-116-154.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
12fcf527503235e9d6f35287613b1d3e9163c9f662bf56fe8d47f6ba3d0eb840

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="NON ADM OUR DEV IND COM STA"
pragma
no-cache
date
Mon, 07 Nov 2022 12:50:20 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
101
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame CA6D 		0
0
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame FB2E 		71 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.116.154 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-116-154.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://anotepad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
public, max-age=86313600
content-encoding
gzip
content-length
26421
content-type
text/html
date
Mon, 07 Nov 2022 12:50:19 GMT
etag
W/"5f971164-11adc"
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
p3p
CP="NON ADM OUR DEV IND COM STA"
server
nginx/1.15.8
strict-transport-security
max-age=15724800; includeSubDomains
timing-allow-origin
*
vary
Accept-Encoding
x-host
s7.addthis.com
pbhid
id.hadron.ad.gt/api/v1/ 		132 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=474&_it=prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.188.185.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-188-185-41.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
300352443c8d9c947a3c1ef669ea2e3180f477a6f239542dc98ad5563dfd8ef3

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://anotepad.com
date
Mon, 07 Nov 2022 12:50:20 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.20.0
vary
Origin
content-type
application/json
envelope
api.rlcdn.com/api/identity/ 		0
0
rid
match.adsrvr.org/track/ 		109 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8940d185bc7be361a9af531b1b9130f6b4bec98d8f7a38f79d9ed966113b1029

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Nov 2022 12:50:20 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://anotepad.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Wed, 07 Dec 2022 12:50:20 GMT
c
c.pub.network/ 		36 B
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.35.0.e0d13514c58243f74fadfae994357dea0b370718.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.110.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.110.160.34.bc.googleusercontent.com
Software
/
Resource Hash
0f0f3b998098773e2c44efc426ddf2389b690e652fee53b2dcc0686bc96cffd2

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 07 Nov 2022 12:50:20 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
integrator.js
adservice.google.co.nz/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=anotepad.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=anotepad.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		142 KB
42 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=967245702941916&correlator=3081904858453570&eid=31068458%2C31070683%2C31070742%2C31070232&output=ldjh&gdfp_req=1&vrg=2022110101&ptt=17&impl=fifs&iu_parts=15184186%3A21641952176%2Canotepad_interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=950968859&sfv=1-0-39&ists=1&fas=8&prev_scp=fs_ad_product%3DgoogleInterstitial&eri=1&cust_params=user-agent%3DChrome&sc=1&cookie_enabled=1&abxe=1&dt=1667825419995&lmt=1667825419&dlt=1667825413834&idt=5497&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1744394758.1667825417&ga_sid=1667825420&ga_hid=974140358&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
f07f8d1127f4f78258897b6248772fd08b78c096b1cb0a167815b4a49c1dd294
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42413
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://anotepad.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022110101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
43e399173b9ddf3830d183bb26779b709322b8dd9ba52ff56fa8226c42d76aff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11106
x-xss-protection
0
container.html
126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 771D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://anotepad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 07 Nov 2022 12:50:20 GMT
expires
Tue, 07 Nov 2023 12:50:20 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2022110101.js
securepubads.g.doubleclick.net/gpt/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022110101.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
sffe /
Resource Hash
7682bcc947ed46991d9f51f30997d4a59e7a9215e5a419a1e354b6300ae735e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 00:58:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
301912
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13869
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 08:35:09 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 04 Nov 2023 00:58:28 GMT
hb
hb.undertone.com/ 		0
795 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3617&domain=anotepad.com
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-67.sin52.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:20 GMT
via
1.1 d5f29441dead372cd342d7cb881976ce.cloudfront.net (CloudFront)
server
istio-envoy
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://anotepad.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
20
x-amz-cf-id
fxQbDw1O5FUJ_mnpGyYCWbnlxogjdstVEunAr3fLiA1GEKm3UVt6ag==
expires
Mon, 26 Jul 1997 05:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 07 Nov 2022 12:50:21 GMT
pubcid.min.js
id.sharedid.org/lib/ 		732 B
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.sharedid.org/lib/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.36.23.219 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-23-219.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:21 GMT
cache-control
public, max-age=86400
last-modified
Mon, 7 Nov 2022 01:47:01 GMT
accept-ranges
bytes
content-length
732
vary
accept-encoding
content-type
application/javascript
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 18:36:29 GMT
content-encoding
gzip
age
843232
x-guploader-uploadid
ADPycdvCQ-VPpUNAopEz4QXo3BL6lzqQoAInvmbogAZV7Voj4huAI_1drBaU06skvx3NDl7To4mFPruASJxz7k1mi5CcZG6Osm_O
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sat, 28 Oct 2023 18:36:29 GMT
esp.js
cdn.id5-sync.com/api/1.0/ 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.86 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9608ec4ea86f70691860daf1b477654e08357662b2fdc33568a376b0fcbdf5c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Sep 2022 13:13:44 GMT
server
cloudflare
x-amz-request-id
MMA9KCFNZGBP3SDM
age
3305
etag
W/"52bb09fbb0a7c9360d68135b7668a1d7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
766631b2dd04aaef-SYD
x-amz-id-2
bds62K6WO7bclFOPDJQmJQVFDzQ9w9/NYJyfGXICsSYRuWw6XAZA8IEK7W2Wfu8yxa7Jube7m7Y=
uid2-sdk-0.0.1b.js
prod.uidapi.com/static/js/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.uidapi.com/static/js/uid2-sdk-0.0.1b.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.22.200.52 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-22-200-52.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:21 GMT
cache-control
public, max-age=86400
last-modified
Tue, 17 May 2022 17:30:07 GMT
accept-ranges
bytes
content-length
4559
vary
accept-encoding
content-type
application/javascript
integrator.js
adservice.google.co.nz/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=anotepad.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=anotepad.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		769 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=967245702941916&correlator=1454151402568425&eid=31068458%2C31070683%2C31070742%2C31070232&output=ldjh&gdfp_req=1&vrg=2022110101&ptt=17&impl=fifs&iu_parts=15184186%3A21641952176%2Canotepad_page_grabber_interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&adks=3255003615&sfv=1-0-39&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26floors_id%3Dtimeout%26floors_hour%3D12%26floors_user%3D0%26fs_placementName%3Danotepad_page_grabber_interstitial%26fsbid%3D0&eri=1&cust_params=user-agent%3DChrome&sc=1&cookie=ID%3D39b5baa458c18c00-2230ae1529d80029%3AT%3D1667825420%3AS%3DALNI_MbNA3iZFcau9Qx_8aivbsiWGvS4HQ&gpic=UID%3D00000b772d25a617%3AT%3D1667825420%3ART%3D1667825420%3AS%3DALNI_MYyJwUMnzfsi3gcI5yyRUpCZRLZbw&abxe=1&dt=1667825421049&lmt=1667825421&dlt=1667825413834&idt=5497&adxs=0&adys=2040&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&frm=20&vis=1&psz=1600x2029&msz=1600x0&fws=0&ohw=0&ga_vid=1744394758.1667825417&ga_sid=1667825420&ga_hid=974140358&ga_fc=true&a3p=EhkKCnB1YmNpZC5vcmcY2ZSRkcUwSABSAghkEhQKBW9wZW54GNmUkZHFMEgAUgIIZBIZCgp1aWRhcGkuY29tGNmUkZHFMEgAUgIIZBIbCgxpZDUtc3luYy5jb20Y2ZSRkcUwSABSAghk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
05252893101c3ec933ceb617e8c9ea6333b520eee5d92e8ab1d5306d9d0259a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
387
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://anotepad.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame A64B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://anotepad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 07 Nov 2022 12:50:20 GMT
expires
Tue, 07 Nov 2023 12:50:20 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&rid=esp&cc=1
0
0
increment
id5-sync.com/api/esp/ 		0
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://anotepad.com
date
Mon, 07 Nov 2022 12:50:21 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://anotepad.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://anotepad.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 07 Nov 2022 12:50:22 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://anotepad.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://anotepad.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 07 Nov 2022 12:50:22 GMT
server
ATS/9.1.10.25
quant.js
secure.quantserve.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.35.0.e0d13514c58243f74fadfae994357dea0b370718.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.171 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d338942229ff300382b383f3fe0a3e9603511aea04491596f19855d3c5c95f24

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:24 GMT
content-encoding
gzip
etag
"OtCg6ZHW+0OUUnygESUOBQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 14 Nov 2022 12:50:24 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
cookie_sync
s2s.t13.io/ 		2 KB
771 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/cookie_sync
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
7e049faa4be15aac6c609c9af83675c89dd1ac32533f288157dc3b6a58ca2c9f

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:21 GMT
content-encoding
gzip
via
1.1 google
content-type
application/json
access-control-allow-origin
https://anotepad.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
551
expires
0
auction
s2s.t13.io/openrtb2/ 		1017 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
8e9fc5b2cab42ec75725533f43650c99a97d3d721e2fcfaaae999aee9bbc1dde

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:22 GMT
content-encoding
gzip
via
1.1 google
x-prebid
pbs-java/1.94.0
content-type
application/json
access-control-allow-origin
https://anotepad.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
377
expires
0
translator
hbopenbid.pubmatic.com/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.193 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://anotepad.com
date
Mon, 07 Nov 2022 12:50:22 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df35500551&pos=8a9694120174744413194708f0170a00&cmd=bid&req=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&eidadserver.org=aecd6e24-a5c6-432b-b87d-76314db61f68&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
23ecb90e3e2d336112f7039913d3b5d7b5f10b75350503568afa89a8a71f4eea

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Nov 2022 12:50:22 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df35500551&pos=8a9698b40175759a19619dee240d0031&cmd=bid&req=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&eidadserver.org=aecd6e24-a5c6-432b-b87d-76314db61f68&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
a50e0c1a8c365c6c37ecf497333b3b03ddfcee3978b81100eca6461f75f6f71b

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Nov 2022 12:50:22 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
content-length
62
cdb
bidder.criteo.com/ 		18 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=58199727383&lsavail=0
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Nov 2022 12:50:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=676941&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22254276b6ad36d73%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df%22%2C%22name%22%3A%22anotepad-com%22%2C%22domain%22%3A%22anotepad.com%22%2C%22cat%22%3A%5B%22IAB5%22%5D%2C%22sectioncat%22%3A%5B%22IAB5%22%5D%2C%22pagecat%22%3A%5B%22IAB5%22%5D%2C%22ref%22%3A%22%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22www.freestar.com%22%2C%22ext%22%3A%7B%22taxonomyname%22%3A%22iab_content_taxonomy%22%7D%2C%22segment%22%3A%5B%5D%7D%5D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df%22%2C%22tmax%22%3A1200%2C%22syncsPerBidder%22%3A3%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22%2F15184186%2Fanotepad_adhesion%2Fanotepad_adhesion%22%2C%22adunitcode%22%3A%22anotepad_adhesion%22%2C%22divId%22%3A%22anotepad_adhesion%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222642c5c63e7e546%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22676941%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22676941%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F15184186%2Fanotepad_adhesion%22%2C%22gpid%22%3A%22%2F15184186%2Fanotepad_adhesion%2Fanotepad_adhesion%22%2C%22tid%22%3A%226e73224d-ccaa-4e10-aac5-c7ca499114bc%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22040e3867-e51c-4ad2-832c-0f1ea4b3131d%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%221036%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22audigent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220001yum0eakgjaifdl7eblija66blijibhk6ilibb6abackkc2jl%22%7D%5D%7D%2C%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22aecd6e24-a5c6-432b-b87d-76314db61f68%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
132ea8bc4c7a458faa8538e9aef2335177a9e263a0647d8f8de3d9b8066234b2

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iYBtnYlltmD3R3t2nrFJz18pd6RJ9Kl5C6IJmEQt4%2Fb8eM4lGUQ%2FGgRhQ05ghTKibKZDjY6vNGGFHOF41mPbj81cYIVGrYiP9Gz8LBaSA%2FoSurFC89uCFZ5UUp%2Ff2sCCclIDFKTO"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://anotepad.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
766631b6be90eea2-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
arj
freestar-d.openx.net/w/1.0/ 		174 B
589 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=6e73224d-ccaa-4e10-aac5-c7ca499114bc&nocache=1667825421559&audigentid=0001yum0eakgjaifdl7eblija66blijibhk6ilibb6abackkc2jl&ttduuid=aecd6e24-a5c6-432b-b87d-76314db61f68&pubcid=bd48dedd-b4fa-45d4-a0f6-c38d9c05852d&schain=1.0%2C1!freestar.com%2C1036%2C1%2C%2C%2C&aus=970x90%2C728x90&divids=anotepad_adhesion&aucs=%252F15184186%252Fanotepad_adhesion%252Fanotepad_adhesion&auid=539181725
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
639c95855066c8a809098256e9d8a24825b2b91cdeb043f00d44bac1f30556da

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:22 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://anotepad.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
expires
Mon, 26 Jul 1997 05:00:00 GMT
hbjson
grid.bidswitch.net/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
71e991c91947feb894c8af47f2b280490f4e0b1333d93fe4ec7d15fff3ad5ba8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:22 GMT
AN-X-Request-Uuid
a7d02c22-2f6c-48f3-8bfe-4a7db2e5f82f
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://anotepad.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
116.90.74.203; 116.90.74.203; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ads.yieldmo.com/exchange/ 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.19.0&p=%5B%7B%22placement_id%22%3A%22anotepad_adhesion%22%2C%22callback_id%22%3A%223812694158a1af6%22%2C%22sizes%22%3A%5B%5B970%2C90%5D%2C%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222662464007037722661%22%2C%22gpid%22%3A%22%2F15184186%2Fanotepad_adhesion%2Fanotepad_adhesion%22%2C%22tid%22%3A%226e73224d-ccaa-4e10-aac5-c7ca499114bc%22%2C%22auctionId%22%3A%22040e3867-e51c-4ad2-832c-0f1ea4b3131d%22%7D%5D&page_url=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&bust=1667825421564&dnt=false&description=aNotepad.com%20is%20your%20everyday%20online%20notepad.%20You%20can%20take%20notes%20and%20share%20notes%20online%20without%20having%20to%20login.%20You%20can%20use%20a%20rich%20text%20editor%20and%20download%20your%20note%20as%20PDF%20or%20Word%20document.%20Best%20of%20all%20-%20aNotepad%20is%20a%20fast%2C%20clean%2C%20and%20easy-to-use%20notepad%20online.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=Flight%20ticket%20price%20from%20Tehran%20to%20Najaf%20-%20Online%20Notepad&w=1600&h=1200&pubcid=bd48dedd-b4fa-45d4-a0f6-c38d9c05852d&tdid=aecd6e24-a5c6-432b-b87d-76314db61f68&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%221036%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22audigent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220001yum0eakgjaifdl7eblija66blijibhk6ilibb6abackkc2jl%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22aecd6e24-a5c6-432b-b87d-76314db61f68%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.9.69 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-9-69.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://anotepad.com
pragma
no-cache
date
Mon, 07 Nov 2022 12:50:22 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
display
mantodea.mantisadnetwork.com/prebid/ 		56 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/display?tz=0&buster=1667825421565&secure=true&version=9&title=Flight%20ticket%20price%20from%20Tehran%20to%20Najaf%20-%20Online%20Notepad&url=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&measurable=true&bids[0][bidId]=40eff132ac43a5&bids[0][config][property]=5c3404d83e048a00261ad27f&bids[0][config][zone]=anotepad_adhesion&bids[0][sizes][0][width]=970&bids[0][sizes][0][height]=90&bids[0][sizes][1][width]=728&bids[0][sizes][1][height]=90&property=5c3404d83e048a00261ad27f&foo
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.80.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-80-64.compute-1.amazonaws.com
Software
/ Express
Resource Hash
c56adf2fd448a470f4e93e715fe85dece3468f3071c05ed8692c1a0c83748139

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:22 GMT
x-powered-by
Express
etag
W/"38-JPS1cmdBAHb/6sWp0CJeCK68ik4"
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://anotepad.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
56
expires
-1
/
colossusssp.com/ 		2 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.77.87.217 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://anotepad.com
Date
Mon, 07 Nov 2022 12:50:22 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
v1
btlr.sharethrough.com/universal/ 		260 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.105.246 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-105-246.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
bd84251842459aec583a2cbebc00328444bb4835fdfccbe46f8b4cb3ae33e065

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Nov 2022 12:50:22 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://anotepad.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
191
trinity.json
apex.go.sonobi.com/ 		95 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22471a0a9c362be5f%22%3A%225e9ece2f430c20b04dd1%7C970x90%2C728x90%7Cgpid%3D%2F15184186%2Fanotepad_adhesion%2Fanotepad_adhesion%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&s=ebf100dd-b72c-496c-aa09-72e9f0bc6e30&pv=3ec970c6-5b84-415e-af31-ec50eab0b5bb&vp=desktop&lib_name=prebid&lib_v=7.19.0&us=3&fpd=%7B%22site%22%3A%7B%22name%22%3A%22anotepad-com%22%2C%22domain%22%3A%22anotepad.com%22%2C%22cat%22%3A%5B%22IAB5%22%5D%2C%22sectioncat%22%3A%5B%22IAB5%22%5D%2C%22pagecat%22%3A%5B%22IAB5%22%5D%2C%22page%22%3A%22https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df%22%2C%22ref%22%3A%22%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22www.freestar.com%22%2C%22ext%22%3A%7B%22taxonomyname%22%3A%22iab_content_taxonomy%22%7D%2C%22segment%22%3A%5B%5D%7D%5D%7D%7D%2C%22ext%22%3A%7B%22prebid%22%3A%7B%22storedrequest%22%3A%7B%22id%22%3A%22f20a6258-ed38-48d5-9cef-ec48c9438341%22%7D%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%221036%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22hadronId%22%3A%220001yum0eakgjaifdl7eblija66blijibhk6ilibb6abackkc2jl%22%2C%22tdid%22%3A%22aecd6e24-a5c6-432b-b87d-76314db61f68%22%7D&eids=%5B%7B%22source%22%3A%22audigent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220001yum0eakgjaifdl7eblija66blijibhk6ilibb6abackkc2jl%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22aecd6e24-a5c6-432b-b87d-76314db61f68%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D&coppa=0
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.34.250.78 Los Angeles, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e99607d3e6c97d4724e598bea4800eab936d1ca0eb7500c57d95617f94273ba7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:22 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-30
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://anotepad.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
120
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
c57a5d09de0dbb1ba5d0bb29f9a000421f6864ce225370baf16d01cfbf72b7bc

Request headers

Referer
https://anotepad.com/
x-openrtb-version
2.5
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 07 Nov 2022 12:50:22 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
6b85d52272bb7ec2e4a5c5594bc8b1a545d5adba6f1c5f2e4b746c2084929625

Request headers

Referer
https://anotepad.com/
x-openrtb-version
2.5
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 07 Nov 2022 12:50:22 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
content-length
66
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D1FD 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://anotepad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
286745
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 04 Nov 2022 05:11:17 GMT
expires
Sat, 04 Nov 2023 05:11:17 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1E47 		783 B
970 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f103.1e100.net
Software
GSE /
Resource Hash
55c2de1085f64f34299ff633e3602a2ec6bab4291dc43a4f8a602deab2a147d7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IxU_QS-ZZu9-SgfMKuG2bQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://anotepad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-IxU_QS-ZZu9-SgfMKuG2bQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 07 Nov 2022 12:50:22 GMT
expires
Mon, 07 Nov 2022 12:50:22 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
css2
fonts.googleapis.com/ Frame A64B 		4 KB
732 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com
URL: https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f95.1e100.net
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 07 Nov 2022 12:50:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 11:30:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 07 Nov 2022 12:50:22 GMT
css
fonts.googleapis.com/ Frame FA39 		8 KB
968 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f95.1e100.net
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 07 Nov 2022 12:50:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 11:25:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 07 Nov 2022 12:50:22 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame FA39 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 14:33:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
80191
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 20 Nov 2022 14:33:51 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame FA39 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite_fy2021.js
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 14:33:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
80199
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9180
x-xss-protection
0
server
cafe
etag
12585499704757265805
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 20 Nov 2022 14:33:43 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame FA39 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 14:33:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
80206
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 20 Nov 2022 14:33:36 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame FA39 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 14:33:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
80206
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7305
x-xss-protection
0
server
cafe
etag
12747696668401323709
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 20 Nov 2022 14:33:36 GMT
l
www.google.com/ads/measurement/ Frame FA39 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSKz-xtAMiziqvRhhFKGT4HkqaxPeg318w74BtfPl04X4bkE9KUzZ7bMiIf5-p3O9Y1eTkJ5egsD07crBg4Puw3JdsSTQ
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f103.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FA39 		154 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
sffe /
Resource Hash
c96507386689e69f6112a5d0a91ea851a260e5c023642dc374a8489271f53246
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48204
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667489865617883"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 07 Nov 2022 12:50:24 GMT
0d3fd3b530a886383bd6b91513e5ed38.js
www.gstatic.com/mysidia/ Frame FA39 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/0d3fd3b530a886383bd6b91513e5ed38.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
29a24baf918a3b9bbda58c98de4ba638f939c8b46fe292000cb833a50e4c303d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 13:11:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
517161
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14033
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 22:32:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 30 Jan 2023 13:11:01 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/elements/html/ Frame A64B 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com
URL: https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
349544eac2a5e347ebc6e23a6ca44ab6531e59c40f5d337ddddf1270608ce257
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 17:46:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
68642
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7963
x-xss-protection
0
server
cafe
etag
15183902602499586604
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 20 Nov 2022 17:46:20 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A64B 		205 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com
URL: https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 05 Nov 2022 01:49:46 GMT
x-content-type-options
nosniff
age
212436
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 05 Nov 2023 01:49:46 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A64B 		604 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com
URL: https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 05 Nov 2022 01:33:10 GMT
x-content-type-options
nosniff
age
213432
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 05 Nov 2023 01:33:10 GMT
c
c.pub.network/ 		36 B
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.35.0.e0d13514c58243f74fadfae994357dea0b370718.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.110.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.110.160.34.bc.googleusercontent.com
Software
/
Resource Hash
0f0f3b998098773e2c44efc426ddf2389b690e652fee53b2dcc0686bc96cffd2

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 07 Nov 2022 12:50:22 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
/
onetag-sys.com/usync/ Frame C2A5 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
205bd8717c5f2dccecd218321d9b43d38442b058e4ee406ca0aa9cc190a83644
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://anotepad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1411
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js
pagead2.googlesyndication.com/bg/ Frame D1FD 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 08:29:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
447649
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Nov 2023 08:29:33 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1E47 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022110101&jk=967245702941916&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
s
googleads.g.doubleclick.net/pagead/drt/ Frame E8CF 		143 B
476 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com
URL: https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
2554
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 07 Nov 2022 12:07:48 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://anotepad.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://anotepad.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 07 Nov 2022 12:50:22 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://anotepad.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://anotepad.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 07 Nov 2022 12:50:22 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://anotepad.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://anotepad.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 07 Nov 2022 12:50:22 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://anotepad.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://anotepad.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 07 Nov 2022 12:50:22 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://anotepad.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://anotepad.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 07 Nov 2022 12:50:22 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://anotepad.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://anotepad.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 07 Nov 2022 12:50:22 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://anotepad.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://anotepad.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 07 Nov 2022 12:50:22 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://anotepad.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://anotepad.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 07 Nov 2022 12:50:22 GMT
server
ATS/9.1.10.25
auction
s2s.t13.io/openrtb2/ 		1017 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
8e7365e13e3fc947115dcb143739bb407c8c90a8fcc950e2756f8cf1033ea15b

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:23 GMT
content-encoding
gzip
via
1.1 google
x-prebid
pbs-java/1.94.0
content-type
application/json
access-control-allow-origin
https://anotepad.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
378
expires
0
trinity.json
apex.go.sonobi.com/ 		116 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%226951a3a60f4ee9f%22%3A%225e9ece2f430c20b04dd1%7C970x250%2C970x90%2C728x90%2C336x280%2C300x250%7Cgpid%3D%2F15184186%2Fanotepad_leaderboard_atf%2Fanotepad_leaderboard_atf%2Cc%3Dd%2C%22%2C%2270b7e77022cb8c2%22%3A%225e9ece2f430c20b04dd1%7C970x250%2C970x90%2C728x90%2C336x280%2C300x250%7Cgpid%3D%2F15184186%2Fanotepad_leaderboard_btf%2Fanotepad_leaderboard_btf%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&s=082e5f74-655d-441d-9416-3c94fa9b5de3&pv=3ec970c6-5b84-415e-af31-ec50eab0b5bb&vp=desktop&lib_name=prebid&lib_v=7.19.0&us=3&fpd=%7B%22site%22%3A%7B%22name%22%3A%22anotepad-com%22%2C%22domain%22%3A%22anotepad.com%22%2C%22cat%22%3A%5B%22IAB5%22%5D%2C%22sectioncat%22%3A%5B%22IAB5%22%5D%2C%22pagecat%22%3A%5B%22IAB5%22%5D%2C%22page%22%3A%22https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df%22%2C%22ref%22%3A%22%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22www.freestar.com%22%2C%22ext%22%3A%7B%22taxonomyname%22%3A%22iab_content_taxonomy%22%7D%2C%22segment%22%3A%5B%5D%7D%5D%7D%7D%2C%22ext%22%3A%7B%22prebid%22%3A%7B%22storedrequest%22%3A%7B%22id%22%3A%22f20a6258-ed38-48d5-9cef-ec48c9438341%22%7D%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%221036%22%2C%22hp%22%3A1%2C%22rid%22%3A%22835cce3d-2a68-4b80-826e-ca86afecd5d1%22%7D%5D%7D&userid=%7B%22hadronId%22%3A%220001yum0eakgjaifdl7eblija66blijibhk6ilibb6abackkc2jl%22%2C%22tdid%22%3A%22aecd6e24-a5c6-432b-b87d-76314db61f68%22%7D&eids=%5B%7B%22source%22%3A%22audigent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220001yum0eakgjaifdl7eblija66blijibhk6ilibb6abackkc2jl%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22aecd6e24-a5c6-432b-b87d-76314db61f68%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D&coppa=0
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.34.250.78 Los Angeles, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
7d4e5ddbeeff214799c4f72929f3e46b96bd0db766ee246353a9bc4029459f1a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:23 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-56
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://anotepad.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
141
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
hbjson
grid.bidswitch.net/ 		24 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.117.18 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
18.117.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b7dcbe28cf7fe73b58707b6b1f81d9fa7d3bc3dd37a6f4cd256a5c88a87fafd5

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 07 Nov 2022 12:50:22 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://anotepad.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
arj
freestar-d.openx.net/w/1.0/ 		175 B
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=cb22335c-d278-403c-b7b5-2c912893127e%2C870da866-b3cc-4389-897e-9c88200c4ee5&nocache=1667825422656&audigentid=0001yum0eakgjaifdl7eblija66blijibhk6ilibb6abackkc2jl&ttduuid=aecd6e24-a5c6-432b-b87d-76314db61f68&pubcid=bd48dedd-b4fa-45d4-a0f6-c38d9c05852d&schain=1.0%2C1!freestar.com%2C1036%2C1%2C835cce3d-2a68-4b80-826e-ca86afecd5d1%2C%2C&aus=970x250%2C970x90%2C728x90%2C336x280%2C300x250%7C970x250%2C970x90%2C728x90%2C336x280%2C300x250&divids=anotepad_leaderboard_atf%2Canotepad_leaderboard_btf&aucs=%252F15184186%252Fanotepad_leaderboard_atf%252Fanotepad_leaderboard_atf%2C%252F15184186%252Fanotepad_leaderboard_btf%252Fanotepad_leaderboard_btf&auid=539181725%2C539181725
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
6f8676bf3bfc3de9d03230f9abe689eb43da147c6edf739526f98c50f9315356

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:23 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://anotepad.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
expires
Mon, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df35500551&pos=8a9694120174744413194708f3730a02&cmd=bid&req=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&eidadserver.org=aecd6e24-a5c6-432b-b87d-76314db61f68&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
fe7d779bde3fe41e0cf7475ecd80fe7d497371f31b90cbc900657ca48d262670

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Nov 2022 12:50:22 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df35500551&pos=8a9694120174744413194708f0170a00&cmd=bid&req=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&eidadserver.org=aecd6e24-a5c6-432b-b87d-76314db61f68&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
d3e1669711b485803cf11f7b52b0bf81ba26604ea14e266f6cfc6a758fa2f25d

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Nov 2022 12:50:22 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df35500551&pos=8a969412017474441319470184320795&cmd=bid&req=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&eidadserver.org=aecd6e24-a5c6-432b-b87d-76314db61f68&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
7b5a56411c2ffe630e1d471ad9202552551f300c7a840d481a69eb870fae5e4d

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Nov 2022 12:50:22 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df35500551&pos=8a9698b40175759a19619dee240d0031&cmd=bid&req=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&eidadserver.org=aecd6e24-a5c6-432b-b87d-76314db61f68&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
491899a54e4cbe3dc68e02a98dac091406d625c1a7ed140788d7774d9b977749

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Nov 2022 12:50:22 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df35500551&pos=8a9694120174744413194708f3730a02&cmd=bid&req=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&eidadserver.org=aecd6e24-a5c6-432b-b87d-76314db61f68&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
19f6a5101e396e7c3c44065290afaa0c1d1451aad07d85525ea95111c14419cf

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Nov 2022 12:50:22 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df35500551&pos=8a9694120174744413194708f0170a00&cmd=bid&req=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&eidadserver.org=aecd6e24-a5c6-432b-b87d-76314db61f68&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
73f22d48c156344b9ce5b2ce74b83e832483968935b0efd5bd3df4e0fa675598

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Nov 2022 12:50:22 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df35500551&pos=8a969412017474441319470184320795&cmd=bid&req=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&eidadserver.org=aecd6e24-a5c6-432b-b87d-76314db61f68&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
823736c869c5514fd03b3a93b6f7269f7db916894fd8d8a407abd3c3f8d435a3

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Nov 2022 12:50:22 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df35500551&pos=8a9698b40175759a19619dee240d0031&cmd=bid&req=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&eidadserver.org=aecd6e24-a5c6-432b-b87d-76314db61f68&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
6959776a32569e23a433062f212859d20286c6268416e2eaf2865b721e3013b6

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Nov 2022 12:50:22 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
content-length
62
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
544 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=676941&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2297741ef793932cd%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df%22%2C%22name%22%3A%22anotepad-com%22%2C%22domain%22%3A%22anotepad.com%22%2C%22cat%22%3A%5B%22IAB5%22%5D%2C%22sectioncat%22%3A%5B%22IAB5%22%5D%2C%22pagecat%22%3A%5B%22IAB5%22%5D%2C%22ref%22%3A%22%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22www.freestar.com%22%2C%22ext%22%3A%7B%22taxonomyname%22%3A%22iab_content_taxonomy%22%7D%2C%22segment%22%3A%5B%5D%7D%5D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A2%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df%22%2C%22tmax%22%3A1200%2C%22syncsPerBidder%22%3A3%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22%2F15184186%2Fanotepad_leaderboard_btf%2Fanotepad_leaderboard_btf%22%2C%22adunitcode%22%3A%22anotepad_leaderboard_btf%22%2C%22divId%22%3A%22anotepad_leaderboard_btf%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%229880e9dcdcd8bb1%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22676941%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22676941%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22676941%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22676941%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22676941%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F15184186%2Fanotepad_leaderboard_atf%22%2C%22gpid%22%3A%22%2F15184186%2Fanotepad_leaderboard_atf%2Fanotepad_leaderboard_atf%22%2C%22tid%22%3A%22cb22335c-d278-403c-b7b5-2c912893127e%22%7D%7D%2C%7B%22id%22%3A%22103d9e6a7933adfc%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22676941%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22676941%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22676941%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22676941%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22676941%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F15184186%2Fanotepad_leaderboard_btf%22%2C%22gpid%22%3A%22%2F15184186%2Fanotepad_leaderboard_btf%2Fanotepad_leaderboard_btf%22%2C%22tid%22%3A%22870da866-b3cc-4389-897e-9c88200c4ee5%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%2236014845-350e-467d-958f-d3e2eee61f8e%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%221036%22%2C%22hp%22%3A1%2C%22rid%22%3A%22835cce3d-2a68-4b80-826e-ca86afecd5d1%22%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22audigent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220001yum0eakgjaifdl7eblija66blijibhk6ilibb6abackkc2jl%22%7D%5D%7D%2C%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22aecd6e24-a5c6-432b-b87d-76314db61f68%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85225421ee8cd63e2d4cc4a33f5142f7d87f73eed2642866e01a68e641734308

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2BMxO9mJH5YEDg2qmWhyqJQ3%2BCsh2PROD2U6mXEhBKxOYPwm5X7%2By%2BhwE9Nlz8HKr2NFqjrqbod%2B1Ikzh5maIGdkclymyYe8z4K%2F0V9VX7r7H6BTVPOzVoyP9P2yVURNTV3SzlY%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://anotepad.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
766631bcca52ee92-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cdb
bidder.criteo.com/ 		18 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=43610750852&lsavail=0
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Nov 2022 12:50:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
/
colossusssp.com/ 		2 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.77.87.217 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://anotepad.com
Date
Mon, 07 Nov 2022 12:50:22 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3c26b7d466791298e4d0710cd239d1af926af50f20f140dd66de5dbb96b015d

Request headers

Referer
https://anotepad.com/
x-openrtb-version
2.5
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 07 Nov 2022 12:50:23 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
c4b3da07d9bd9970f444b2288c34dcde72cbc4278ffae9524c6a19c2f5255c43

Request headers

Referer
https://anotepad.com/
x-openrtb-version
2.5
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 07 Nov 2022 12:50:23 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
028d7cd3987974616649498c65086f6e0f06827872182f1030f8f78fd4e496ce

Request headers

Referer
https://anotepad.com/
x-openrtb-version
2.5
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 07 Nov 2022 12:50:23 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
6982092054422f63675ccddecd3de2b10d28d370daea0978b3945c8a2e7310ac

Request headers

Referer
https://anotepad.com/
x-openrtb-version
2.5
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 07 Nov 2022 12:50:23 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
6349e42906d89f34f676a25488e843370e7e0297de183bc3f7ca8fd1bae42415

Request headers

Referer
https://anotepad.com/
x-openrtb-version
2.5
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 07 Nov 2022 12:50:23 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
052416fc677e49401ffe6d1cb8724a14f2069bafa6f19d1907512c4bcc8c39b7

Request headers

Referer
https://anotepad.com/
x-openrtb-version
2.5
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 07 Nov 2022 12:50:23 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
71ada39cdf875fbf8701345113330ce40e3421244842fde2fb7932f1995239ee

Request headers

Referer
https://anotepad.com/
x-openrtb-version
2.5
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 07 Nov 2022 12:50:23 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
334e4750fcb60ad4b702751b718cd9150b001c98dea005663c45e829f9639932

Request headers

Referer
https://anotepad.com/
x-openrtb-version
2.5
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 07 Nov 2022 12:50:23 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
content-length
66
prebid
ads.yieldmo.com/exchange/ 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.19.0&p=%5B%7B%22placement_id%22%3A%22anotepad_leaderboard_atf%22%2C%22callback_id%22%3A%22140c6b018740feee%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B970%2C90%5D%2C%5B728%2C90%5D%2C%5B336%2C280%5D%2C%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222662464007037722661%22%2C%22gpid%22%3A%22%2F15184186%2Fanotepad_leaderboard_atf%2Fanotepad_leaderboard_atf%22%2C%22tid%22%3A%22cb22335c-d278-403c-b7b5-2c912893127e%22%2C%22auctionId%22%3A%2236014845-350e-467d-958f-d3e2eee61f8e%22%7D%2C%7B%22placement_id%22%3A%22anotepad_leaderboard_btf%22%2C%22callback_id%22%3A%22141dfff89dc997d8%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B970%2C90%5D%2C%5B728%2C90%5D%2C%5B336%2C280%5D%2C%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222662464007037722661%22%2C%22gpid%22%3A%22%2F15184186%2Fanotepad_leaderboard_btf%2Fanotepad_leaderboard_btf%22%2C%22tid%22%3A%22870da866-b3cc-4389-897e-9c88200c4ee5%22%2C%22auctionId%22%3A%2236014845-350e-467d-958f-d3e2eee61f8e%22%7D%5D&page_url=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&bust=1667825422668&dnt=false&description=aNotepad.com%20is%20your%20everyday%20online%20notepad.%20You%20can%20take%20notes%20and%20share%20notes%20online%20without%20having%20to%20login.%20You%20can%20use%20a%20rich%20text%20editor%20and%20download%20your%20note%20as%20PDF%20or%20Word%20document.%20Best%20of%20all%20-%20aNotepad%20is%20a%20fast%2C%20clean%2C%20and%20easy-to-use%20notepad%20online.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=Flight%20ticket%20price%20from%20Tehran%20to%20Najaf%20-%20Online%20Notepad&w=1600&h=1200&pubcid=bd48dedd-b4fa-45d4-a0f6-c38d9c05852d&tdid=aecd6e24-a5c6-432b-b87d-76314db61f68&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%221036%22%2C%22hp%22%3A1%2C%22rid%22%3A%22ced9088c-bee2-4fb7-aed4-4ac00ab91e32%22%7D%5D%7D&eids=%5B%7B%22source%22%3A%22audigent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220001yum0eakgjaifdl7eblija66blijibhk6ilibb6abackkc2jl%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22aecd6e24-a5c6-432b-b87d-76314db61f68%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.9.69 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-9-69.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://anotepad.com
pragma
no-cache
date
Mon, 07 Nov 2022 12:50:22 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
display
mantodea.mantisadnetwork.com/prebid/ 		56 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/display?tz=0&buster=1667825422668&secure=true&version=9&uuid=bbbd2e19-9bb4-41d0-8975-3079e1f0287a&title=Flight%20ticket%20price%20from%20Tehran%20to%20Najaf%20-%20Online%20Notepad&url=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&measurable=true&bids[0][bidId]=143a952db4076fb&bids[0][config][property]=5c3404d83e048a00261ad27f&bids[0][config][zone]=anotepad_leaderboard_atf&bids[0][sizes][0][width]=970&bids[0][sizes][0][height]=250&bids[0][sizes][1][width]=970&bids[0][sizes][1][height]=90&bids[0][sizes][2][width]=728&bids[0][sizes][2][height]=90&bids[0][sizes][3][width]=336&bids[0][sizes][3][height]=280&bids[0][sizes][4][width]=300&bids[0][sizes][4][height]=250&bids[1][bidId]=1442c72daa76c2b6&bids[1][config][property]=5c3404d83e048a00261ad27f&bids[1][config][zone]=anotepad_leaderboard_btf&bids[1][sizes][0][width]=970&bids[1][sizes][0][height]=250&bids[1][sizes][1][width]=970&bids[1][sizes][1][height]=90&bids[1][sizes][2][width]=728&bids[1][sizes][2][height]=90&bids[1][sizes][3][width]=336&bids[1][sizes][3][height]=280&bids[1][sizes][4][width]=300&bids[1][sizes][4][height]=250&property=5c3404d83e048a00261ad27f&foo
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.80.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-80-64.compute-1.amazonaws.com
Software
/ Express
Resource Hash
c56adf2fd448a470f4e93e715fe85dece3468f3071c05ed8692c1a0c83748139

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:23 GMT
x-powered-by
Express
etag
W/"38-JPS1cmdBAHb/6sWp0CJeCK68ik4"
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://anotepad.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
56
expires
-1
prebid
ib.adnxs.com/ut/v3/ 		29 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
39f7934cd70665d8b0d270a08c39d99801879ef8ece0d3c94f0b48cb9597ba21
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 07 Nov 2022 12:50:22 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.203; 116.90.74.203; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
7e113f2a-77b7-41fb-9705-50dcc110272f
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://anotepad.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.193 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://anotepad.com
date
Mon, 07 Nov 2022 12:50:22 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		646 B
766 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.105.246 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-105-246.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
750bf0a9c440cc5b1842544a00d9424bc8d05bc2124836d007042421826c41a6

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Nov 2022 12:50:22 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://anotepad.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
402
v1
btlr.sharethrough.com/universal/ 		521 B
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.105.246 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-105-246.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0cb3eb7bd6128f24d1e6fd51de62a61a1049d43a62f8e8d283644745df3581a3

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Nov 2022 12:50:22 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://anotepad.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
354
v1
btlr.sharethrough.com/universal/ 		644 B
716 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.105.246 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-105-246.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
3e93cdb9deb91dde983b9d33949f1ba15d63e6206cac33222c9ed5db2a57d2c5

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Nov 2022 12:50:22 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://anotepad.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
352
v1
btlr.sharethrough.com/universal/ 		423 B
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.105.246 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-105-246.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
bd39f6888cce7126d5163d60fe8dcdcdd861f9563c49992d6d08c835349fb56b

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Nov 2022 12:50:23 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://anotepad.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
259
v1
btlr.sharethrough.com/universal/ 		438 B
661 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.105.246 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-105-246.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
dfeb455a294c606d60a74ee84ad48cad06e7aaf943c792f9250e4a90ae5ddefc

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Nov 2022 12:50:23 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://anotepad.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
296
v1
btlr.sharethrough.com/universal/ 		568 B
762 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.105.246 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-105-246.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ac32938c6db02dbb2a25f17f91f7569896f7d3238c671177ab0f7335d258a536

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Nov 2022 12:50:23 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://anotepad.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
397
v1
btlr.sharethrough.com/universal/ 		333 B
609 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.105.246 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-105-246.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
7f59045c7c08d7f2c81801abe86b9a628798505db3708578e3969240cb7b702c

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Nov 2022 12:50:23 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://anotepad.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
244
v1
btlr.sharethrough.com/universal/ 		729 B
782 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.105.246 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-105-246.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
de051b98a931762f4fdb33f675a5423da6e27a3037bca5d200871422fad549e4

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Nov 2022 12:50:23 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://anotepad.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
417
fastlane.json
fastlane.rubiconproject.com/a/api/ 		598 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=2223364&size_id=15&alt_size_ids=2%2C16%2C55%2C57&rp_schain=1.0,1!freestar.com,1036,1,ced9088c-bee2-4fb7-aed4-4ac00ab91e32,,&eid_audigent.com=0001yum0eakgjaifdl7eblija66blijibhk6ilibb6abackkc2jl%5E1&tpid_tdid=aecd6e24-a5c6-432b-b87d-76314db61f68&eid_adserver.org=aecd6e24-a5c6-432b-b87d-76314db61f68&rf=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&tg_i.name=anotepad-com&tg_i.domain=anotepad.com&tg_i.cat=IAB5&tg_i.sectioncat=IAB5&tg_i.pagecat=IAB5&tg_i.page=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&tg_i.fs_ad_product=banner&tg_i.pbadslot=%2F15184186%2Fanotepad_leaderboard_atf%2Fanotepad_leaderboard_atf%3B%2F15184186%2Fanotepad_leaderboard_btf%2Fanotepad_leaderboard_btf&tk_flint=pbjs_lite_v7.19.0&x_source.tid=cb22335c-d278-403c-b7b5-2c912893127e%3B870da866-b3cc-4389-897e-9c88200c4ee5&l_pb_bid_id=16728a7ff6b5b30d%3B1684df6a64f48bb2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F15184186%2Fanotepad_leaderboard_atf%2Fanotepad_leaderboard_atf%3B%2F15184186%2Fanotepad_leaderboard_btf%2Fanotepad_leaderboard_btf&slots=2&rand=0.11500837615764459
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
627fb1d7694d9869a132649aaf77979f421ef71bb44937972e344eef80fc6d66

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:23 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://anotepad.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
log
qsearch-a.akamaihd.net/ 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=projectevents&project=prebid&acid=040e3867-e51c-4ad2-832c-0f1ea4b3131d&cid=&crid=539363375|539363375&adunit_count=2&dn=anotepad.com&requrl=https://anotepad.com/notes/32ay37df&istop=true&event=client_timeout&value=2&rd=1200
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
42.99.128.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-128-161.pacnet.net
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:24 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Mon, 07 Nov 2022 12:50:24 GMT
integrator.js
adservice.google.co.nz/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=anotepad.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=anotepad.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=967245702941916&correlator=1454151402568425&eid=31068458%2C31070683%2C31070742%2C31070232&output=ldjh&gdfp_req=1&vrg=2022110101&ptt=17&impl=fifs&iu_parts=15184186%3A21641952176%2Canotepad_adhesion&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=3&adks=1723632371&sfv=1-0-39&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26floors_id%3Dtimeout%26floors_hour%3D12%26floors_user%3D0%26fs_placementName%3Danotepad_adhesion%26fs_ad_product%3DstickyFooter%26fsbid%3D0&eri=1&cust_params=user-agent%3DChrome&sc=1&cookie=ID%3D39b5baa458c18c00%3AT%3D1667825420%3AS%3DALNI_Mb5SB_zKHLPE10idr1M4wz41ieD4w&gpic=UID%3D00000b772d25a617%3AT%3D1667825420%3ART%3D1667825420%3AS%3DALNI_MYyJwUMnzfsi3gcI5yyRUpCZRLZbw&abxe=1&dt=1667825422755&lmt=1667825422&dlt=1667825413834&idt=5497&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&frm=20&vis=1&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&psts=APxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=1744394758.1667825417&ga_sid=1667825420&ga_hid=974140358&ga_fc=true&a3p=EhkKCnB1YmNpZC5vcmcY6JuRkcUwSABSAghqEhQKBW9wZW54GNmUkZHFMEgAUgIIZBIZCgp1aWRhcGkuY29tGO6dkZHFMEgAUgIIbxIbCgxpZDUtc3luYy5jb20Y1aGRkcUwSABSAghq
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
50686ac2fd26f59c9275f2f099d25641b6bc1cf84316ae96c6643322dffc1401
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10181
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://anotepad.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.130.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 08 Nov 2022 12:50:24 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame E8CF
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com
URL: https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 07 Nov 2022 12:50:23 GMT
expires
Mon, 07 Nov 2022 12:50:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 07 Nov 2022 12:50:23 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
onetag-sys.com/match/ Frame C2A5
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=fecc6368-ff0f-4500-8782-ef9de7e74b2d&gdpr=1&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=fecc6368-ff0f-4500-8782-ef9de7e74b2d&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Mon, 07 Nov 2022 12:50:23 GMT
Server
MT3 4629 97bee97 master hkg-pixel-x17 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=fecc6368-ff0f-4500-8782-ef9de7e74b2d&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 07 Nov 2022 12:50:22 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame C2A5 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame C2A5
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1447531807871813638
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1447531807871813638
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:23 GMT
AN-X-Request-Uuid
498b29e9-219f-43d2-8529-7a48da93bab4
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1447531807871813638
Connection
keep-alive
X-Proxy-Origin
116.90.74.203; 116.90.74.203; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame C2A5 		42 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=O-oRwzYQXGzF4CzjnVUfTZF_ORQ-_KIBP5CDy2Y-4mU
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame C2A5
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhFIkVFQIvHwQxeXD8AhBIpA7_J48gCFk0g
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhFIkVFQIvHwQxeXD8AhBIpA7_J48gCFk0g
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Protocol
H2
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhFIkVFQIvHwQxeXD8AhBIpA7_J48gCFk0g
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame C2A5 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.53 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:22 GMT
content-length
0
/
onetag-sys.com/match/ Frame C2A5
Redirect Chain
  • https://id.rlcdn.com/711916.gif?ct=4&cv=
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCI_-o5sGEgUI6AcQAEIASgA
  • https://onetag-sys.com/match/?int_id=110&uid=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=110&uid=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

date
Mon, 07 Nov 2022 12:50:24 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://onetag-sys.com/match/?int_id=110&uid=
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ecm3
s.amazon-adsystem.com/ Frame C2A5
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=O-oRwzYQXGzF4CzjnVUfTZF_ORQ-_KIBP5CDy2Y-4mU
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=O-oRwzYQXGzF4CzjnVUfTZF_ORQ-_KIBP5CDy2Y-4mU
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:24 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2TX605BME8J5PB7Y1KSH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=O-oRwzYQXGzF4CzjnVUfTZF_ORQ-_KIBP5CDy2Y-4mU
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame C2A5 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:24 GMT
content-length
0
/
onetag-sys.com/match/ Frame C2A5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGcdp1OUF2PEfP25iwoW65M&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGcdp1OUF2PEfP25iwoW65M&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGcdp1OUF2PEfP25iwoW65M&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame C2A5 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.13.196 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:24 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame C2A5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=aecd6e24-a5c6-432b-b87d-76314db61f68&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=aecd6e24-a5c6-432b-b87d-76314db61f68&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:24 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=aecd6e24-a5c6-432b-b87d-76314db61f68&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
sync
x.bidswitch.net/ Frame C2A5 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 07 Nov 2022 12:50:25 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
setuid
s2s.t13.io/ Frame C2A5 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=onetag&gdpr=&gdpr_consent=&us_privacy=&f=b&uid=O-oRwzYQXGzF4CzjnVUfTZF_ORQ-_KIBP5CDy2Y-4mU
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:24 GMT
via
1.1 google
content-type
text/html
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
generate_204
tpc.googlesyndication.com/ Frame D1FD 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?9hyfkQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:23 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
um
cs.emxdgt.com/ Frame 3E73 		0
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.45.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-45-231.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://anotepad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
0
content-type
text/plain; charset=utf-8
date
Mon, 07 Nov 2022 12:50:23 GMT
server
awselb/2.0
container.html
126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 2F81 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://anotepad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 07 Nov 2022 12:50:20 GMT
expires
Tue, 07 Nov 2023 12:50:20 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
c
c.pub.network/ 		36 B
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.35.0.e0d13514c58243f74fadfae994357dea0b370718.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.110.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.110.160.34.bc.googleusercontent.com
Software
/
Resource Hash
0f0f3b998098773e2c44efc426ddf2389b690e652fee53b2dcc0686bc96cffd2

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 07 Nov 2022 12:50:23 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
pixel
googleads.g.doubleclick.net/xbbe/ Frame 014E 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CI27HBDml7T5Axj905fUATAB&v=APEucNXwzpAKbTiD3FoX5IrfjsCpmluUhei1ug7hV49Id8oPYiDb1-8ej9hypbKYJqFrNYb5B7OSlJzHzwbxZU2ybE7UOEYKlw
Requested by
Host: 126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com
URL: https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 07 Nov 2022 12:50:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 2F81 		80 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BBoEeO6ckTUL6JAQW8HnRlbYSVDgLbLwiwpFi8osEEMqbJ0cyX6ReGoTMts4d0Wf2H3fqSSYuSWnYtM0Hs3kArDnvMj8m0mN821-97Jfe7m7auoe0wzb8Kwb2JitmnYRiFtl4pJVUId-iyKY3LBevWxqumieoAO5BF8A7XzI5x8JCCUvcVC9xPXvyb7HXMSik8llWL&cry=1&dbm_d=AKAmf-CfPARrBeq90qbxPw_RbeJ_Ua7hE6--Z0use2KYswlyq3u-ESIc8wiNDcgLsVMuHau3CoP932u26SjwWNG4h-xoCKCtMlaOOOsEaloqa9u22I_8eE6zJ52Vp2Sc43_BWUEzpuTT-JtISKa7etRyn7DpyN8unjkvvFMS5uB9yhRd-FOTMhHfQ-mu6PhLQ6X1AvsEEp6g6aTekux15RoqPihh8OlkfOnFKke7EqkRTFX_u4U9wtBbORouXZzrQxW2zKpUAfsovttXUJomnUDNw28YFsZJq5B2bv2S9AGoUiREkNH_D3_F7OjPOtuyZ5sFLC-Bu1yRiVAmW5hImVwbKaAF2pswuV6lOkmqM1VlP_77QUT7QCF8lW1-_pc7uoNDgqynsvZXjOM38fJw8iUet4M1JPxeZUM-F1g16UkMyQ8JmYna_NGSPYgp4L5PUEThOGuXsd8PZp7NMov53AcCVHPuyXU5AZhwGSZoOXhA69RmwCDbMGAUFcY1Y9v9ui6gRYQz8Iz1NDsRL_Mb0QPF24NKEs1akhiH5UnwPXMm0OKnHI-CAP6sgT-LGDELcXVyxh3sp5ztYBq3zJ3F6VIuLt_r3AnClKdZRUGHF1FMF07_zkrW7YdVqIxGbRcdjF69qGGE4aLdeq6QZ_g2DCTLuFMv3vrRJxTYL-QT4HH_4rzdTEMX5CrFHIP8P8SBsQ1xVeEBnhsmaJ7n8KU4X3Wd3-X6GXQQyLyGCWux4nehZiiEXKMDCuvvfYkIN0xkzfpZazxOMii98x0vDv4D7j1wGcP4fAspY_NAfaO51zEEjzUgiqUye35gZabcIlxilrONwhVkOm95G9pnpbMrlotv7vQnRHryJ4sojxFzr-_bbIPC36pAiQN2EzM5U1RQSdmB4nJa2sU2voyqa8l7fxdPLNNiosKnt4JFLsysjXwaB46lhWYgw02jLPOqBaPbMgeYFNwEHvXuRKUN0v3srij7detoYcLqx08PefQy20-VJbDjgObM3jdL9UvYCXr4KIVVm-7zxIIqBv_wWdLYFe_L_k15bjhBXll_s79OzqOrrbaXpkiz43iG7lTAUwxZcyLm0TPVsXKjo1I_Gpg7JWTKickzh3PwqDWBcteaQIT7fypMS7btH-fymTiq068QGRWQO8RZkQ3vb3niZe7Mkro6mw58ifOhX4xlaW7MDGZvu9XencM6GBq33uB3c7oSIxHnRXh4FYhOVmL5OeFDRXO82cjlZhxTiL-MrVXSOEB49tJoO-K8ce0A_8Xq_b87ZLVATkQv9XkSqwjTC9dKlqSuPrmy_G0Aus4GxMp9xD9Fd3uXAOwPoLIGzJ1zCWmXJD98s-OSGBIjbG3nTQ804_uCASHt-jM_1XX1VnpYrMi8LfcjZJNkBloV2ymhFNJSbo3DU4dHRpIdQZMmEmXxdkGCE1EP0pnxrUJQeny0j203DHJXBigKQWUDAapU9lBUYrxtYCEBb4YV4zb0N1j1dSj2Q8tM8IJ3gEbR1z17Tqr3OvS4yRP_j5_qzr4_Z-btcHOR0yuLdbYFCaKMZGmb4QgaajP6cqwavavMKV1WdB89z7_eZ_X77SVbqjMM7KXl1HvQCgbC6Zng6oFueHzBB_8jB2UNfwaUBBDOj6DEjjpykMRD-PbR06DaEpqK12VBPdjgEF0fRONMCqii9mWDvAyydw6Nko9Rk_9L8UEN8gL6ve0_vA-3J5mcJd_kdcMTXgoYiiGookVdO-SMIsQyerKeRy1mmC-0xlD0WOZ-q2XYqQeebKX7HbWdqEOISg6ezqvZykg7byuo7NU3Vl0f8ZrMPjlbqyic1J5ifxoD-7QsKMFvqoGUA12lXKMVfuArYjsut28qu8yzSRCdAAdYPqyjYu82WOZ-QVtGmG_RK5e3gOEAnYUTKyuDboOLg5T2bWWq5IBdm8tLj4u0NqCXRlS44xXz2B_JnQHdV6wMz11gt_9Dx-Sw2TTclf-FMCzBOYs6MnzvPK_EoWVFjsIh3gXplYpDaeRozTs8Z_p0K-P36KKF2VtAq1zxAzYTk3QYeLsWjldpiptg8TcihQmbg1f0QPpf22KSZ5xfQDJkCgodHnapC57NmBHaKpa9MdZaw88vFw960jwFDl0qmkYWVipe4mtwe0YfeKZoraxiwsOyVYEHESknv_BIPefl96A-1T_CORbM0YM2_HU6iAQaxolcVQC28CRInyQx5r_q9Sj7Yy2VmvPEXH2rleZ5inrNB3f4MHqzovVEc2s3zDEoGUQTvjiWghPpKS--Dn4Gpg3COw8LOzsMWkhr263_VgB1OsaIu_A1ukJNeeoCM8XKL4jS7D-sXBgeon0ocvpaR4Ry3HFISItkQcvMy9IBQ91wQ9BE8NPfAtsQViWX9KmRFjha6Yd1TY6KCV3SnLaZo_0TeMxOExNRwGLrN6EZ7EfakRq3Ze2qJmKq2-_ZoOKs5UlwdYGSJwQXIfMSQShxBjeSYAJYVGAD7reGBoKnwsAcaAGLpUQqXmAZ6kRnhndYG1BLBuokm_S2Mb1qPkFfpnndT0Vx205XJqwbxmPpp2pk90dxvDKNn9Zu0ax20JH4x1XcE0J39RSOv-vKqirqxSV0VCy7vNETGig48jVbPkF5sixfV2mhagXZ8n1mz0l-fnP-31hcLrVwiG5GdG6jt8hjimrWJSDPmcvefCQD2Y4V1TJAVB0_e5CMxOKARNrt2NRzhl9dI5L6gFA57We9Rd09opfQZeN3EK1JMqETVxjbMbP3_5TdhAH_DtVqu5-EyVbox58zzkVKK7n30LrjeXdRMddAWfZaseMer98_8ARP0DXRa-GfGz-SWCR5P_7XUbs41Hvx7nPAuU1KiURjCPj2k0CovDw1UulK63c52lbtBCMHQumqxuuRVecolUVoDiDN-PLCXkkO7wp9RsoR-vTQmXvePPBiCQRSQthbB0zxtw_u-n_6vc7iu2f-vDPbylY0eRnvrk0FfFYegslXffcWA-2Z-1Q_99kBcyWruqanN1xiFBtr7oyDn8MxVHYKPn9XOBvN94-5pUXoJqrNTzyMl4IGGN_ohC4yRw0-eYCPUhhkxMio_D3PExD5rxCMlwoZj4qZM2JpbYbsPs1RY2OxP6EugAgIiZw8HNTxxXQVEqoz_dzD_Lw0iC1YWR42nbOPvfWaxccTv0eCHFX0UHP5HDDKCnDqZRzWZPO20I8VeyQlDsVDJf3ExJsIfLhbbzPBw184uxYzarkGMlaipT3dhrlbQHfMKWWlzsw_nBdXdN_Y_x8kFaKYzu3DSUIvCU7b8Z-2l8elBaHorVSDCLZ0zK-ZcK32vKa7-1tJKPXjrzeMgki98XmX2-E37Pi1ADCRNkI-bDAKt-uvUhGZUCvy-JNqXRgUyjfe0ALgy6OzyHWVkt-UQwNxAVivoWTZfj1c4kf_F8Au5MmBHCYhq1cwslWea89Dw3cu_5u3soiN-BXCX18QazIZ&cid=CAQSOwDq26N9jnVh0K0RzDFri3phks2npsPOcRYFFRb7m6_XCGsRq9JUOE5vNfW95syPKnz0TqtRJazxd9L6GAEgDg&rfl=1%2Chttps%253A%252F%252Fanotepad.com%252F%240
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
8424b4bf4e834f2a02cb806736c6f233efe100be5debe5d40200932e2b5d4dac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34407
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F81 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D05AxPQYjjjeUV03Q0EgtTSCPPeKCC57T5rPdUDlwTJohl8hVhBKxvLAHnIlOH3Ke49ABQ017CACZQGyCkSSQLbm_Ki9ltQAYAfiRuv2X2gAUUxQI
Requested by
Host: 126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com
URL: https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 2F81 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js
Requested by
Host: 126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com
URL: https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 14:33:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
80207
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 20 Nov 2022 14:33:36 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 2F81 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com
URL: https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 14:33:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
80207
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7305
x-xss-protection
0
server
cafe
etag
12747696668401323709
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 20 Nov 2022 14:33:36 GMT
l
www.google.com/ads/measurement/ Frame 2F81 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ_WyRR7ojKzhnRcgTIKxQeW70kx3tr-eAadIJbL3ZbnO9FTADaAKuLxtEz6qJH-T3rocGR0sq18hjHlsB8qgEgQORHUw
Requested by
Host: 126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com
URL: https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f103.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2F81 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com
URL: https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
sffe /
Resource Hash
c96507386689e69f6112a5d0a91ea851a260e5c023642dc374a8489271f53246
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48204
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667489865617883"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 07 Nov 2022 12:50:24 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022110101&jk=967245702941916&bg=!MjGlMXXNAAZPh4lnb4c7ACkAdvg8Wgn6E_CQjaBAZxz_2DXX_g1LhsLxS3tl1R6LfY3ljKXyK80NGgIAAAB8UgAAAARoAQcKAEcIZiwE0aAYlsfInBxdytDNl1qdTQCQ92ickXG-HnNV8umbWTNch8BozAQrQSlMzY1SeXOgafARp2jbbo-OqKEiKS4-AJHAHZkClsFTsuwc80EYW1mUrRggqkOGnpAMZnVE-00Be7b1PRk32dIsgqCuAH_VdfI9Qthn8PHQD0fmGSdpNimwqJlbE63k3nR_AWYcClAOvYW5jzOhcg58SebTFyWFxh8QtfINByTnfTWkzHstfjOCiVKZ2E7K80yC24DozzlmN6frTT1x4sv4y5Ec6RJIMwvehIuZS92FC0C1b2VLWs-rGU816QgIDl48VmILDz_34xeqkUNLwkP0-rQ1BJX7yCmhfqH4HnDVnN5zkANev8AD8ovzx3K2vHo0qKCWhoGamcHktXV3jIjZzzOY1Q2hAa-KpWoN6GW3Awj9z3D-I7GwIq-yEnWGLOP80s7ByvVpYLQOvrRQayQi4ToL7y5vssL-jXF6TeXgdStQoWlqqySj9kRrUh_teg35qszu9HGG4j4do78_A0W_PeGjvYCrQlOOejC1uvAxw-IwHaeNjYaHhZL6nI05G2h8s6ZpwBaRAGa3FuvEAnBQkwQ3afLtByN4GAu2kyQ3t6_XhSzFQO3kxvCjOGqZX21lUvntK63FsFFNohQA9OJTx-HL2PM8Tiw_ATpNEnnPA38lJSevhujyaN3Wn9oRaiFV697y_Szu5mj2Zmo2U6uQzw8I4Hk1aM8TFzv3R5u29WCKDA9ppMAuchINMEdHIYaudgXs9yPxcecIdbDKjg6XleSkeJ-Z_e7-nX4BRnlk1FM-kzlZ3x2U7uNQWDFAYMghnQUdeycQSzfOzDT-zJF7g_tmqgh9Sfa004HgphR1n4LnZNCWYMMXJz1myjmiOL0JD_K4ur00meaIkX78Ih4S3gB5-ALoBawhjnY8tUf8NKwZ03lTNJeQjKFlcu1NmzkPjME5K86n0fVvrxK_rg1y4j1R
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
integrator.js
adservice.google.co.nz/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=anotepad.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=anotepad.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_paw&pvsid=967245702941916&vrg=2022110101&nw_id=15184186%5C%2C21641952176&nslots=5&eid=31068458%2C31070683%2C31070742%2C31070232&pub_url=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&sig=0&req=0&req_cnt=4&dm=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=967245702941916&correlator=1454151402568425&eid=31068458%2C31070683%2C31070742%2C31070232&output=ldjh&gdfp_req=1&vrg=2022110101&ptt=17&impl=fifs&iu_parts=15184186%3A21641952176%2Canotepad_leaderboard_atf%2Canotepad_leaderboard_btf&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%7C970x90%7C300x250%7C970x250%7C336x280%2C728x90%7C970x90%7C300x250%7C970x250%7C336x280&ifi=4&adks=610960399%2C677789411&sfv=1-0-39&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26floors_id%3Dtimeout%26floors_hour%3D12%26floors_user%3D0%26fs_placementName%3Danotepad_leaderboard_atf%26fs_ad_product%3Dbanner%26fsbid%3Dtimeout%26fspbg%3Dfreestar%26auctionId%3D36014845-350e-467d-958f-d3e2eee61f8e%26freestar_path%3D%252Fnotes%252F32ay37df%26freestar_domain%3Danotepad.com%26custom_bidder_size%3Dappnexus_970x90%26hb_format%3Dbanner%26hb_size%3D970x90%26hb_pb%3D0.21%26hb_adid%3D170a6f56d21963c3%26hb_bidder%3Dappnexus%7Cfsrefresh%3D0%26fsrebid%3D0%26floors_id%3Dtimeout%26floors_hour%3D12%26floors_user%3D0%26fs_placementName%3Danotepad_leaderboard_btf%26fs_ad_product%3Dbanner%26fsbid%3Dtimeout%26fspbg%3Dfreestar%26auctionId%3D36014845-350e-467d-958f-d3e2eee61f8e%26freestar_path%3D%252Fnotes%252F32ay37df%26freestar_domain%3Danotepad.com%26custom_bidder_size%3Dappnexus_300x250%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.23%26hb_adid%3D171d61694d3acafc%26hb_bidder%3Dappnexus&eri=1&cust_params=user-agent%3DChrome&sc=1&cookie=ID%3D39b5baa458c18c00%3AT%3D1667825420%3AS%3DALNI_Mb5SB_zKHLPE10idr1M4wz41ieD4w&gpic=UID%3D00000b772d25a617%3AT%3D1667825420%3ART%3D1667825420%3AS%3DALNI_MYyJwUMnzfsi3gcI5yyRUpCZRLZbw&abxe=1&dt=1667825423627&lmt=1667825423&dlt=1667825413834&idt=5497&adxs=436%2C436&adys=339%2C1272&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C2&ucis=4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&frm=20&vis=1&psz=1115x280%7C1115x280&msz=1115x-1%7C1115x-1&fws=4%2C4&ohw=1115%2C1115&psts=APxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=1744394758.1667825417&ga_sid=1667825420&ga_hid=974140358&ga_fc=true&a3p=EhkKCnB1YmNpZC5vcmcY6JuRkcUwSABSAghqEhQKBW9wZW54GNmUkZHFMEgAUgIIZBIZCgp1aWRhcGkuY29tGO6dkZHFMEgAUgIIbxIbCgxpZDUtc3luYy5jb20Y1aGRkcUwSABSAghq
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
6a01cc8046306e9d3b8a28525bbfc6b6f7d595ea2c3fa34acf2568fb0b7a5487
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9668
x-xss-protection
0
google-lineitem-id
-2,5335159859
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,138307543354
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://anotepad.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 014E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN4SQa1OALnhuyPoYIq7Y6w&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN4SQa1OALnhuyPoYIq7Y6w&google_cver=1&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN4SQa1OALnhuyPoYIq7Y6w&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI27HBDml7T5Axj905fUATAB&v=APEucNXwzpAKbTiD3FoX5IrfjsCpmluUhei1ug7hV49Id8oPYiDb1-8ej9hypbKYJqFrNYb5B7OSlJzHzwbxZU2ybE7UOEYKlw
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:24 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEN4SQa1OALnhuyPoYIq7Y6w&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 014E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y2j-ELQHPsPZv3bjUYpljgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN4SQa1OALnhuyPoYIq7Y6w&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN4SQa1OALnhuyPoYIq7Y6w&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI27HBDml7T5Axj905fUATAB&v=APEucNXwzpAKbTiD3FoX5IrfjsCpmluUhei1ug7hV49Id8oPYiDb1-8ej9hypbKYJqFrNYb5B7OSlJzHzwbxZU2ybE7UOEYKlw
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN4SQa1OALnhuyPoYIq7Y6w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 014E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECeXAXz8Yj0kXQwAAaBwdcs&google_cver=1
43 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESECeXAXz8Yj0kXQwAAaBwdcs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI27HBDml7T5Axj905fUATAB&v=APEucNXwzpAKbTiD3FoX5IrfjsCpmluUhei1ug7hV49Id8oPYiDb1-8ej9hypbKYJqFrNYb5B7OSlJzHzwbxZU2ybE7UOEYKlw
Protocol
HTTP/1.1
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:24 GMT
AN-X-Request-Uuid
6c16ae36-0b0b-4a75-b846-22500298bf15
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.203; 116.90.74.203; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESECeXAXz8Yj0kXQwAAaBwdcs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 014E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ0NzUzMTgwNzg3MTgxMzYzOA%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ0NzUzMTgwNzg3MTgxMzYzOA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI27HBDml7T5Axj905fUATAB&v=APEucNXwzpAKbTiD3FoX5IrfjsCpmluUhei1ug7hV49Id8oPYiDb1-8ej9hypbKYJqFrNYb5B7OSlJzHzwbxZU2ybE7UOEYKlw
Protocol
H2
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:23 GMT
AN-X-Request-Uuid
8ebb7522-3de0-4905-b6d7-9286ff89541f
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ0NzUzMTgwNzg3MTgxMzYzOA%3D%3D
Connection
keep-alive
X-Proxy-Origin
116.90.74.203; 116.90.74.203; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 2F81 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/
Origin
https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:39:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
652
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 12:39:32 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221027/r20110914/elements/html/ Frame 2F81 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221027/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BBoEeO6ckTUL6JAQW8HnRlbYSVDgLbLwiwpFi8osEEMqbJ0cyX6ReGoTMts4d0Wf2H3fqSSYuSWnYtM0Hs3kArDnvMj8m0mN821-97Jfe7m7auoe0wzb8Kwb2JitmnYRiFtl4pJVUId-iyKY3LBevWxqumieoAO5BF8A7XzI5x8JCCUvcVC9xPXvyb7HXMSik8llWL&cry=1&dbm_d=AKAmf-CfPARrBeq90qbxPw_RbeJ_Ua7hE6--Z0use2KYswlyq3u-ESIc8wiNDcgLsVMuHau3CoP932u26SjwWNG4h-xoCKCtMlaOOOsEaloqa9u22I_8eE6zJ52Vp2Sc43_BWUEzpuTT-JtISKa7etRyn7DpyN8unjkvvFMS5uB9yhRd-FOTMhHfQ-mu6PhLQ6X1AvsEEp6g6aTekux15RoqPihh8OlkfOnFKke7EqkRTFX_u4U9wtBbORouXZzrQxW2zKpUAfsovttXUJomnUDNw28YFsZJq5B2bv2S9AGoUiREkNH_D3_F7OjPOtuyZ5sFLC-Bu1yRiVAmW5hImVwbKaAF2pswuV6lOkmqM1VlP_77QUT7QCF8lW1-_pc7uoNDgqynsvZXjOM38fJw8iUet4M1JPxeZUM-F1g16UkMyQ8JmYna_NGSPYgp4L5PUEThOGuXsd8PZp7NMov53AcCVHPuyXU5AZhwGSZoOXhA69RmwCDbMGAUFcY1Y9v9ui6gRYQz8Iz1NDsRL_Mb0QPF24NKEs1akhiH5UnwPXMm0OKnHI-CAP6sgT-LGDELcXVyxh3sp5ztYBq3zJ3F6VIuLt_r3AnClKdZRUGHF1FMF07_zkrW7YdVqIxGbRcdjF69qGGE4aLdeq6QZ_g2DCTLuFMv3vrRJxTYL-QT4HH_4rzdTEMX5CrFHIP8P8SBsQ1xVeEBnhsmaJ7n8KU4X3Wd3-X6GXQQyLyGCWux4nehZiiEXKMDCuvvfYkIN0xkzfpZazxOMii98x0vDv4D7j1wGcP4fAspY_NAfaO51zEEjzUgiqUye35gZabcIlxilrONwhVkOm95G9pnpbMrlotv7vQnRHryJ4sojxFzr-_bbIPC36pAiQN2EzM5U1RQSdmB4nJa2sU2voyqa8l7fxdPLNNiosKnt4JFLsysjXwaB46lhWYgw02jLPOqBaPbMgeYFNwEHvXuRKUN0v3srij7detoYcLqx08PefQy20-VJbDjgObM3jdL9UvYCXr4KIVVm-7zxIIqBv_wWdLYFe_L_k15bjhBXll_s79OzqOrrbaXpkiz43iG7lTAUwxZcyLm0TPVsXKjo1I_Gpg7JWTKickzh3PwqDWBcteaQIT7fypMS7btH-fymTiq068QGRWQO8RZkQ3vb3niZe7Mkro6mw58ifOhX4xlaW7MDGZvu9XencM6GBq33uB3c7oSIxHnRXh4FYhOVmL5OeFDRXO82cjlZhxTiL-MrVXSOEB49tJoO-K8ce0A_8Xq_b87ZLVATkQv9XkSqwjTC9dKlqSuPrmy_G0Aus4GxMp9xD9Fd3uXAOwPoLIGzJ1zCWmXJD98s-OSGBIjbG3nTQ804_uCASHt-jM_1XX1VnpYrMi8LfcjZJNkBloV2ymhFNJSbo3DU4dHRpIdQZMmEmXxdkGCE1EP0pnxrUJQeny0j203DHJXBigKQWUDAapU9lBUYrxtYCEBb4YV4zb0N1j1dSj2Q8tM8IJ3gEbR1z17Tqr3OvS4yRP_j5_qzr4_Z-btcHOR0yuLdbYFCaKMZGmb4QgaajP6cqwavavMKV1WdB89z7_eZ_X77SVbqjMM7KXl1HvQCgbC6Zng6oFueHzBB_8jB2UNfwaUBBDOj6DEjjpykMRD-PbR06DaEpqK12VBPdjgEF0fRONMCqii9mWDvAyydw6Nko9Rk_9L8UEN8gL6ve0_vA-3J5mcJd_kdcMTXgoYiiGookVdO-SMIsQyerKeRy1mmC-0xlD0WOZ-q2XYqQeebKX7HbWdqEOISg6ezqvZykg7byuo7NU3Vl0f8ZrMPjlbqyic1J5ifxoD-7QsKMFvqoGUA12lXKMVfuArYjsut28qu8yzSRCdAAdYPqyjYu82WOZ-QVtGmG_RK5e3gOEAnYUTKyuDboOLg5T2bWWq5IBdm8tLj4u0NqCXRlS44xXz2B_JnQHdV6wMz11gt_9Dx-Sw2TTclf-FMCzBOYs6MnzvPK_EoWVFjsIh3gXplYpDaeRozTs8Z_p0K-P36KKF2VtAq1zxAzYTk3QYeLsWjldpiptg8TcihQmbg1f0QPpf22KSZ5xfQDJkCgodHnapC57NmBHaKpa9MdZaw88vFw960jwFDl0qmkYWVipe4mtwe0YfeKZoraxiwsOyVYEHESknv_BIPefl96A-1T_CORbM0YM2_HU6iAQaxolcVQC28CRInyQx5r_q9Sj7Yy2VmvPEXH2rleZ5inrNB3f4MHqzovVEc2s3zDEoGUQTvjiWghPpKS--Dn4Gpg3COw8LOzsMWkhr263_VgB1OsaIu_A1ukJNeeoCM8XKL4jS7D-sXBgeon0ocvpaR4Ry3HFISItkQcvMy9IBQ91wQ9BE8NPfAtsQViWX9KmRFjha6Yd1TY6KCV3SnLaZo_0TeMxOExNRwGLrN6EZ7EfakRq3Ze2qJmKq2-_ZoOKs5UlwdYGSJwQXIfMSQShxBjeSYAJYVGAD7reGBoKnwsAcaAGLpUQqXmAZ6kRnhndYG1BLBuokm_S2Mb1qPkFfpnndT0Vx205XJqwbxmPpp2pk90dxvDKNn9Zu0ax20JH4x1XcE0J39RSOv-vKqirqxSV0VCy7vNETGig48jVbPkF5sixfV2mhagXZ8n1mz0l-fnP-31hcLrVwiG5GdG6jt8hjimrWJSDPmcvefCQD2Y4V1TJAVB0_e5CMxOKARNrt2NRzhl9dI5L6gFA57We9Rd09opfQZeN3EK1JMqETVxjbMbP3_5TdhAH_DtVqu5-EyVbox58zzkVKK7n30LrjeXdRMddAWfZaseMer98_8ARP0DXRa-GfGz-SWCR5P_7XUbs41Hvx7nPAuU1KiURjCPj2k0CovDw1UulK63c52lbtBCMHQumqxuuRVecolUVoDiDN-PLCXkkO7wp9RsoR-vTQmXvePPBiCQRSQthbB0zxtw_u-n_6vc7iu2f-vDPbylY0eRnvrk0FfFYegslXffcWA-2Z-1Q_99kBcyWruqanN1xiFBtr7oyDn8MxVHYKPn9XOBvN94-5pUXoJqrNTzyMl4IGGN_ohC4yRw0-eYCPUhhkxMio_D3PExD5rxCMlwoZj4qZM2JpbYbsPs1RY2OxP6EugAgIiZw8HNTxxXQVEqoz_dzD_Lw0iC1YWR42nbOPvfWaxccTv0eCHFX0UHP5HDDKCnDqZRzWZPO20I8VeyQlDsVDJf3ExJsIfLhbbzPBw184uxYzarkGMlaipT3dhrlbQHfMKWWlzsw_nBdXdN_Y_x8kFaKYzu3DSUIvCU7b8Z-2l8elBaHorVSDCLZ0zK-ZcK32vKa7-1tJKPXjrzeMgki98XmX2-E37Pi1ADCRNkI-bDAKt-uvUhGZUCvy-JNqXRgUyjfe0ALgy6OzyHWVkt-UQwNxAVivoWTZfj1c4kf_F8Au5MmBHCYhq1cwslWea89Dw3cu_5u3soiN-BXCX18QazIZ&cid=CAQSOwDq26N9jnVh0K0RzDFri3phks2npsPOcRYFFRb7m6_XCGsRq9JUOE5vNfW95syPKnz0TqtRJazxd9L6GAEgDg&rfl=1%2Chttps%253A%252F%252Fanotepad.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
d4fd99fb81b7a54dde7ec7af98a536d555323b8c4445005fd82aeaa0351c975c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:46:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
208
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2990
x-xss-protection
0
server
cafe
etag
2274832811029412562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Nov 2022 12:46:56 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221027/r20110914/ Frame 2F81 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221027/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BBoEeO6ckTUL6JAQW8HnRlbYSVDgLbLwiwpFi8osEEMqbJ0cyX6ReGoTMts4d0Wf2H3fqSSYuSWnYtM0Hs3kArDnvMj8m0mN821-97Jfe7m7auoe0wzb8Kwb2JitmnYRiFtl4pJVUId-iyKY3LBevWxqumieoAO5BF8A7XzI5x8JCCUvcVC9xPXvyb7HXMSik8llWL&cry=1&dbm_d=AKAmf-CfPARrBeq90qbxPw_RbeJ_Ua7hE6--Z0use2KYswlyq3u-ESIc8wiNDcgLsVMuHau3CoP932u26SjwWNG4h-xoCKCtMlaOOOsEaloqa9u22I_8eE6zJ52Vp2Sc43_BWUEzpuTT-JtISKa7etRyn7DpyN8unjkvvFMS5uB9yhRd-FOTMhHfQ-mu6PhLQ6X1AvsEEp6g6aTekux15RoqPihh8OlkfOnFKke7EqkRTFX_u4U9wtBbORouXZzrQxW2zKpUAfsovttXUJomnUDNw28YFsZJq5B2bv2S9AGoUiREkNH_D3_F7OjPOtuyZ5sFLC-Bu1yRiVAmW5hImVwbKaAF2pswuV6lOkmqM1VlP_77QUT7QCF8lW1-_pc7uoNDgqynsvZXjOM38fJw8iUet4M1JPxeZUM-F1g16UkMyQ8JmYna_NGSPYgp4L5PUEThOGuXsd8PZp7NMov53AcCVHPuyXU5AZhwGSZoOXhA69RmwCDbMGAUFcY1Y9v9ui6gRYQz8Iz1NDsRL_Mb0QPF24NKEs1akhiH5UnwPXMm0OKnHI-CAP6sgT-LGDELcXVyxh3sp5ztYBq3zJ3F6VIuLt_r3AnClKdZRUGHF1FMF07_zkrW7YdVqIxGbRcdjF69qGGE4aLdeq6QZ_g2DCTLuFMv3vrRJxTYL-QT4HH_4rzdTEMX5CrFHIP8P8SBsQ1xVeEBnhsmaJ7n8KU4X3Wd3-X6GXQQyLyGCWux4nehZiiEXKMDCuvvfYkIN0xkzfpZazxOMii98x0vDv4D7j1wGcP4fAspY_NAfaO51zEEjzUgiqUye35gZabcIlxilrONwhVkOm95G9pnpbMrlotv7vQnRHryJ4sojxFzr-_bbIPC36pAiQN2EzM5U1RQSdmB4nJa2sU2voyqa8l7fxdPLNNiosKnt4JFLsysjXwaB46lhWYgw02jLPOqBaPbMgeYFNwEHvXuRKUN0v3srij7detoYcLqx08PefQy20-VJbDjgObM3jdL9UvYCXr4KIVVm-7zxIIqBv_wWdLYFe_L_k15bjhBXll_s79OzqOrrbaXpkiz43iG7lTAUwxZcyLm0TPVsXKjo1I_Gpg7JWTKickzh3PwqDWBcteaQIT7fypMS7btH-fymTiq068QGRWQO8RZkQ3vb3niZe7Mkro6mw58ifOhX4xlaW7MDGZvu9XencM6GBq33uB3c7oSIxHnRXh4FYhOVmL5OeFDRXO82cjlZhxTiL-MrVXSOEB49tJoO-K8ce0A_8Xq_b87ZLVATkQv9XkSqwjTC9dKlqSuPrmy_G0Aus4GxMp9xD9Fd3uXAOwPoLIGzJ1zCWmXJD98s-OSGBIjbG3nTQ804_uCASHt-jM_1XX1VnpYrMi8LfcjZJNkBloV2ymhFNJSbo3DU4dHRpIdQZMmEmXxdkGCE1EP0pnxrUJQeny0j203DHJXBigKQWUDAapU9lBUYrxtYCEBb4YV4zb0N1j1dSj2Q8tM8IJ3gEbR1z17Tqr3OvS4yRP_j5_qzr4_Z-btcHOR0yuLdbYFCaKMZGmb4QgaajP6cqwavavMKV1WdB89z7_eZ_X77SVbqjMM7KXl1HvQCgbC6Zng6oFueHzBB_8jB2UNfwaUBBDOj6DEjjpykMRD-PbR06DaEpqK12VBPdjgEF0fRONMCqii9mWDvAyydw6Nko9Rk_9L8UEN8gL6ve0_vA-3J5mcJd_kdcMTXgoYiiGookVdO-SMIsQyerKeRy1mmC-0xlD0WOZ-q2XYqQeebKX7HbWdqEOISg6ezqvZykg7byuo7NU3Vl0f8ZrMPjlbqyic1J5ifxoD-7QsKMFvqoGUA12lXKMVfuArYjsut28qu8yzSRCdAAdYPqyjYu82WOZ-QVtGmG_RK5e3gOEAnYUTKyuDboOLg5T2bWWq5IBdm8tLj4u0NqCXRlS44xXz2B_JnQHdV6wMz11gt_9Dx-Sw2TTclf-FMCzBOYs6MnzvPK_EoWVFjsIh3gXplYpDaeRozTs8Z_p0K-P36KKF2VtAq1zxAzYTk3QYeLsWjldpiptg8TcihQmbg1f0QPpf22KSZ5xfQDJkCgodHnapC57NmBHaKpa9MdZaw88vFw960jwFDl0qmkYWVipe4mtwe0YfeKZoraxiwsOyVYEHESknv_BIPefl96A-1T_CORbM0YM2_HU6iAQaxolcVQC28CRInyQx5r_q9Sj7Yy2VmvPEXH2rleZ5inrNB3f4MHqzovVEc2s3zDEoGUQTvjiWghPpKS--Dn4Gpg3COw8LOzsMWkhr263_VgB1OsaIu_A1ukJNeeoCM8XKL4jS7D-sXBgeon0ocvpaR4Ry3HFISItkQcvMy9IBQ91wQ9BE8NPfAtsQViWX9KmRFjha6Yd1TY6KCV3SnLaZo_0TeMxOExNRwGLrN6EZ7EfakRq3Ze2qJmKq2-_ZoOKs5UlwdYGSJwQXIfMSQShxBjeSYAJYVGAD7reGBoKnwsAcaAGLpUQqXmAZ6kRnhndYG1BLBuokm_S2Mb1qPkFfpnndT0Vx205XJqwbxmPpp2pk90dxvDKNn9Zu0ax20JH4x1XcE0J39RSOv-vKqirqxSV0VCy7vNETGig48jVbPkF5sixfV2mhagXZ8n1mz0l-fnP-31hcLrVwiG5GdG6jt8hjimrWJSDPmcvefCQD2Y4V1TJAVB0_e5CMxOKARNrt2NRzhl9dI5L6gFA57We9Rd09opfQZeN3EK1JMqETVxjbMbP3_5TdhAH_DtVqu5-EyVbox58zzkVKK7n30LrjeXdRMddAWfZaseMer98_8ARP0DXRa-GfGz-SWCR5P_7XUbs41Hvx7nPAuU1KiURjCPj2k0CovDw1UulK63c52lbtBCMHQumqxuuRVecolUVoDiDN-PLCXkkO7wp9RsoR-vTQmXvePPBiCQRSQthbB0zxtw_u-n_6vc7iu2f-vDPbylY0eRnvrk0FfFYegslXffcWA-2Z-1Q_99kBcyWruqanN1xiFBtr7oyDn8MxVHYKPn9XOBvN94-5pUXoJqrNTzyMl4IGGN_ohC4yRw0-eYCPUhhkxMio_D3PExD5rxCMlwoZj4qZM2JpbYbsPs1RY2OxP6EugAgIiZw8HNTxxXQVEqoz_dzD_Lw0iC1YWR42nbOPvfWaxccTv0eCHFX0UHP5HDDKCnDqZRzWZPO20I8VeyQlDsVDJf3ExJsIfLhbbzPBw184uxYzarkGMlaipT3dhrlbQHfMKWWlzsw_nBdXdN_Y_x8kFaKYzu3DSUIvCU7b8Z-2l8elBaHorVSDCLZ0zK-ZcK32vKa7-1tJKPXjrzeMgki98XmX2-E37Pi1ADCRNkI-bDAKt-uvUhGZUCvy-JNqXRgUyjfe0ALgy6OzyHWVkt-UQwNxAVivoWTZfj1c4kf_F8Au5MmBHCYhq1cwslWea89Dw3cu_5u3soiN-BXCX18QazIZ&cid=CAQSOwDq26N9jnVh0K0RzDFri3phks2npsPOcRYFFRb7m6_XCGsRq9JUOE5vNfW95syPKnz0TqtRJazxd9L6GAEgDg&rfl=1%2Chttps%253A%252F%252Fanotepad.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
ac32377ae624ac720172de6cd59d7fad67c0c78fe658c7a7b2b43be14b9d74ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:46:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
208
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11484
x-xss-protection
0
server
cafe
etag
16485072225624805710
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Nov 2022 12:46:56 GMT
iframe
mantodea.mantisadnetwork.com/prebid/ Frame F080 		257 B
494 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1667825422608&secure=true&version=9&uuid=bbbd2e19-9bb4-41d0-8975-3079e1f0287a&title=Flight%20ticket%20price%20from%20Tehran%20to%20Najaf%20-%20Online%20Notepad&url=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.80.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-80-64.compute-1.amazonaws.com
Software
/ Express
Resource Hash
dd529a89ac4b7c0a162934abb5dda7432d8cb15f0c2bd59e9976d987231ecfd1

Request headers

Referer
https://anotepad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
cache-control
private, no-cache, no-store, must-revalidate
content-length
257
content-type
text/html; charset=utf-8
date
Mon, 07 Nov 2022 12:50:24 GMT
etag
W/"101-Hu0B1c4EgfholRLGQZef+1gCeik"
expires
-1
pragma
no-cache
vary
Origin
x-powered-by
Express
check.html
biddr.brealtime.com/ Frame A19C 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer
https://anotepad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Age
5056
CF-Cache-Status
HIT
CF-RAY
766631c6a95ba7f9-SYD
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 07 Nov 2022 12:50:24 GMT
Expires
Mon, 07 Nov 2022 13:50:24 GMT
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
hBny3dQwaxMa+1fmn2Nt1DfKF2TuuuXz8OD+IoRvfliNxdVlPrJgtFyxzdha/jjgg6QvCqFJOTM=
x-amz-request-id
XGQ25FMVZ911KT7H
check.html
biddr.brealtime.com/ Frame 87F4 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer
https://anotepad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Age
5669
CF-Cache-Status
HIT
CF-RAY
766631c6a930dfb5-SYD
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 07 Nov 2022 12:50:24 GMT
Expires
Mon, 07 Nov 2022 13:50:24 GMT
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
XqOHuLIkNSYu7C5jCKJJ34T9RvQUHyL+gCwletE9OBd9IyGlM+X671bCk+gt1rDyByQGLxm3yuI=
x-amz-request-id
RZCJ8C572VHYN5YD
async_usersync.html
acdn.adnxs.com/dmp/ Frame A2CF 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.183 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-183.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://anotepad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 07 Nov 2022 12:50:24 GMT
ETag
"623de86a-cf34"
Expires
Tue, 08 Nov 2022 12:50:26 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 194C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.183 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-183.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://anotepad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 07 Nov 2022 12:50:24 GMT
ETag
"623de86a-cf34"
Expires
Tue, 08 Nov 2022 12:50:26 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
pd
jp-u.openx.net/w/1.0/ Frame 35E5 		825 B
779 B 		Document
General
Check archive.org
Download Go to
Full URL
https://jp-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
ab4b6f1b78cdb8006a9fb699606f009babd4613be85041eec986fe7bc7b3ae08

Request headers

Referer
https://anotepad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
460
content-type
text/html
date
Mon, 07 Nov 2022 12:50:24 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CD99 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://anotepad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=43750
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 07 Nov 2022 12:50:24 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 08 Nov 2022 00:59:34 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame EBAF 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://anotepad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 07 Nov 2022 12:50:24 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
iframe
mantodea.mantisadnetwork.com/prebid/ Frame BA99 		257 B
494 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1667825423174&secure=true&version=9&uuid=bbbd2e19-9bb4-41d0-8975-3079e1f0287a&title=Flight%20ticket%20price%20from%20Tehran%20to%20Najaf%20-%20Online%20Notepad&url=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.80.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-80-64.compute-1.amazonaws.com
Software
/ Express
Resource Hash
dd529a89ac4b7c0a162934abb5dda7432d8cb15f0c2bd59e9976d987231ecfd1

Request headers

Referer
https://anotepad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
cache-control
private, no-cache, no-store, must-revalidate
content-length
257
content-type
text/html; charset=utf-8
date
Mon, 07 Nov 2022 12:50:24 GMT
etag
W/"101-Hu0B1c4EgfholRLGQZef+1gCeik"
expires
-1
pragma
no-cache
vary
Origin
x-powered-by
Express
pbcas
ads.yieldmo.com/ Frame 23F8 		728 B
825 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.9.69 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-9-69.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
a685fab61803ff97f4a1e0b570ef3adfe9688670d96c86f25864fb6ba64b08ba

Request headers

Referer
https://anotepad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Mon, 07 Nov 2022 12:50:24 GMT
pragma
no-cache
vary
accept-encoding
pbcas
ads.yieldmo.com/ Frame E110 		750 B
841 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.9.69 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-9-69.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
c25b1b927e6423cbea6f83f9b47770117c8ceb0aaab6ecec85c43bfddd46d0d6

Request headers

Referer
https://anotepad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Mon, 07 Nov 2022 12:50:24 GMT
pragma
no-cache
vary
accept-encoding
ixmatch.html
js-sec.indexww.com/um/ Frame F54C 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://anotepad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
844
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
766631c6bd4ea94a-SYD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 07 Nov 2022 12:50:24 GMT
expires
Mon, 07 Nov 2022 16:50:24 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 911F 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://anotepad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
844
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
766631c6bd51a94a-SYD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 07 Nov 2022 12:50:24 GMT
expires
Mon, 07 Nov 2022 16:50:24 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usersync.html
cdn.undertone.com/js/ Frame 040F 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-55.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
648fc80b8c1782160d9670352167f863d2ee3e41bc74bab4b18f879608c8f053

Request headers

Referer
https://anotepad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
39652
content-encoding
gzip
content-type
text/html
date
Mon, 07 Nov 2022 01:49:33 GMT
etag
W/"3964ef429b3da12f98efda23275cd096"
last-modified
Mon, 31 Oct 2022 14:25:46 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 12b038d4c98d16c65897122b6ac31b54.cloudfront.net (CloudFront)
x-amz-cf-id
DODfaLPEkF5m7CuaUDrwovcAhAgOZexwQ_ShBOwR_gp1aHaq5p3fEQ==
x-amz-cf-pop
SIN2-C1
x-amz-replication-status
COMPLETED
x-amz-version-id
48JgylKYDGSlVwQbXmYIyy9gVVOqLY6L
x-cache
Hit from cloudfront
pd
jp-u.openx.net/w/1.0/ Frame F960 		825 B
767 B 		Document
General
Check archive.org
Download Go to
Full URL
https://jp-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
ab4b6f1b78cdb8006a9fb699606f009babd4613be85041eec986fe7bc7b3ae08

Request headers

Referer
https://anotepad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
460
content-type
text/html
date
Mon, 07 Nov 2022 12:50:24 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BAF0 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://anotepad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=43750
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 07 Nov 2022 12:50:24 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 08 Nov 2022 00:59:34 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/shr?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/shr?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDOTBrN0cwZjRBQUJfdGdTblFCdw&gdpr=0&gdpr_consent=&bee_sync_partners=pm%2Csas%2Cpp%2Cshr&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pm%2Csas%2Cpp%2Cshr&bee_sync_current_partner=adx&bee_sync_initiator=shr&bee_sync_hop_count=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC90k7G0f4AAB_tgSnQBw&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpp%2Cshr&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAC90k7G0f4AAB_tgSnQBw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cshr%26bee_sync_curr...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cshr&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=5107663499214103132&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAC90k7G0f4AAB_tgSnQBw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D5107663499214103132%26gdpr%3D0%26gdpr_consent%3D%26bee_...
  • https://match.prod.bidr.io/cookie-sync?userid=5107663499214103132&gdpr=0&gdpr_consent=&bee_sync_partners=shr&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAC90k7G0f4AA...
  • https://match.sharethrough.com/sync/v1?source_id=vyXkw8rSq3j4JmKvTgxR3x1c&source_user_id=AAC90k7G0f4AAB_tgSnQBw&gdpr=0
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=vyXkw8rSq3j4JmKvTgxR3x1c&source_user_id=AAC90k7G0f4AAB_tgSnQBw&gdpr=0
Protocol
H2
Server
13.228.50.99 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-50-99.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:29 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=vyXkw8rSq3j4JmKvTgxR3x1c&source_user_id=AAC90k7G0f4AAB_tgSnQBw&gdpr=0
Date
Mon, 07 Nov 2022 12:50:28 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
sync
ssbsync.smartadserver.com/api/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=47&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=themediagrid
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=6175201927420910676&ssp=themediagrid
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=70&user_id=6175201927420910676&ssp=themediagrid
Protocol
HTTP/1.1
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 07 Nov 2022 12:50:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://x.bidswitch.net/sync?dsp_id=70&user_id=6175201927420910676&ssp=themediagrid
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LA6S718R-H-JE1C&gdpr=0
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LA6S718R-H-JE1C&gdpr=0
Protocol
H2
Server
13.228.50.99 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-50-99.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:28 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LA6S718R-H-JE1C&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78008fe701b681dce86a72fc23cacc40
Expires
0
setuid
s2s.t13.io/
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%3Cvsid%3E
  • https://s2s.t13.io/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=3108270277444370000V10
86 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=3108270277444370000V10
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:27 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Mon, 07 Nov 2022 12:50:27 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://s2s.t13.io/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=3108270277444370000V10
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Mon, 07 Nov 2022 12:50:27 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2F81 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com
URL: https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 04:23:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
116822
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Nov 2023 04:23:22 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DC3F 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com
URL: https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
80218
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 06 Nov 2022 14:33:26 GMT
etag
48472445140208031
expires
Mon, 07 Nov 2022 14:33:26 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 2F81 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
da469c699a610f8af46c24c7c12c7e93766498d7fc9becc5ea61a9bf2bc6e438

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sync
ads.yieldmo.com/v000/ Frame 23F8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ads.yieldmo.com/v000/sync?userid=1447531807871813638&pn_id=an
43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?userid=1447531807871813638&pn_id=an
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
52.77.9.69 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-9-69.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 07 Nov 2022 12:50:24 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:24 GMT
AN-X-Request-Uuid
bab257e2-d6bb-4989-8f45-1380554dc060
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ads.yieldmo.com/v000/sync?userid=1447531807871813638&pn_id=an
Connection
keep-alive
X-Proxy-Origin
116.90.74.203; 116.90.74.203; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.yieldmo.com/ Frame 23F8
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=21
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=YTbg-sP2TNVaGVKyssoX_HRaSss&gdpr=&gdpr_consent=
43 B
652 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=stk&userid=YTbg-sP2TNVaGVKyssoX_HRaSss&gdpr=&gdpr_consent=
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
52.77.9.69 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-9-69.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
https://ads.yieldmo.com/sync?pn_id=stk&userid=YTbg-sP2TNVaGVKyssoX_HRaSss&gdpr=&gdpr_consent=
Date
Mon, 07 Nov 2022 12:50:25 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
sync
ads.yieldmo.com/ Frame 23F8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=yieldmo
  • https://x.bidswitch.net/ul_cb/sync?ssp=yieldmo
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=14323083-42d2-4ecd-8a59-be6a0c1ecd3d&ssp=yieldmo&gdpr=&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10524138275672831780&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vis...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10524138275672831780&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26s...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=10f90be7-2fc3-48af-b44a-471735ad387f&ssp=yieldmo&gdpr_consent=&gdpr=
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10524138275672831780&ssp=yieldmo&gdpr=&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=209460804328003676604&ssp=yieldmo&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10524138275672831780&ssp=yieldmo&gdpr=&gdpr_consent=
  • https://ads.yieldmo.com/sync?userid=fc240e64-2c43-4293-a491-f4a75f6549c2&pn_id=bsw&extinit=&gdpr=&gdpr_consent=
43 B
883 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?userid=fc240e64-2c43-4293-a491-f4a75f6549c2&pn_id=bsw&extinit=&gdpr=&gdpr_consent=
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
52.77.9.69 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-9-69.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 07 Nov 2022 12:50:29 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
//ads.yieldmo.com/sync?userid=fc240e64-2c43-4293-a491-f4a75f6549c2&pn_id=bsw&extinit=&gdpr=&gdpr_consent=
Date
Mon, 07 Nov 2022 12:50:29 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 23F8 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=ZzkxNjNjMWY5YmE1NjRjOTI2ZmY=
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame 23F8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=g9163c1f9ba564c926ff
  • https://ads.yieldmo.com/v000/sync?tdid=aecd6e24-a5c6-432b-b87d-76314db61f68
43 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?tdid=aecd6e24-a5c6-432b-b87d-76314db61f68
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
52.77.9.69 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-9-69.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 07 Nov 2022 12:50:24 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:24 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ads.yieldmo.com/v000/sync?tdid=aecd6e24-a5c6-432b-b87d-76314db61f68
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
181
sync
ads.yieldmo.com/ Frame E110
Redirect Chain
  • https://pixel-apac.rubiconproject.com/exchange/sync.php?p=yieldmo
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LA6S718R-H-JE1C
43 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=rc&id=LA6S718R-H-JE1C
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
52.77.9.69 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-9-69.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.yieldmo.com/sync?pn_id=rc&id=LA6S718R-H-JE1C
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
Expires
0
sync
ads.yieldmo.com/ Frame E110
Redirect Chain
  • https://yieldmo-match.dotomi.com/match/bounce/current?networkId=42851&version=1
  • https://yieldmo-match.dotomi.com/match/bounce/current?DotomiTest=4cdbf1dc2d812062&is_secure=true&networkId=42851&version=1
  • https://ads.yieldmo.com/sync?pn_id=eps&id=AAALXEaF39AMIQMmhHTOAAAAAAA&expiration=1667911825&is_secure=true
43 B
653 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=eps&id=AAALXEaF39AMIQMmhHTOAAAAAAA&expiration=1667911825&is_secure=true
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
52.77.9.69 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-9-69.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://ads.yieldmo.com/sync?pn_id=eps&id=AAALXEaF39AMIQMmhHTOAAAAAAA&expiration=1667911825&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame E110 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=ZzFjMTZiY2Q5ODNmN2RlMDk1OTY=
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame E110
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=g1c16bcd983f7de09596
  • https://ads.yieldmo.com/v000/sync?tdid=aecd6e24-a5c6-432b-b87d-76314db61f68
43 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?tdid=aecd6e24-a5c6-432b-b87d-76314db61f68
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
52.77.9.69 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-9-69.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 07 Nov 2022 12:50:24 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:24 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ads.yieldmo.com/v000/sync?tdid=aecd6e24-a5c6-432b-b87d-76314db61f68
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
181
sync
ads.yieldmo.com/ Frame E110
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=21
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=6tV1AYqSSLBHjMFoFpEXBXRaSss&gdpr=&gdpr_consent=
43 B
653 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=stk&userid=6tV1AYqSSLBHjMFoFpEXBXRaSss&gdpr=&gdpr_consent=
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
52.77.9.69 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-9-69.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
https://ads.yieldmo.com/sync?pn_id=stk&userid=6tV1AYqSSLBHjMFoFpEXBXRaSss&gdpr=&gdpr_consent=
Date
Mon, 07 Nov 2022 12:50:25 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
openx
cs.nex8.net/cs/ Frame 35E5 		0
0
dds
rtb.openx.net/sync/ Frame 35E5
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=sbJruLT7ww0cVEfSKzuMag==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H3
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
ebnfvk2eeoifrn630v8dvmmek0b426q5

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 35E5 		43 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.131.200.84 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:25 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
expires
-1
sd
jp-u.openx.net/w/1.0/ Frame 35E5
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fjp-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://jp-u.openx.net/w/1.0/sd?id=536872786&val=fecc6368-ff0f-4500-8782-ef9de7e74b2d
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=536872786&val=fecc6368-ff0f-4500-8782-ef9de7e74b2d
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:24 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 07 Nov 2022 12:50:24 GMT
Server
MT3 4629 97bee97 master hkg-pixel-x5 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://jp-u.openx.net/w/1.0/sd?id=536872786&val=fecc6368-ff0f-4500-8782-ef9de7e74b2d
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 07 Nov 2022 12:50:23 GMT
sd
us-u.openx.net/w/1.0/ Frame 35E5
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3170436936017303866&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3170436936017303866&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3170436936017303866&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 07 Nov 2022 12:50:24 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 35E5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=6ee4e184-1d7d-7a23-fa20-0b65f822b6d0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=aecd6e24-a5c6-432b-b87d-76314db61f68&ttd_puid=6ee4e184-1d7d-7a23-fa20-0b65f822b6d0&gdpr=0&gdpr_consent=
43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=aecd6e24-a5c6-432b-b87d-76314db61f68&ttd_puid=6ee4e184-1d7d-7a23-fa20-0b65f822b6d0&gdpr=0&gdpr_consent=
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:24 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:24 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=aecd6e24-a5c6-432b-b87d-76314db61f68&ttd_puid=6ee4e184-1d7d-7a23-fa20-0b65f822b6d0&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 35E5
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y2j-EMCo5s4AAKt1bv4AAAAA
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y2j-EMCo5s4AAKt1bv4AAAAA
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:26 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
7
Date
Mon, 07 Nov 2022 12:50:25 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":7,"gdpr":false,"ipv4":"116.90.74.203","key":"Y2j-EMCo5s4AAKt1bv4AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad263"}
X-SO-Key
Y2j-EMCo5s4AAKt1bv4AAAAA
Server
nginx
X-SO-Upstream-ID
m-ad263
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y2j-EMCo5s4AAKt1bv4AAAAA
Cache-Control
private
X-SO-HostName
m-ad263.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
12
Content-Length
0
X-SO-LB-Hostname
a-tgng40010.dc2p.scaleout.jp
X-SO-IP
116.90.74.203
sd
jp-u.openx.net/w/1.0/ Frame 35E5
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AYs24KYSfKVlks8ADwG0vBd2O88AAAGEUiRbzQ
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AYs24KYSfKVlks8ADwG0vBd2O88AAAGEUiRbzQ
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
via
1.1 09c63a510feb1b96fe87d2cfe41d34ae.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AYs24KYSfKVlks8ADwG0vBd2O88AAAGEUiRbzQ
cache-control
no-cache
content-length
0
x-amz-cf-id
dlENB2uL8zhEuFWzoBjucsFaFiODmdMVTiivh6s93y8ors5DW0VgeA==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 35E5 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDI4YjMyNGUtZDQwYS0yNDg3LWVmYzAtNTFkYzMyYzA3OGIw
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 35E5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELTkqqrkujz4sgteiM5KKmo&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELTkqqrkujz4sgteiM5KKmo&google_cver=1
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELTkqqrkujz4sgteiM5KKmo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
openx
cs.nex8.net/cs/ Frame F960 		0
0
dds
rtb.openx.net/sync/ Frame F960
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=sbJruLT7ww0cVEfSKzuMag==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H3
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
8h7ocq9s2gr9nt6vhtepa4sjjnceio5e

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame F960 		43 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.131.200.84 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:25 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
expires
-1
sd
jp-u.openx.net/w/1.0/ Frame F960
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fjp-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://jp-u.openx.net/w/1.0/sd?id=536872786&val=fecc6368-ff0f-4500-8782-ef9de7e74b2d
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=536872786&val=fecc6368-ff0f-4500-8782-ef9de7e74b2d
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:24 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 07 Nov 2022 12:50:24 GMT
Server
MT3 4629 97bee97 master hkg-pixel-x20 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://jp-u.openx.net/w/1.0/sd?id=536872786&val=fecc6368-ff0f-4500-8782-ef9de7e74b2d
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 07 Nov 2022 12:50:23 GMT
sd
us-u.openx.net/w/1.0/ Frame F960
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2666033777751808314&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2666033777751808314&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2666033777751808314&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 07 Nov 2022 12:50:24 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame F960
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=6ee4e184-1d7d-7a23-fa20-0b65f822b6d0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=aecd6e24-a5c6-432b-b87d-76314db61f68&ttd_puid=6ee4e184-1d7d-7a23-fa20-0b65f822b6d0&gdpr=0&gdpr_consent=
43 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=aecd6e24-a5c6-432b-b87d-76314db61f68&ttd_puid=6ee4e184-1d7d-7a23-fa20-0b65f822b6d0&gdpr=0&gdpr_consent=
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:24 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:24 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=aecd6e24-a5c6-432b-b87d-76314db61f68&ttd_puid=6ee4e184-1d7d-7a23-fa20-0b65f822b6d0&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame F960
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y2j-EMCo5sIAAHUkLZsAAAAA
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y2j-EMCo5sIAAHUkLZsAAAAA
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
11
Date
Mon, 07 Nov 2022 12:50:24 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":11,"gdpr":false,"ipv4":"116.90.74.203","key":"Y2j-EMCo5sIAAHUkLZsAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad331"}
X-SO-Key
Y2j-EMCo5sIAAHUkLZsAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad331
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y2j-EMCo5sIAAHUkLZsAAAAA
Cache-Control
private
X-SO-HostName
m-ad331.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
a-tgng40004.dc2p.scaleout.jp
X-SO-IP
116.90.74.203
sd
jp-u.openx.net/w/1.0/ Frame F960
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AfGEo2-EQhS0ks8ADwG0vBd2P88AAAGEUiRb0w
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AfGEo2-EQhS0ks8ADwG0vBd2P88AAAGEUiRb0w
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
via
1.1 09c63a510feb1b96fe87d2cfe41d34ae.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AfGEo2-EQhS0ks8ADwG0vBd2P88AAAGEUiRb0w
cache-control
no-cache
content-length
0
x-amz-cf-id
jfiSbdaH0ZH6ZhQ-n69Bhsge8ifdQ_6y6pMS5Yhs6UIHTN9pTnFC3A==
expires
-1
pixel
cm.g.doubleclick.net/ Frame F960 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDI4YjMyNGUtZDQwYS0yNDg3LWVmYzAtNTFkYzMyYzA3OGIw
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F960
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELTkqqrkujz4sgteiM5KKmo&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELTkqqrkujz4sgteiM5KKmo&google_cver=1
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELTkqqrkujz4sgteiM5KKmo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rules-p-UeXruRVtZz7w6.js
rules.quantcount.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-61.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:42:29 GMT
content-encoding
gzip
via
1.1 60781892a5625d9f8980c3ca1b8660a2.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
479
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 07 Dec 2017 17:06:25 GMT
server
AmazonS3
etag
W/"cbc97d16c77ea1fcbbf42d246001e982"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
1xzu4tC_7-U12CJh13ATghsJtbtz9sDNFVkOLJWQGhEcMnF34pWRDA==
fltiu.js
pixel.yabidos.com/ Frame F080 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/fltiu.js?qid=83233313f553333313f513430313&cid=1041&p=undefined&s=anotepad.com
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1667825422608&secure=true&version=9&uuid=bbbd2e19-9bb4-41d0-8975-3079e1f0287a&title=Flight%20ticket%20price%20from%20Tehran%20to%20Najaf%20-%20Online%20Notepad&url=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.201.58 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:24 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 12 Oct 2022 22:47:42 GMT
server
cloudflare
age
4530
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
766631c8c811a801-SYD
content-length
1168
expires
Mon, 07 Nov 2022 14:50:24 GMT
query
ecs.mantisadnetwork.com/sync/pixel/ Frame F080
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rjrqv8k&ttd_tpi=1
  • https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=aecd6e24-a5c6-432b-b87d-76314db61f68
35 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=aecd6e24-a5c6-432b-b87d-76314db61f68
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1667825422608&secure=true&version=9&uuid=bbbd2e19-9bb4-41d0-8975-3079e1f0287a&title=Flight%20ticket%20price%20from%20Tehran%20to%20Najaf%20-%20Online%20Notepad&url=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df
Protocol
H2
Server
34.202.80.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-80-64.compute-1.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:24 GMT
x-powered-by
Express
content-length
35
etag
W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:24 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=aecd6e24-a5c6-432b-b87d-76314db61f68
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
241
floors
api.floors.dev/sgw/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.floors.dev/sgw/v1/floors
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.238.208 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
208.238.227.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://anotepad.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
content-type
text/html; charset=UTF-8
date
Mon, 07 Nov 2022 12:50:24 GMT
referrer-policy
no-referrer
floors
api.floors.dev/sgw/v1/ 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame 507E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvqOIe6UVHeHoIV6o00qxOvMp--_hE7q1I9n4AJW-EoHPdUI0n4Atjr3loguEblxtkZtgiSi5VkmVXnOB2uoIq8tjaUcWHsnh8aihJn7RV-rfhWdp8elNQ3qHPto9ySaM66Lj7xVEXBD3m2vvJMQF1KjhNd5cfb859SMDMIO4FotMJ0f1Zmkc1-iPeXUdtoCtDvzjizLej2zqYVGxz10JRh0Q4MngitEgn7aUty9o8LNPA2Jcr6n0pwuiTETlq-mVhvkrHDk3fvJNNQYDOAOCY8lRkaxu_n2A2bm5-bMJz0x4MjiF3l0d0K-KcWGzbFM9B3V0KN5prUqhZI&sai=AMfl-YQ1N9QCvp6aw_PQdwjg07GWzSM9TeBef1_O5vAwMSJU0UXRXEtvVDaUEd6xqKgRCxDiY86N1Q0OPrWkx_8ZwYxet3S1L27LZTYns3NE9oC3d95rv5Gr8emxqppHppHd&sig=Cg0ArKJSzOkx3yUKaAy7EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
prebid-universal-creative.js
a.pub.network/core/ Frame 507E 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-universal-creative.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.206 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d59600c71819efd9513ea48d57eb86572a2c6f2a71020c00b5cee27c46766cd

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:24 GMT
content-encoding
gzip
cf-cache-status
HIT
age
54865
x-guploader-uploadid
ADPycdsQgQ6q5KH0AuS7yg2EeIJW3dL8pYWbNOxgpLS_fImiro8tVlJsZc9p00sSRCt4OJT7mArx76qIY2_IvGj0faaH2w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Wed, 24 Aug 2022 14:40:55 GMT
server
cloudflare
etag
W/"da99e137f36f9c7c7241641a2ed29609"
vary
Accept-Encoding
x-goog-generation
1661352054877845
content-language
en
content-type
application/javascript
x-goog-hash
crc32c=ttmkPQ==, md5=2pnhN/NvnHxyQWQaLtKWCQ==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
29146
access-control-allow-origin
*
cf-ray
766631c70cd8fb88-AKL
expires
Tue, 08 Nov 2022 12:50:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 507E 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
sffe /
Resource Hash
c96507386689e69f6112a5d0a91ea851a260e5c023642dc374a8489271f53246
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48204
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667489865617883"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 07 Nov 2022 12:50:24 GMT
fltiu.js
pixel.yabidos.com/ Frame BA99 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/fltiu.js?qid=83233313f553333313f513430313&cid=1041&p=undefined&s=anotepad.com
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1667825423174&secure=true&version=9&uuid=bbbd2e19-9bb4-41d0-8975-3079e1f0287a&title=Flight%20ticket%20price%20from%20Tehran%20to%20Najaf%20-%20Online%20Notepad&url=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.201.58 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:24 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 12 Oct 2022 22:47:42 GMT
server
cloudflare
age
4530
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
766631c8c812a801-SYD
content-length
1168
expires
Mon, 07 Nov 2022 14:50:24 GMT
query
ecs.mantisadnetwork.com/sync/pixel/ Frame BA99
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rjrqv8k&ttd_tpi=1
  • https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=aecd6e24-a5c6-432b-b87d-76314db61f68
35 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=aecd6e24-a5c6-432b-b87d-76314db61f68
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1667825423174&secure=true&version=9&uuid=bbbd2e19-9bb4-41d0-8975-3079e1f0287a&title=Flight%20ticket%20price%20from%20Tehran%20to%20Najaf%20-%20Online%20Notepad&url=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df
Protocol
H2
Server
34.202.80.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-80-64.compute-1.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:24 GMT
x-powered-by
Express
content-length
35
etag
W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:24 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=aecd6e24-a5c6-432b-b87d-76314db61f68
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
241
c
c.pub.network/ 		36 B
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.35.0.e0d13514c58243f74fadfae994357dea0b370718.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.110.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.110.160.34.bc.googleusercontent.com
Software
/
Resource Hash
0f0f3b998098773e2c44efc426ddf2389b690e652fee53b2dcc0686bc96cffd2

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 07 Nov 2022 12:50:24 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
pixel
cm.g.doubleclick.net/ Frame DC3F
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENusNUgCOqeDToLCzLfL4VE&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENusNUgCOqeDToLCzLfL4VE&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RU1BbWJMbDgxT1MxQTU1&google_gid=CAESENusNUgCOqeDToLCzLfL4VE&google_cver=1&google_push=ASkJ3FbuVBJn8q1SI-B4mblK9hzNJHCJ1c6DmPkDJ_ICXF2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RU1BbWJMbDgxT1MxQTU1&google_gid=CAESENusNUgCOqeDToLCzLfL4VE&google_cver=1&google_push=ASkJ3FbuVBJn8q1SI-B4mblK9hzNJHCJ1c6DmPkDJ_ICXF2wh12YJywFOYitZ-pZfT52naUI1EkOGzK2kBNgco5JkAd6t4jBoff2Dnk9sWqXbbSoCQvczNBJG9Rt6rnk0_X14SS25MEs2Kh6sShFQxEV9cI
Requested by
Host: 126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com
URL: https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:24 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-062a250e8c9e3d8af@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RU1BbWJMbDgxT1MxQTU1&google_gid=CAESENusNUgCOqeDToLCzLfL4VE&google_cver=1&google_push=ASkJ3FbuVBJn8q1SI-B4mblK9hzNJHCJ1c6DmPkDJ_ICXF2wh12YJywFOYitZ-pZfT52naUI1EkOGzK2kBNgco5JkAd6t4jBoff2Dnk9sWqXbbSoCQvczNBJG9Rt6rnk0_X14SS25MEs2Kh6sShFQxEV9cI
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DC3F
Redirect Chain
  • https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEBan_aaXL642oexneRndVls&google_cver=1&google_push=ASkJ3Fa3xds2Luu9zyQAPFvJJ0uvBanTuuF8VKeUgtxkBQSK0bLu-NIPL0X6HAzHi8siV0SzIR88V6gJ3pTfWbVVlQbFk_3A...
  • https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=ASkJ3Fa3xds2Luu9zyQAPFvJJ0uvBanTuuF8VKeUgtxkBQSK0bLu-NIPL0X6HAzHi8siV0SzIR88V6gJ3pTfWbVVlQbFk_3AgAhu-ImhRynp5J2DPF02qr5klGKfhpTvHVkIyX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=ASkJ3Fa3xds2Luu9zyQAPFvJJ0uvBanTuuF8VKeUgtxkBQSK0bLu-NIPL0X6HAzHi8siV0SzIR88V6gJ3pTfWbVVlQbFk_3AgAhu-ImhRynp5J2DPF02qr5klGKfhpTvHVkIyXgJuXdvJZm4Fd0EB9lOMdM
Requested by
Host: 126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com
URL: https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
http://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=ASkJ3Fa3xds2Luu9zyQAPFvJJ0uvBanTuuF8VKeUgtxkBQSK0bLu-NIPL0X6HAzHi8siV0SzIR88V6gJ3pTfWbVVlQbFk_3AgAhu-ImhRynp5J2DPF02qr5klGKfhpTvHVkIyXgJuXdvJZm4Fd0EB9lOMdM
Date
Mon, 07 Nov 2022 12:50:26 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame DC3F
Redirect Chain
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=ASkJ3FYXRwkLtIYbUwLEJGpSgPFR9GIVyClWPR7LxHkWNo0BNgLw_uHQmw1B5dKOwb38kCcfNRI8VIArzgzbY2H9sbjZOrYMNl4ee7NXrdWrrQtq3q1TYyRBpBK7quf5rCoY-Vl0is7fRwmNZZ...
  • https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=ASkJ3FYXRwkLtIYbUwLEJGpSgPFR9GIVyClWPR7LxHkWNo0BNgLw_uHQmw1B5dKOwb38kCcfNRI8VIArzgzbY2H9sbjZOrYMNl4ee7NXrdWrrQtq3q1TYyRBpBK7quf5rCoY-Vl0is...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=ASkJ3FYXRwkLtIYbUwLEJGpSgPFR9GIVyClWPR7LxHkWNo0BNgLw_uHQmw1B5dKOwb38kCcfNRI8VIArzgzbY2H9sbjZOrYMNl4ee7NXrdWrrQtq3q1TYyRBpBK7quf5rCoY-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=ASkJ3FYXRwkLtIYbUwLEJGpSgPFR9GIVyClWPR7LxHkWNo0BNgLw_uHQmw1B5dKOwb38kCcfNRI8VIArzgzbY2H9sbjZOrYMNl4ee7NXrdWrrQtq3q1TYyRBpBK7quf5rCoY-Vl0is7fRwmNZZwGMvs6Svw&google_hm=Ad5bi9lsIN4iks8ADv76PiwkX8A
Requested by
Host: 126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com
URL: https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
via
1.1 87c4d73b5ac2faa4ca336ce968e1aa1a.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=ASkJ3FYXRwkLtIYbUwLEJGpSgPFR9GIVyClWPR7LxHkWNo0BNgLw_uHQmw1B5dKOwb38kCcfNRI8VIArzgzbY2H9sbjZOrYMNl4ee7NXrdWrrQtq3q1TYyRBpBK7quf5rCoY-Vl0is7fRwmNZZwGMvs6Svw&google_hm=Ad5bi9lsIN4iks8ADv76PiwkX8A
cache-control
no-cache
content-length
0
x-amz-cf-id
hhhBB8Laqs-FY-mv63cKsuRBKk8pRxTKFOO672RdBTpPK_o9Tt8Apg==
expires
-1
pixel
cm.g.doubleclick.net/ Frame DC3F
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEPe1Z0KiaEPVUj5yIAvaA0A&google_cver=1&google_push=ASkJ3FYaBqngQD4NUQ0mMr48rA10mul9nWoKPxbtmIumh2FH-lUNsDinEYHCQ0e9VuDkk8nFJx7vI...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ASkJ3FYaBqngQD4NUQ0mMr48rA10mul9nWoKPxbtmIumh2FH-lUNsDinEYHCQ0e9VuDkk8nFJx7vIC9T3dpCH4PhDkri050lgtUZH6rv17mw_GQwvd8dIO87K9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ASkJ3FYaBqngQD4NUQ0mMr48rA10mul9nWoKPxbtmIumh2FH-lUNsDinEYHCQ0e9VuDkk8nFJx7vIC9T3dpCH4PhDkri050lgtUZH6rv17mw_GQwvd8dIO87K997P7DHjWPqytC0bRgd522SaeQCq4u0eQU&google_hm=WTJqLUVjQ281czBBQVBWcEJOWUFBQUFB
Requested by
Host: 126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com
URL: https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
42
Date
Mon, 07 Nov 2022 12:50:25 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESEPe1Z0KiaEPVUj5yIAvaA0A&google_cver=1&google_push=ASkJ3FYaBqngQD4NUQ0mMr48rA10mul9nWoKPxbtmIumh2FH-lUNsDinEYHCQ0e9VuDkk8nFJx7vIC9T3dpCH4PhDkri050lgtUZH6rv17mw_GQwvd8dIO87K997P7DHjWPqytC0bRgd522SaeQCq4u0eQU","cluster_id":42,"gdpr":false,"ipv4":"116.90.74.203","key":"Y2j-EcCo5s0AAPVpBNYAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40172"}
X-SO-Key
Y2j-EcCo5s0AAPVpBNYAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40172
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ASkJ3FYaBqngQD4NUQ0mMr48rA10mul9nWoKPxbtmIumh2FH-lUNsDinEYHCQ0e9VuDkk8nFJx7vIC9T3dpCH4PhDkri050lgtUZH6rv17mw_GQwvd8dIO87K997P7DHjWPqytC0bRgd522SaeQCq4u0eQU&google_hm=WTJqLUVjQ281czBBQVBWcEJOWUFBQUFB
Cache-Control
private
X-SO-HostName
a-ad40172.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
5
Content-Length
0
X-SO-LB-Hostname
a-tgng40009.dc2p.scaleout.jp
X-SO-IP
116.90.74.203
pixel
cm.g.doubleclick.net/ Frame DC3F
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEMZocYXBxNsJEepmK2W366s&google_cver=1&google_push=ASkJ3FaAKNXE5_7z7z6RYZLyYme5MmIdT1vr5-mNcC5TvmcH-qr-l9R7DJOG4cXuskAwjnXqeJSIop_fJLwfqZdrmsU4IiHQrt3Nw...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3FaAKNXE5_7z7z6RYZLyYme5MmIdT1vr5-mNcC5TvmcH-qr-l9R7DJOG4cXuskAwjnXqeJSIop_fJLwfqZdrmsU4IiHQrt3NwFt76UTp6PFfcV2bubyVPhzTgW25oH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3FaAKNXE5_7z7z6RYZLyYme5MmIdT1vr5-mNcC5TvmcH-qr-l9R7DJOG4cXuskAwjnXqeJSIop_fJLwfqZdrmsU4IiHQrt3NwFt76UTp6PFfcV2bubyVPhzTgW25oH9KW2hb50pBap653etkP0YdSb0&google_hm=abe6d8ee1230d0783d6850ccc87d12ba
Requested by
Host: 126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com
URL: https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3FaAKNXE5_7z7z6RYZLyYme5MmIdT1vr5-mNcC5TvmcH-qr-l9R7DJOG4cXuskAwjnXqeJSIop_fJLwfqZdrmsU4IiHQrt3NwFt76UTp6PFfcV2bubyVPhzTgW25oH9KW2hb50pBap653etkP0YdSb0&google_hm=abe6d8ee1230d0783d6850ccc87d12ba
date
Mon, 07 Nov 2022 12:50:25 GMT
content-type
text/html; charset=UTF-8
server
nginx
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
spacer.gif
an.yandex.ru/resource/ Frame DC3F
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEDqlw1VtilrkMCIKASTQL_Q?ext-param=ASkJ3FZPArTms9HqLdJ8gH9wPzWdWNcT3cB0OZWuMdn4mGxOk-sWpWYXxVOjHlAlMhKatMI4kIv_-NxJed8q_4PnRDsvL88k0rTeHnJ7akB1mzcoBrEbttl0Uw1S...
  • https://an.yandex.ru/mapuid/google/CAESEDqlw1VtilrkMCIKASTQL_Q?redir-setuniq=1&ext-param=ASkJ3FZPArTms9HqLdJ8gH9wPzWdWNcT3cB0OZWuMdn4mGxOk-sWpWYXxVOjHlAlMhKatMI4kIv_-NxJed8q_4PnRDsvL88k0rTeHnJ7akB1...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEDqlw1VtilrkMCIKASTQL_Q&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: 126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com
URL: https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Mon, 23 Oct 2023 12:50:26 GMT

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DC3F
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26&google_push=ASkJ3FZUfDHn1F5hhddYkxAzk3wlZzP5fPvUoV3b...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26&google_push=ASkJ3FZUfDHn1F5hhddYkxAzk3wlZzP5fP...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=fc240e64-2c43-4293-a491-f4a75f6549c2&&google_push=ASkJ3FZUfDHn1F5hhddYkxAzk3wlZzP5fPvUoV3b7l2wUTLsKRit4p2t1tlj-WHsmd96jX-VSj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=fc240e64-2c43-4293-a491-f4a75f6549c2&&google_push=ASkJ3FZUfDHn1F5hhddYkxAzk3wlZzP5fPvUoV3b7l2wUTLsKRit4p2t1tlj-WHsmd96jX-VSjrY3FrV17rE6msSOwfLoN-WxqQHe_8-5hIGkD8FyJ_ScHpRchzB9BKrchc19iaIfK-iUQ-nOCqCGay0-EOD
Requested by
Host: 126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com
URL: https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=fc240e64-2c43-4293-a491-f4a75f6549c2&&google_push=ASkJ3FZUfDHn1F5hhddYkxAzk3wlZzP5fPvUoV3b7l2wUTLsKRit4p2t1tlj-WHsmd96jX-VSjrY3FrV17rE6msSOwfLoN-WxqQHe_8-5hIGkD8FyJ_ScHpRchzB9BKrchc19iaIfK-iUQ-nOCqCGay0-EOD
Date
Mon, 07 Nov 2022 12:50:25 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame DC3F 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JJ_J7MC_tDm4qAaq-0FNPba4ebV80KsqFULPtG5BRir-u7hKe8uyd5Ej9xc7kOjCxCEVLWq2M
Requested by
Host: 126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com
URL: https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:24 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6755 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
219066
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 04 Nov 2022 23:59:18 GMT
expires
Sat, 04 Nov 2023 23:59:18 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usermatch
ssum-sec.casalemedia.com/ Frame 0E54
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fanotepad.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fanotepad.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fanotepad.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea0d7f3221f146e4bebf1f6d2d88e20034678a4383e48187bbc1d75462be6643

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
766631cbbaf9ee96-AKL
content-encoding
br
content-type
text/html
date
Mon, 07 Nov 2022 12:50:25 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fN9ZL7yuLMHuWGIpu8BjZtyrktI2JtqBKDye5RiXOqNlHlXOF3ZV2tyZnvjvfHZT9UhnkvSOW7mS4ChmDYAOTLqHOx4gcu6uctdrcZ3VM8s62ojXmh%2BCPb5qE%2B18i3i1f7BBgYwXR8qpHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
766631c94a84fb94-AKL
content-length
0
date
Mon, 07 Nov 2022 12:50:24 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fanotepad.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=04u45p5Wgp72osxwG8kfuAiXf1k6OJpSEeta97RnWVYIG%2BrwrpVnvVlDjudBzvbuGnKEjTEcxxfscEJubaoZ4%2Btvii6g5NwSE3rcuD62eO6e2KzKaKLqbP8OI5XEEf78R50%2FKGQCgyrfXA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 6D0D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fanotepad.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fanotepad.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fanotepad.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d14f4b0f7dc9f3ea3e33ab581346f75681ac5f6a35def70cbd8c1ee03a3478c9

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
766631cbbafbee96-AKL
content-encoding
br
content-type
text/html
date
Mon, 07 Nov 2022 12:50:25 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BBKsfbQ6Q3fwtWunT9ifcCNGQ1KTGIKGFFHTEpMCNM%2BvKOsqNGRvFdFCL2f%2F9yy%2BKypdcC8cKuadO5dUgLCNB%2Furw1nMA8U3UVcVci1IOJ3hyzXBFBu3cbph2bXZ9uZrLnJeTpd7Mj%2BBWw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
766631c95a86fb94-AKL
content-length
0
date
Mon, 07 Nov 2022 12:50:25 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fanotepad.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TUI2yoCSZtACBgglciFaNOC%2FYkM7bwXQyaI57gu8yueev3cv%2FN4kmQxCatl59Gw%2F9wKMVkViw2iu4p760BSry0e9rO33UCDE1Rawu0Qr35VZr48JKXotnZJpw0MUwUB4CCvZ6%2BXS2U1yfg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
client
ssl.connextra.com/Videoslots/selector/ Frame 86EA 		950 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssl.connextra.com/Videoslots/selector/client?client=Videoslots&placement=DDM_APN_CAS_ACQ_NZ_300x250&_cb=708776318&apnauc=6395989821403982122&bidid=6395989821403982122&dspid=3bc1d7fd2e&tclk=https://lax1-ib.adnxs.com/click?pCTON1n53D91A12pwSnOPwAAAAApXAlAKSIamdvP0T-yaDo7GRzhPyppzOvaHsNYBkhHiYKqFhQO_2hjAAAAAM3nWQHVGwAAmBwAAAIAAAAvuykXvt4QAAAAAABVU0QAVVNEACwB-gCYHQAAAAABAQUCAAAAAK4AuCJZ9gAAAAA./bcr=AAAAAAAA8D8=/cnd=%21txUMUQjBiecZEK_2prkBGL69QyAAKAAxmpmZmZmZ7T86CUxBWDE6NTUzN0DZL0kAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=NzMyMCNMQVgxOjU1Mzc=/bn=93919/clickenc=
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.66.153.10 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-153-10.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4c5926d838ace2aa240041e7281e72790fde1f2310b705c5e8f85af72a66e5df

Request headers

Referer
https://anotepad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
653
content-type
text/html;charset=utf-8
date
Mon, 07 Nov 2022 12:50:26 GMT
expires
Mon, 07 Nov 2022 12:50:26 GMT
p3p
CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
pragma
no-cache
vary
* Accept-Encoding
x-served-by
vlp-cxtadsrv06.connextra.net
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3B3E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7125&pub_id=863137
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.183 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-183.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://anotepad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 07 Nov 2022 12:50:25 GMT
ETag
"623de86a-cf34"
Expires
Tue, 08 Nov 2022 12:50:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
rd_log
lax1-ib.adnxs.com/ Frame 507E 		0
815 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lax1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&e=wqT_3QL1DvDtdQcAAAMA1gAFAQiO_qObBhCrmYnC9OKs7TcYhpCdyqjQqosUKjYJRs56mOxZ2j8RBmPx5MZuyz8ZAAAAAClcCUAhKSIamdvP0T8psmg6Oxkc4T8xAAAAoJmZuT8wzc_nCjjVN0CYOUgCUL_2prkBWL69Q2AAaJi7XHjf3QWAAQGKAQNVU0SSAQNVU0SYAcoHoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCAxNDgzMTU1LCAwKTt1ZignaScsIDc2NzMxOTcsIDApO3VmKCdnJywgMTkxNTI3NTksIDApOwE9PHMnLCAyNzg3NTM1ODUsIDAJPzByJywgMzg4NjEwODc5BRbwi5ICqQQhMzIxZGdBakJpZWNaRUxfMnBya0JHQUFndnIxRE1BSTRBRUFBU0pnNVVNM1A1d3BZQUdELUJHZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJDcWdCQ3JBQkFMa0JaUUQ0RkI0YzRUX0JBV1VBLUJRZUhPRV95UUVBQUFBQUFBRHdQOWtCQUFBBQ50OERfZ0FlMnExQVAxQWVPLWd6LVlBZ0NnQWdHMUFnASMEQzkJCNhEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnR0FBd0dZQXdHaUF3NElzc2F0SlJBTEdBSXRBAUPQTG9EQ1V4QldERTZOVFV6Ti1BRDJTLUFCUGlNeWdtSUJQeU15Z21RQkFHWUJBR2dCQlRCQkEBOQkBCHlRUQkJAQEYTmdFQVBFRQELCQFgQ0lCYUVya0FYNi16NllCYkhpOVlRQnFRVQkfGEFEd1A3RUYBDVBZRzl5NnpfQkJjM016R3pjZF9BX3kuKAAAOQkoCQEIRFpCEXfIUEFfNEFYY29RUHdCZmYta0FuNEJaUERXb0lHQTFWVFJJZ0dCSkFHQVpnR0FLRUdtcG1aAQIsN1Qtb0JnU3lCaVFKCVQFAQBSBQYJAQBaCQcFAQBoBQYFAUBDNEJnby6aApkBIXh4VnNWdzotAihMNjlReUFBS0FBeBltBDg2MmUBFDBEWkwwawVPJQUAMT00AEYRGAxBQUFHHRgARx0YAEgdGAxIZ0FpLkEC8Gl3Li7YAp5I4AKd_1vqAiNodHRwczovL2Fub3RlcGFkLmNvbS9ub3Rlcy8zMmF5MzdkZvICEQoGQURWX0lEEgcxNDgzMTU18gISCgZDUEdfSUQSCDE5MTUyNzU58gISCgVDUF9JRBIJMjc4aVIQ8gINCggBPhhGUkVREgEwBRAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPCENQRxUPEAsKB0NQFQ4QEAoFSU8BYSAHNzY3MzE5N_IBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HBUKCFNQTElUAU0Z2fCkgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDxcOTAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA0xMTYuOTAuNzQuMjAzqAQAsgQQCAAQARjKByD6ASgAMAA4ArgEAMAEAMgEANIEDjczMjAjTEFYMTo1NTM32gQCCAHgBAHwBL_2prkBiAUBmAUAoAX___________8BwAUAyQUAoZYYAPA_0gUJCQUL8EwAAADYBQHgBQHqBRcKDWZzX2FkX3Byb2R1Y3QSBmJhbm5lcvAF9PEl-gUECAAQAJAGAJgGAKIGDjcxMjUjTEFYMTo2MzAyuAYAwQYAAAFOKPA_0AapJdoGFgoQAQ8uAQBgEAAYAOAGAfIGhwEI-vs-EoABMXhObVFsb0G72ERBQWtDQlFFSS10dklCaENiMGJzQ0dJMzR4UUlnQnlnQVFLLVNyd1ZJNkxTdkJWRFpMMWllTVg22QIAZ1XZDEFBQUmtWixKb0JBZ2dBcUFFQXMuIAA8QS4ugAcBiAcAoAcBugcPCAWgACAhZyyMFkAAyAff3QXSBw0tJwQ5QAG-CNoHBgkn8F7gBwDqBwIIAPAHluQLighGCkIAAAGEUiROsDfasxdIQkyr1LBbZw_BJeQwWjrqG_WgStmeuAYPL1s2-b_edYFyxtrhovOMzcogmKSyGVD06Lojan0QAZUIAACAP5gIAQ..&s=fedf0423aa58e152e5c8ea08bba150aef4ac46fb&bdref=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df,https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:25 GMT
AN-X-Request-Uuid
f3f7f214-c215-4082-a67f-fb4f7414b823
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
116.90.74.203; 116.90.74.203; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/229/ Frame 507E 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/229/trk.js
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1f848d12e0c73ffe76cce049dd372c19fd257214e8ec43be66bd27a4d335837f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Thu, 05 Oct 2023 09:41:59 GMT
Date
Mon, 07 Nov 2022 12:50:27 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
2862507
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29365
X-Served-By
cache-lga21978-LGA, cache-mel11232-MEL
Last-Modified
Wed, 05 Oct 2022 09:41:41 GMT
Server
AkamaiNetStorage
X-Timer
S1667825427.175559,VS0,VE0
ETag
"e4a20054d2e3bd70bee1fab0cc606a4f:1664962901.362129"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
2, 200047
it
lax1-ib.adnxs.com/ Frame 507E 		0
815 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lax1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fanotepad.com%252Fnotes%252F32ay37df&e=wqT_3QLdFvDeXQsAAAMA1gAFAQiO_qObBhCq0rHertvH4VgYhpCdyqjQqosUKjYJpCTON1n53D8RdQNdqcEpzj8ZAAAAAClcCUAhKSIamdvP0T8psmg6Oxkc4T8xAAAAoJmZuT8wzc_nCjjVN0CYOUgCUK_2prkBWL69Q2AAaJi7XHjf3QWAAQGKAQNVU0SSAQNVU0SYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgMTQ4MzE1NSwgMCk7dWYoJ2knLCA3NjczMTk3LCAwKTt1ZignZwEoIDkxNTI3NTksIA0pMHMnLCAyNzg3NTM1ODUVFjByJywgMzg4NjEwODYzBRbwi5ICwQ4hc0lhN3JBakJpZWNaRUtfMnBya0JHQUFndnIxRE1BSTRBRUFBU0pnNVVNM1A1d3BZQUdELUJHZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJDcWdCQ3JBQkFMa0JaUUQ0RkI0YzRUX0JBV1VBLUJRZUhPRV95UUVBQUFBQUFBRHdQOWtCQUFBBQ50OERfZ0FlMnExQVAxQWVPLWd6LVlBZ0NnQWdHMUFnASMEQzkJCNhEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnR0FBd0dZQXdHaUF3NElzc2F0SlJBTEdBSXRBAUPoTG9EQ1V4QldERTZOVFV6Ti1BRDJTLUFCUGlNeWdtSUJQeU15Z21RQkFHWUJBR2dCQlNxQk04SENQX18VAgh3RVEVDBRfX19BUmoBBw0BDDhCSVANCwEBCHdFbwEHEQEIQVREEQsUX19fOEJPMiwABEZBARYRAQRBVTZYAABVNiwAAFkRKAEBBEFXNlgAAGE2LAAAdwEkEQEEQVg2WAAIZ0FIERsFlABpOhAAAGs6EAAgbUFIRnc1TUJvOhgAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAAhnQUwB8Q0BCDhCaToQAABrOhAAAG06EAAAbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAEZ0EuJQIhADYQAABrOhAAAG06EAAAbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FULfwBASEANhAAAGs6EAAAbToQAABvOhAAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAAhnQVgB-Q0BIQA2EAAAazoQAABtOhAACHdRUaFSCQEITWtFCQkBARhEWUJBRHhCAQsNAVxpQVdoSzVBRi12cy1tQVd4NHZXRUFha0YNHxRBOEQteEIBT1BHQnZjdXNfd1FYTnpNeHMzSGZ3UDguKAAEX1IFKA0BCDJRVQ0KyER3UC1BRjNLRUQ4QVgzX3BBSi1BV1R3MXFDQmdOVlUwU0lCZ1NRQmdHWUJnQ2hCcHFabQECLGUwX3FBWUVzZ1lrQwGADQEARR0MAEcdDABJHQw4dUFZS5oCmQEhdHhVTVVROkUHNEw2OVF5QUFLQUF4bXBtAWsUWjdUODZDLn0GFDBEWkwwaw1zDER3UDE9RABGERgMQUFBRx0YAEcdGABIHRgMSGdBaS5ZB_DXdy4u2AKeSOACzdtX6gIjaHR0cHM6Ly9hbm90ZXBhZC5jb20vbm90ZXMvMzJheTM3ZGaAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APFw5MB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTExNi45MC43NC4yMDOoBACyBBAIABABGMoHIPoBKAAwADgCuAQAwAQAyAQA0gQONzMyMCNMQVgxOjU1MzfaBAIIAeAEAfAEr_amuQGIBQGYBQCgBf___________wHABQDJBQAADpkJFPA_0gUJCQEKAQG42AUB4AUB8AX08SX6BQQIABAAkAYAmAYAogYONzEyNSNMQVgxOjYzMDK4BgDBBgABMywA8D_QBqkl2gYWChAFEB0BYBAAGADgBgHyBocBCPr7PhKAATF4Tm1RbG8hithEQUFrQ0JRRUktdHZJQmhDYjBic0NHSTM0eFFJZ0J5Z0FRSy1TcndWSTZMU3ZCVkRaTDFpZU1YNqgBAGc1qAxBQUFJGkEJLEpvQkFnZ0FxQUVBcy4gADxBLi6ABwGIBwCgBwG6Bw8IBaAAICFNLIwWQADIB9_dBdIHDS0NBDlAAb4I2gcGCSfwXuAHAOoHAggA8AeW5AuKCEYKQgAAAYRSJE6wWMMe2uvMaSrV7cXGZBCtNrP9oJ9vbEVuQn8jcHWomh1J-kK5mhHIBNse8z9aXTHLBVv7lIYbtMlZ7xABlQgAAIA_mAgB&s=5f8c21ee4ce57c9bd638c97d7d06f8018029568a
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:25 GMT
AN-X-Request-Uuid
86fd92ea-0f31-4e3f-81ae-86b283056248
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
116.90.74.203; 116.90.74.203; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
protected-by.clarium.io/ Frame 507E 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_cWFLdHh1TDFLUl8yVGZtejBObVBhQXVkc0JjL2FwcG5leHVzOjMwMHgyNTA=&v=5&s=v31gh928m6p&id=eyJwcmViaWQiOnsiYWRJZCI6IjE3MWQ2MTY5NGQzYWNhZmMiLCJjcG0iOjAuMjMzMjkyNTEsInMiOiJhbm90ZXBhZF9sZWFkZXJib2FyZF9idGYiLCJzcmMiOiJjbGllbnQifSwidHBfY3JpZCI6IlBCOmFwcG5leHVzOzM4ODYxMDg2MyJ9&sb=undefined&cb=5856366&h=anotepad.com&d=eyJ3aCI6ImNXRkxkSGgxVERGTFVsOHlWR1p0ZWpCT2JWQmhRWFZrYzBKakwyRndjRzVsZUhWek9qTXdNSGd5TlRBPSIsIndkIjp7ImsiOnsiaGJfYmlkZGVyIjpbImFwcG5leHVzIl0sImhiX3NpemUiOlsiMzAweDI1MCJdfX0sIndyIjowfQ==
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.49.167.89 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-49-167-89.eu-north-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:28 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js
pagead2.googlesyndication.com/bg/ Frame 6755 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 08:29:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
447651
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Nov 2023 08:29:33 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame BAF0 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=62336143&p=156696&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
de81fd4c33bd08263cc0ed66a844ad8a147c15aeed23509ffe69cb6cc6968414

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 07 Nov 2022 12:50:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame EBAF 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4d621a2a8897ad3e6f3dcac6c188926f5db6ac256b62aea1826cfdfc4fd01069

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 07 Nov 2022 12:50:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Nov 2022 10:40:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=78617
Connection
keep-alive
Content-Length
9884
Expires
Tue, 08 Nov 2022 10:40:41 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 8857
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54c8ecea2c87a14b6ba5bd162863634b5101a9eeafd543caf83263070ca89d65

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
766631cbbafaee96-AKL
content-encoding
br
content-type
text/html
date
Mon, 07 Nov 2022 12:50:25 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ApkcAwlPfz6vjE8lv%2Bnq3LAR8r69QuradWEZciNxW2M1VYQH1eCBGwJFLJfYK5PrydtL0bCJ2R0SWZEFEmVPmML1PWR%2Brc1kc%2BTcXAxKf5z9Arb7r4%2FW6iI9NLqwJYBZ1Oh%2BvWh5SJgjw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
766631c97a97fb94-AKL
content-length
0
date
Mon, 07 Nov 2022 12:50:25 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2BFqnxqdDUBh0gmL1Ep%2FkFux2RnVzeI9lnFM0JF%2FKTkmw8DX5NS8CfTS%2F1wfe7h%2BZgPS1A0lGDiX5vxGivk2HLUR%2B3cuLp09kqwEDh8znMCubMc0RxFVRj6MkpRURzzVYt1omL4gEpYChA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 3761
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 07 Nov 2022 12:50:25 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 07 Nov 2022 12:50:25 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
sync
usr.undertone.com/userPixel/ Frame 040F
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID
  • https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=1447531807871813638
0
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=1447531807871813638
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
54.192.150.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-46.sin2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:25 GMT
via
1.1 84a8283bcf12d6659a335b8d00e9c15a.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
_bk2KXQWl-X741D-Dt33kqKnjoMhe0crbiZm6PG9phPk0MvKC31ENg==

Redirect headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:24 GMT
AN-X-Request-Uuid
b59a739c-9b0e-4c5f-9be3-9973efeb93b8
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=1447531807871813638
Connection
keep-alive
X-Proxy-Origin
116.90.74.203; 116.90.74.203; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame 040F
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=258986a3-1dd2-4640-90a5-14a20f8e9682
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=258986a3-1dd2-4640-90a5-14a20f8e9682
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
54.192.150.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-46.sin2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:25 GMT
via
1.1 84a8283bcf12d6659a335b8d00e9c15a.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
3
content-length
0
x-amz-cf-id
OXPjU6L8OdIO4plAAtmXhytOjwBE1U8PjP7SRNvlXGAxxCSsd5qcCg==

Redirect headers

date
Mon, 07 Nov 2022 12:50:24 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=258986a3-1dd2-4640-90a5-14a20f8e9682
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
usr.undertone.com/userPixel/ Frame 040F
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-z4o2mKZE2uEI1hoIy8ekMnM.ZFLUcwVa~A
0
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-z4o2mKZE2uEI1hoIy8ekMnM.ZFLUcwVa~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
54.192.150.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-46.sin2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:25 GMT
via
1.1 84a8283bcf12d6659a335b8d00e9c15a.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
cjYw5PrNDBUgLeIESuyMwLi2jNar3fIngrUSv31D_IDiFydQdgpFww==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-z4o2mKZE2uEI1hoIy8ekMnM.ZFLUcwVa~A
date
Mon, 07 Nov 2022 12:50:25 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
usr.undertone.com/userPixel/ Frame 040F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=aecd6e24-a5c6-432b-b87d-76314db61f68&ttl=1670417424
0
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=aecd6e24-a5c6-432b-b87d-76314db61f68&ttl=1670417424
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
54.192.150.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-46.sin2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:25 GMT
via
1.1 84a8283bcf12d6659a335b8d00e9c15a.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1
content-length
0
x-amz-cf-id
9nEjioMVXNqXY-hQHVaTZ8UNxE7YcV_uYA-Etf9qbPalhQs5IDIaWg==

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:24 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=aecd6e24-a5c6-432b-b87d-76314db61f68&ttl=1670417424
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
249
sync
usr.undertone.com/userPixel/ Frame 040F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LA6S718R-H-JE1C
0
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LA6S718R-H-JE1C
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
54.192.150.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-46.sin2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:26 GMT
via
1.1 84a8283bcf12d6659a335b8d00e9c15a.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
-jdvd7rbyrAHo039TeN4bBUMoM3qrvq2aez_9GlKbfgRFiH2eZ9WyQ==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LA6S718R-H-JE1C
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
Expires
0
undertone
cs.admanmedia.com/sync/ Frame 040F 		0
0
sync
usr.undertone.com/userPixel/ Frame 040F
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkJBMUMwOUMtOENENC00OTM0LThCQkEtQUQzQzcwREE5QzJF&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8BEF0174-B64A-4E0E-8223-1C141AF7A63B
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
0
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
54.192.150.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-46.sin2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:27 GMT
via
1.1 84a8283bcf12d6659a335b8d00e9c15a.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1
content-length
0
x-amz-cf-id
yRBPdsa2YmmTG_oC-px2y_2EiS3ofTYtZW4yC-9jY1ArucVTDmTarw==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
date
Mon, 07 Nov 2022 12:50:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
usr.undertone.com/userPixel/ Frame 040F
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=0cedcec1-0595-4a97-9e3c-1b0a7c3569e7-6368ff11-4e5a&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=0cedcec1-0595-4a97-9e3c-1b0a7c3569e7-6368ff11-4e5a&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=0cedcec1-0595-4a97-9e3c-1b0a7c3569e7-6368ff11-4e5a&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerI...
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=0cedcec1-0595-4a97-9e3c-1b0a7c3569e7-6368ff11-4e5a
0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=0cedcec1-0595-4a97-9e3c-1b0a7c3569e7-6368ff11-4e5a
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
54.192.150.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-46.sin2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:28 GMT
via
1.1 84a8283bcf12d6659a335b8d00e9c15a.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1
content-length
0
x-amz-cf-id
eSpTKEoFjxO3wkJrP_U_HLU_WKmp0gTLKHPXK_1iJMigyTsh8E0BDg==

Redirect headers

date
Mon, 07 Nov 2022 12:50:27 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=0cedcec1-0595-4a97-9e3c-1b0a7c3569e7-6368ff11-4e5a
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
usr.undertone.com/userPixel/ Frame 040F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-eVaSTF1E2uGV1w.yBEeB33i_xZSYu2r4Pw.rcBM-~A
0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-eVaSTF1E2uGV1w.yBEeB33i_xZSYu2r4Pw.rcBM-~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
54.192.150.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-46.sin2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:25 GMT
via
1.1 84a8283bcf12d6659a335b8d00e9c15a.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1
content-length
0
x-amz-cf-id
lIYGDktNOCsI68UV1WS51Bu-P9o9NTILuXKBw0Xsoqc0P-bTRwkxrQ==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-eVaSTF1E2uGV1w.yBEeB33i_xZSYu2r4Pw.rcBM-~A
date
Mon, 07 Nov 2022 12:50:26 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
t.gif
cw.addthis.com/ Frame 040F 		0
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cw.addthis.com/t.gif?pid=46&pdid=4918893f26424e4590fde0be5f93a26a
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.116.154 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-116-154.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:26 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 07 Nov 2022 12:50:26 GMT
demconf.jpg
dpm.demdex.net/ Frame 040F
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=152416&dpuuid=4bsdjqwqbccx9qtwk2lqzo3fu
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=4bsdjqwqbccx9qtwk2lqzo3fu
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=4bsdjqwqbccx9qtwk2lqzo3fu
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Server
52.41.79.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-41-79-126.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-03ae6fa83.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
rRD49EFBR60=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-1-v041-0f1add7c1.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
J6MEkyMhQhU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=4bsdjqwqbccx9qtwk2lqzo3fu
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
15597
tags.bluekai.com/site/ Frame 040F 		62 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/15597?id=4bsdjqwqbccx9qtwk2lqzo3fu
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.73.13.201 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-13-201.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Mon, 07 Nov 2022 12:50:27 GMT
content-length
62
content-type
image/gif
396846.gif
idsync.rlcdn.com/ Frame 040F
Redirect Chain
  • https://idsync.rlcdn.com/403716.gif?partner_uid=4bsdjqwqbccx9qtwk2lqzo3fu
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=3b229ee2-d03a-4c43-a559-8b96c1b9d708
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=3b229ee2-d03a-4c43-a559-8b96c1b9d708
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:27 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Mon, 07 Nov 2022 12:50:26 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=3b229ee2-d03a-4c43-a559-8b96c1b9d708
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usermatch.gif
beacon.krxd.net/ Frame 040F 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=undertone&partner_uid=4bsdjqwqbccx9qtwk2lqzo3fu
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.84.109.80 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-84-109-80.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
beacon-n012-pdx-prod.krxd.net
date
Mon, 07 Nov 2022 12:50:27 GMT
cache-control
private, no-cache, no-store
x-request-time
D=25 t=1667825427
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
flimpobj.js
pixel.yabidos.com/ Frame F080 		31 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1667825424845&ver1=2.2.3&qid=83233313f553333313f513430313&rnd=9yk3w3ij9zws&cid=1041
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=83233313f553333313f513430313&cid=1041&p=undefined&s=anotepad.com
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.201.58 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02d5267190e72466ca3a4ce018b4d9dcbb65839812f366f22dbacaf2d3ef5ae7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:24 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 12 Oct 2022 22:47:42 GMT
server
cloudflare
age
6598
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
766631c9b8e1a801-SYD
content-length
24223
expires
Mon, 07 Nov 2022 14:50:24 GMT
flimpobj.js
pixel.yabidos.com/ Frame BA99 		31 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1667825424845&ver1=2.2.3&qid=83233313f553333313f513430313&rnd=id8vwr0qnazq&cid=1041
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=83233313f553333313f513430313&cid=1041&p=undefined&s=anotepad.com
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.201.58 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02d5267190e72466ca3a4ce018b4d9dcbb65839812f366f22dbacaf2d3ef5ae7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:24 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 12 Oct 2022 22:47:42 GMT
server
cloudflare
age
6598
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
766631c9b8e3a801-SYD
content-length
24223
expires
Mon, 07 Nov 2022 14:50:24 GMT
client
ssl.connextra.com/Videoslots/selector/ Frame BB4F 		950 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssl.connextra.com/Videoslots/selector/client?client=Videoslots&placement=DDM_APN_CAS_ACQ_NZ_300x250&_cb=708776318&apnauc=6395989821403982122&bidid=6395989821403982122&dspid=3bc1d7fd2e&tclk=https://lax1-ib.adnxs.com/click?pCTON1n53D91A12pwSnOPwAAAAApXAlAKSIamdvP0T-yaDo7GRzhPyppzOvaHsNYBkhHiYKqFhQO_2hjAAAAAM3nWQHVGwAAmBwAAAIAAAAvuykXvt4QAAAAAABVU0QAVVNEACwB-gCYHQAAAAABAQUCAAAAAK4AuCJZ9gAAAAA./bcr=AAAAAAAA8D8=/cnd=%21txUMUQjBiecZEK_2prkBGL69QyAAKAAxmpmZmZmZ7T86CUxBWDE6NTUzN0DZL0kAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=NzMyMCNMQVgxOjU1Mzc=/bn=93919/clickenc=
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.66.153.10 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-153-10.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4c5926d838ace2aa240041e7281e72790fde1f2310b705c5e8f85af72a66e5df

Request headers

Referer
https://anotepad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
653
content-type
text/html;charset=utf-8
date
Mon, 07 Nov 2022 12:50:25 GMT
expires
Mon, 07 Nov 2022 12:50:25 GMT
p3p
CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
pragma
no-cache
vary
* Accept-Encoding
x-served-by
vlp-cxtadsrv14.connextra.net
async_usersync.html
acdn.adnxs.com/dmp/ Frame 14FC 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7125&pub_id=863137
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.183 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-183.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://anotepad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 07 Nov 2022 12:50:25 GMT
ETag
"623de86a-cf34"
Expires
Tue, 08 Nov 2022 12:50:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
rd_log
lax1-ib.adnxs.com/ Frame 8F06 		0
815 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lax1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&e=wqT_3QL1DvDtdQcAAAMA1gAFAQiO_qObBhCrmYnC9OKs7TcYhpCdyqjQqosUKjYJRs56mOxZ2j8RBmPx5MZuyz8ZAAAAAClcCUAhKSIamdvP0T8psmg6Oxkc4T8xAAAAoJmZuT8wzc_nCjjVN0CYOUgCUL_2prkBWL69Q2AAaJi7XHjf3QWAAQGKAQNVU0SSAQNVU0SYAcoHoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCAxNDgzMTU1LCAwKTt1ZignaScsIDc2NzMxOTcsIDApO3VmKCdnJywgMTkxNTI3NTksIDApOwE9PHMnLCAyNzg3NTM1ODUsIDAJPzByJywgMzg4NjEwODc5BRbwi5ICqQQhMzIxZGdBakJpZWNaRUxfMnBya0JHQUFndnIxRE1BSTRBRUFBU0pnNVVNM1A1d3BZQUdELUJHZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJDcWdCQ3JBQkFMa0JaUUQ0RkI0YzRUX0JBV1VBLUJRZUhPRV95UUVBQUFBQUFBRHdQOWtCQUFBBQ50OERfZ0FlMnExQVAxQWVPLWd6LVlBZ0NnQWdHMUFnASMEQzkJCNhEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnR0FBd0dZQXdHaUF3NElzc2F0SlJBTEdBSXRBAUPQTG9EQ1V4QldERTZOVFV6Ti1BRDJTLUFCUGlNeWdtSUJQeU15Z21RQkFHWUJBR2dCQlRCQkEBOQkBCHlRUQkJAQEYTmdFQVBFRQELCQFgQ0lCYUVya0FYNi16NllCYkhpOVlRQnFRVQkfGEFEd1A3RUYBDVBZRzl5NnpfQkJjM016R3pjZF9BX3kuKAAAOQkoCQEIRFpCEXfIUEFfNEFYY29RUHdCZmYta0FuNEJaUERXb0lHQTFWVFJJZ0dCSkFHQVpnR0FLRUdtcG1aAQIsN1Qtb0JnU3lCaVFKCVQFAQBSBQYJAQBaCQcFAQBoBQYFAUBDNEJnby6aApkBIXh4VnNWdzotAihMNjlReUFBS0FBeBltBDg2MmUBFDBEWkwwawVPJQUAMT00AEYRGAxBQUFHHRgARx0YAEgdGAxIZ0FpLkEC8Gl3Li7YAp5I4AKd_1vqAiNodHRwczovL2Fub3RlcGFkLmNvbS9ub3Rlcy8zMmF5MzdkZvICEQoGQURWX0lEEgcxNDgzMTU18gISCgZDUEdfSUQSCDE5MTUyNzU58gISCgVDUF9JRBIJMjc4aVIQ8gINCggBPhhGUkVREgEwBRAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPCENQRxUPEAsKB0NQFQ4QEAoFSU8BYSAHNzY3MzE5N_IBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HBUKCFNQTElUAU0Z2fCkgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDxcOTAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA0xMTYuOTAuNzQuMjAzqAQAsgQQCAAQARjKByD6ASgAMAA4ArgEAMAEAMgEANIEDjczMjAjTEFYMTo1NTM32gQCCAHgBAHwBL_2prkBiAUBmAUAoAX___________8BwAUAyQUAoZYYAPA_0gUJCQUL8EwAAADYBQHgBQHqBRcKDWZzX2FkX3Byb2R1Y3QSBmJhbm5lcvAF9PEl-gUECAAQAJAGAJgGAKIGDjcxMjUjTEFYMTo2MzAyuAYAwQYAAAFOKPA_0AapJdoGFgoQAQ8uAQBgEAAYAOAGAfIGhwEI-vs-EoABMXhObVFsb0G72ERBQWtDQlFFSS10dklCaENiMGJzQ0dJMzR4UUlnQnlnQVFLLVNyd1ZJNkxTdkJWRFpMMWllTVg22QIAZ1XZDEFBQUmtWixKb0JBZ2dBcUFFQXMuIAA8QS4ugAcBiAcAoAcBugcPCAWgACAhZyyMFkAAyAff3QXSBw0tJwQ5QAG-CNoHBgkn8F7gBwDqBwIIAPAHluQLighGCkIAAAGEUiROsDfasxdIQkyr1LBbZw_BJeQwWjrqG_WgStmeuAYPL1s2-b_edYFyxtrhovOMzcogmKSyGVD06Lojan0QAZUIAACAP5gIAQ..&s=fedf0423aa58e152e5c8ea08bba150aef4ac46fb&bdref=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df,https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:25 GMT
AN-X-Request-Uuid
b7c5c9a6-8b09-46b2-a52e-d8533af41bdd
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
116.90.74.203; 116.90.74.203; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/229/ Frame 8F06 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/229/trk.js
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1f848d12e0c73ffe76cce049dd372c19fd257214e8ec43be66bd27a4d335837f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Thu, 05 Oct 2023 09:41:59 GMT
Date
Mon, 07 Nov 2022 12:50:27 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
2862507
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29365
X-Served-By
cache-lga21978-LGA, cache-mel11257-MEL
Last-Modified
Wed, 05 Oct 2022 09:41:41 GMT
Server
AkamaiNetStorage
X-Timer
S1667825427.171016,VS0,VE0
ETag
"e4a20054d2e3bd70bee1fab0cc606a4f:1664962901.362129"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
2, 820650
it
lax1-ib.adnxs.com/ Frame 8F06 		0
815 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lax1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fanotepad.com%252Fnotes%252F32ay37df&e=wqT_3QLdFvDeXQsAAAMA1gAFAQiO_qObBhCq0rHertvH4VgYhpCdyqjQqosUKjYJpCTON1n53D8RdQNdqcEpzj8ZAAAAAClcCUAhKSIamdvP0T8psmg6Oxkc4T8xAAAAoJmZuT8wzc_nCjjVN0CYOUgCUK_2prkBWL69Q2AAaJi7XHjf3QWAAQGKAQNVU0SSAQNVU0SYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgMTQ4MzE1NSwgMCk7dWYoJ2knLCA3NjczMTk3LCAwKTt1ZignZwEoIDkxNTI3NTksIA0pMHMnLCAyNzg3NTM1ODUVFjByJywgMzg4NjEwODYzBRbwi5ICwQ4hc0lhN3JBakJpZWNaRUtfMnBya0JHQUFndnIxRE1BSTRBRUFBU0pnNVVNM1A1d3BZQUdELUJHZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJDcWdCQ3JBQkFMa0JaUUQ0RkI0YzRUX0JBV1VBLUJRZUhPRV95UUVBQUFBQUFBRHdQOWtCQUFBBQ50OERfZ0FlMnExQVAxQWVPLWd6LVlBZ0NnQWdHMUFnASMEQzkJCNhEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnR0FBd0dZQXdHaUF3NElzc2F0SlJBTEdBSXRBAUPoTG9EQ1V4QldERTZOVFV6Ti1BRDJTLUFCUGlNeWdtSUJQeU15Z21RQkFHWUJBR2dCQlNxQk04SENQX18VAgh3RVEVDBRfX19BUmoBBw0BDDhCSVANCwEBCHdFbwEHEQEIQVREEQsUX19fOEJPMiwABEZBARYRAQRBVTZYAABVNiwAAFkRKAEBBEFXNlgAAGE2LAAAdwEkEQEEQVg2WAAIZ0FIERsFlABpOhAAAGs6EAAgbUFIRnc1TUJvOhgAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAAhnQUwB8Q0BCDhCaToQAABrOhAAAG06EAAAbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAEZ0EuJQIhADYQAABrOhAAAG06EAAAbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FULfwBASEANhAAAGs6EAAAbToQAABvOhAAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAAhnQVgB-Q0BIQA2EAAAazoQAABtOhAACHdRUaFSCQEITWtFCQkBARhEWUJBRHhCAQsNAVxpQVdoSzVBRi12cy1tQVd4NHZXRUFha0YNHxRBOEQteEIBT1BHQnZjdXNfd1FYTnpNeHMzSGZ3UDguKAAEX1IFKA0BCDJRVQ0KyER3UC1BRjNLRUQ4QVgzX3BBSi1BV1R3MXFDQmdOVlUwU0lCZ1NRQmdHWUJnQ2hCcHFabQECLGUwX3FBWUVzZ1lrQwGADQEARR0MAEcdDABJHQw4dUFZS5oCmQEhdHhVTVVROkUHNEw2OVF5QUFLQUF4bXBtAWsUWjdUODZDLn0GFDBEWkwwaw1zDER3UDE9RABGERgMQUFBRx0YAEcdGABIHRgMSGdBaS5ZB_DXdy4u2AKeSOACzdtX6gIjaHR0cHM6Ly9hbm90ZXBhZC5jb20vbm90ZXMvMzJheTM3ZGaAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APFw5MB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTExNi45MC43NC4yMDOoBACyBBAIABABGMoHIPoBKAAwADgCuAQAwAQAyAQA0gQONzMyMCNMQVgxOjU1MzfaBAIIAeAEAfAEr_amuQGIBQGYBQCgBf___________wHABQDJBQAADpkJFPA_0gUJCQEKAQG42AUB4AUB8AX08SX6BQQIABAAkAYAmAYAogYONzEyNSNMQVgxOjYzMDK4BgDBBgABMywA8D_QBqkl2gYWChAFEB0BYBAAGADgBgHyBocBCPr7PhKAATF4Tm1RbG8hithEQUFrQ0JRRUktdHZJQmhDYjBic0NHSTM0eFFJZ0J5Z0FRSy1TcndWSTZMU3ZCVkRaTDFpZU1YNqgBAGc1qAxBQUFJGkEJLEpvQkFnZ0FxQUVBcy4gADxBLi6ABwGIBwCgBwG6Bw8IBaAAICFNLIwWQADIB9_dBdIHDS0NBDlAAb4I2gcGCSfwXuAHAOoHAggA8AeW5AuKCEYKQgAAAYRSJE6wWMMe2uvMaSrV7cXGZBCtNrP9oJ9vbEVuQn8jcHWomh1J-kK5mhHIBNse8z9aXTHLBVv7lIYbtMlZ7xABlQgAAIA_mAgB&s=5f8c21ee4ce57c9bd638c97d7d06f8018029568a
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:25 GMT
AN-X-Request-Uuid
ce665abc-917f-4261-9f3f-0d30c3282a31
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
116.90.74.203; 116.90.74.203; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
protected-by.clarium.io/ Frame 8F06 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_cWFLdHh1TDFLUl8yVGZtejBObVBhQXVkc0JjL2FwcG5leHVzOjMwMHgyNTA=&v=5&s=v31gh928mhr&id=eyJwcmViaWQiOnsiYWRJZCI6IjE3MWQ2MTY5NGQzYWNhZmMiLCJjcG0iOjAuMjMzMjkyNTEsInMiOiJhbm90ZXBhZF9sZWFkZXJib2FyZF9idGYiLCJzcmMiOiJjbGllbnQifSwidHBfY3JpZCI6IlBCOmFwcG5leHVzOzM4ODYxMDg2MyJ9&sb=undefined&cb=9373473&h=anotepad.com&d=eyJ3aCI6ImNXRkxkSGgxVERGTFVsOHlWR1p0ZWpCT2JWQmhRWFZrYzBKakwyRndjRzVsZUhWek9qTXdNSGd5TlRBPSIsIndkIjp7ImsiOnsiaGJfYmlkZGVyIjpbImFwcG5leHVzIl0sImhiX3NpemUiOlsiMzAweDI1MCJdfX0sIndyIjowfQ==
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.49.167.89 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-49-167-89.eu-north-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:28 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
c
c.pub.network/ 		36 B
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.35.0.e0d13514c58243f74fadfae994357dea0b370718.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.110.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.110.160.34.bc.googleusercontent.com
Software
/
Resource Hash
0f0f3b998098773e2c44efc426ddf2389b690e652fee53b2dcc0686bc96cffd2

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 07 Nov 2022 12:50:25 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://anotepad.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://anotepad.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 07 Nov 2022 12:50:25 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://anotepad.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://anotepad.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 07 Nov 2022 12:50:25 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://anotepad.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://anotepad.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 07 Nov 2022 12:50:25 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://anotepad.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://anotepad.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 07 Nov 2022 12:50:25 GMT
server
ATS/9.1.10.25
auction
s2s.t13.io/openrtb2/ 		1017 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
5822d0ff4fa90ae57908ce1f5def152e4a7df89a0071e054ed7e89fbfbdb1c4a

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
content-encoding
gzip
via
1.1 google
x-prebid
pbs-java/1.94.0
content-type
application/json
access-control-allow-origin
https://anotepad.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
378
expires
0
cdb
bidder.criteo.com/ 		18 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=69073488705&lsavail=0
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Nov 2022 12:50:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
arj
freestar-d.openx.net/w/1.0/ 		175 B
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a74d6db0-ae6f-455b-8fec-01288102ad7c&nocache=1667825424988&audigentid=0001yum0eakgjaifdl7eblija66blijibhk6ilibb6abackkc2jl&ttduuid=aecd6e24-a5c6-432b-b87d-76314db61f68&pubcid=bd48dedd-b4fa-45d4-a0f6-c38d9c05852d&schain=1.0%2C1!freestar.com%2C1036%2C1%2Cced9088c-bee2-4fb7-aed4-4ac00ab91e32%2C%2C&aus=970x250%2C970x90%2C728x90%2C336x280%2C300x250&divids=anotepad_leaderboard_atf&aucs=%252F15184186%252Fanotepad_leaderboard_atf%252Fanotepad_leaderboard_atf&auid=539181725
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
2296c439f6a4b9f66707b62b3ada8300805671d83ffbf9a0245387f47e2311c3

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://anotepad.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
expires
Mon, 26 Jul 1997 05:00:00 GMT
hbjson
grid.bidswitch.net/ 		24 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.117.18 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
18.117.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e729caf6afbc1ae8cd10848c3aa5bd8f75301b3c017860ee104ea00bfc29e904

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 07 Nov 2022 12:50:25 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://anotepad.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
prebid
ib.adnxs.com/ut/v3/ 		14 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
fb1f8f3374929873577fca8654c82090c9d496cdfa3d44d1c6621f65b2789cd6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 07 Nov 2022 12:50:25 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.203; 116.90.74.203; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
988cb2ba-4a76-4c0e-bb42-c86f3ba6b20d
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://anotepad.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
a2cc20b3508f79cbefae2632d9757a11d0380fae0884dc1f743fa33d6a970642

Request headers

Referer
https://anotepad.com/
x-openrtb-version
2.5
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 07 Nov 2022 12:50:25 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
bd1081ae39df66501afa8df86d726ab3bedc52fc5f73f78eb6a6060f8bcfd56f

Request headers

Referer
https://anotepad.com/
x-openrtb-version
2.5
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 07 Nov 2022 12:50:25 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
af43363568ace4b57fe8219025d343fece66fa5367b394660003be87bb12bcb2

Request headers

Referer
https://anotepad.com/
x-openrtb-version
2.5
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 07 Nov 2022 12:50:25 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
b93e0d4020bef9eb50ebf04a4436f91ed71af0feb36e598d2b9826eb2ed88e0d

Request headers

Referer
https://anotepad.com/
x-openrtb-version
2.5
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 07 Nov 2022 12:50:25 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
content-length
66
/
colossusssp.com/ 		2 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.77.87.217 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://anotepad.com
Date
Mon, 07 Nov 2022 12:50:25 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
display
mantodea.mantisadnetwork.com/prebid/ 		56 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/display?tz=0&buster=1667825424993&secure=true&version=9&uuid=bbbd2e19-9bb4-41d0-8975-3079e1f0287a&title=Flight%20ticket%20price%20from%20Tehran%20to%20Najaf%20-%20Online%20Notepad&url=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&measurable=true&bids[0][bidId]=231f268a19115714&bids[0][config][property]=5c3404d83e048a00261ad27f&bids[0][config][zone]=anotepad_leaderboard_atf&bids[0][sizes][0][width]=970&bids[0][sizes][0][height]=250&bids[0][sizes][1][width]=970&bids[0][sizes][1][height]=90&bids[0][sizes][2][width]=728&bids[0][sizes][2][height]=90&bids[0][sizes][3][width]=336&bids[0][sizes][3][height]=280&bids[0][sizes][4][width]=300&bids[0][sizes][4][height]=250&property=5c3404d83e048a00261ad27f&foo
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.80.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-80-64.compute-1.amazonaws.com
Software
/ Express
Resource Hash
c56adf2fd448a470f4e93e715fe85dece3468f3071c05ed8692c1a0c83748139

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
x-powered-by
Express
etag
W/"38-JPS1cmdBAHb/6sWp0CJeCK68ik4"
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://anotepad.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
56
expires
-1
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		651 B
774 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.105.246 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-105-246.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
195610547f8166486be5983375136c1d5f08c4bf2b06bc6ba3a38bc6cf31d264

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Nov 2022 12:50:25 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://anotepad.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
409
v1
btlr.sharethrough.com/universal/ 		659 B
810 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.105.246 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-105-246.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ad750038357123d5eb30d8691fd2bf658a647e5539d87eceb4b2d61f0e284e69

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Nov 2022 12:50:25 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://anotepad.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
445
v1
btlr.sharethrough.com/universal/ 		382 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.105.246 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-105-246.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
3c40c45207cc232e950fa315466932e038f95d51724aa6a2d1de8f95361bae55

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Nov 2022 12:50:25 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://anotepad.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
257
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=676941&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2223705c411114d38%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df%22%2C%22name%22%3A%22anotepad-com%22%2C%22domain%22%3A%22anotepad.com%22%2C%22cat%22%3A%5B%22IAB5%22%5D%2C%22sectioncat%22%3A%5B%22IAB5%22%5D%2C%22pagecat%22%3A%5B%22IAB5%22%5D%2C%22ref%22%3A%22%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22www.freestar.com%22%2C%22ext%22%3A%7B%22taxonomyname%22%3A%22iab_content_taxonomy%22%7D%2C%22segment%22%3A%5B%5D%7D%5D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df%22%2C%22tmax%22%3A1200%2C%22syncsPerBidder%22%3A3%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22%2F15184186%2Fanotepad_leaderboard_atf%2Fanotepad_leaderboard_atf%22%2C%22adunitcode%22%3A%22anotepad_leaderboard_atf%22%2C%22divId%22%3A%22anotepad_leaderboard_atf%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22238a0af66b7ef5d6%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22676941%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22676941%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22676941%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22676941%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22676941%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F15184186%2Fanotepad_leaderboard_atf%22%2C%22gpid%22%3A%22%2F15184186%2Fanotepad_leaderboard_atf%2Fanotepad_leaderboard_atf%22%2C%22tid%22%3A%22a74d6db0-ae6f-455b-8fec-01288102ad7c%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%2287164ca3-2cd5-484a-a7f9-deb3a12e4682%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%221036%22%2C%22hp%22%3A1%2C%22rid%22%3A%22a597bcbc-1385-4d78-8f74-7bf79d17e038%22%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22audigent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220001yum0eakgjaifdl7eblija66blijibhk6ilibb6abackkc2jl%22%7D%5D%7D%2C%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22aecd6e24-a5c6-432b-b87d-76314db61f68%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bf92f80f4362c5adbec23a97e8d15461dbb44813683d4e11d5888a1f6614439

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bbXsid7iPrvSZ2RgYHAIX7aaM3hy%2FslGp8TYMax2Ghn50fRtK6gnuihfMrEHzPwCUkMhkYdZMohqMZ7S3oH1c3H7jcpUjPOXqVRitVWrtj2iBsHACvFatTQTC%2BbIGfamxs9JbAlR"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://anotepad.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
766631caa957ee92-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		517 B
575 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=2223364&size_id=15&alt_size_ids=2%2C16%2C55%2C57&rp_schain=1.0,1!freestar.com,1036,1,a597bcbc-1385-4d78-8f74-7bf79d17e038,,&eid_audigent.com=0001yum0eakgjaifdl7eblija66blijibhk6ilibb6abackkc2jl%5E1&tpid_tdid=aecd6e24-a5c6-432b-b87d-76314db61f68&eid_adserver.org=aecd6e24-a5c6-432b-b87d-76314db61f68&rf=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&tg_i.name=anotepad-com&tg_i.domain=anotepad.com&tg_i.cat=IAB5&tg_i.sectioncat=IAB5&tg_i.pagecat=IAB5&tg_i.page=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&tg_i.fs_ad_product=banner&tg_i.pbadslot=%2F15184186%2Fanotepad_leaderboard_atf%2Fanotepad_leaderboard_atf&tk_flint=pbjs_lite_v7.19.0&x_source.tid=a74d6db0-ae6f-455b-8fec-01288102ad7c&l_pb_bid_id=244e5ffc68e5cb57&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F15184186%2Fanotepad_leaderboard_atf%2Fanotepad_leaderboard_atf&slots=1&rand=0.2382366169629775
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a58e69205055c3fd815573937c61233dad7c83e41f3bd35b0cc67e78eaa17627

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://anotepad.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
517
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ads.yieldmo.com/exchange/ 		8 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.19.0&p=%5B%7B%22placement_id%22%3A%22anotepad_leaderboard_atf%22%2C%22callback_id%22%3A%22246d2437171dfe68%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B970%2C90%5D%2C%5B728%2C90%5D%2C%5B336%2C280%5D%2C%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222662464007037722661%22%2C%22gpid%22%3A%22%2F15184186%2Fanotepad_leaderboard_atf%2Fanotepad_leaderboard_atf%22%2C%22tid%22%3A%22a74d6db0-ae6f-455b-8fec-01288102ad7c%22%2C%22auctionId%22%3A%2287164ca3-2cd5-484a-a7f9-deb3a12e4682%22%7D%5D&page_url=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&bust=1667825424998&dnt=false&description=aNotepad.com%20is%20your%20everyday%20online%20notepad.%20You%20can%20take%20notes%20and%20share%20notes%20online%20without%20having%20to%20login.%20You%20can%20use%20a%20rich%20text%20editor%20and%20download%20your%20note%20as%20PDF%20or%20Word%20document.%20Best%20of%20all%20-%20aNotepad%20is%20a%20fast%2C%20clean%2C%20and%20easy-to-use%20notepad%20online.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=Flight%20ticket%20price%20from%20Tehran%20to%20Najaf%20-%20Online%20Notepad&w=1600&h=1200&pubcid=bd48dedd-b4fa-45d4-a0f6-c38d9c05852d&tdid=aecd6e24-a5c6-432b-b87d-76314db61f68&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%221036%22%2C%22hp%22%3A1%2C%22rid%22%3A%22a597bcbc-1385-4d78-8f74-7bf79d17e038%22%7D%5D%7D&eids=%5B%7B%22source%22%3A%22audigent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220001yum0eakgjaifdl7eblija66blijibhk6ilibb6abackkc2jl%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22aecd6e24-a5c6-432b-b87d-76314db61f68%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.9.69 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-9-69.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
697e4ad2c6a3705c5fec2202b39f7b6da877b9032fd982340968bcbc58f0d57e

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
content-encoding
gzip
vary
accept-encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
access-control-request-headers
Cache-Control, Pragma
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df35500551&pos=8a9694120174744413194708f3730a02&cmd=bid&req=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&eidadserver.org=aecd6e24-a5c6-432b-b87d-76314db61f68&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
8ccfc550c0f227d025190ddbd55abb5de07e0168ebdd27d02e5ce886fe64dcd9

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Nov 2022 12:50:25 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df35500551&pos=8a9694120174744413194708f0170a00&cmd=bid&req=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&eidadserver.org=aecd6e24-a5c6-432b-b87d-76314db61f68&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
46dd068220961196933d80c89fa84869998c1c53cd17fd6ceae554b0db98375e

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Nov 2022 12:50:25 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df35500551&pos=8a969412017474441319470184320795&cmd=bid&req=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&eidadserver.org=aecd6e24-a5c6-432b-b87d-76314db61f68&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
af58233354d9837a58e05c594f01be2ea6dcd7150d70a34aaf4cd2994f59e103

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Nov 2022 12:50:25 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df35500551&pos=8a9698b40175759a19619dee240d0031&cmd=bid&req=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&eidadserver.org=aecd6e24-a5c6-432b-b87d-76314db61f68&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
beabe065ca7212bcc65b1f83045ecbfcfd350318d2172b0d7a0437027c31ede1

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Nov 2022 12:50:25 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
content-length
62
trinity.json
apex.go.sonobi.com/ 		96 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22253f864f3b42044d%22%3A%225e9ece2f430c20b04dd1%7C970x250%2C970x90%2C728x90%2C336x280%2C300x250%7Cgpid%3D%2F15184186%2Fanotepad_leaderboard_atf%2Fanotepad_leaderboard_atf%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&s=32b0d903-08f7-4692-93c8-909e79b2b156&pv=3ec970c6-5b84-415e-af31-ec50eab0b5bb&vp=desktop&lib_name=prebid&lib_v=7.19.0&us=3&fpd=%7B%22site%22%3A%7B%22name%22%3A%22anotepad-com%22%2C%22domain%22%3A%22anotepad.com%22%2C%22cat%22%3A%5B%22IAB5%22%5D%2C%22sectioncat%22%3A%5B%22IAB5%22%5D%2C%22pagecat%22%3A%5B%22IAB5%22%5D%2C%22page%22%3A%22https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df%22%2C%22ref%22%3A%22%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22www.freestar.com%22%2C%22ext%22%3A%7B%22taxonomyname%22%3A%22iab_content_taxonomy%22%7D%2C%22segment%22%3A%5B%5D%7D%5D%7D%7D%2C%22ext%22%3A%7B%22prebid%22%3A%7B%22storedrequest%22%3A%7B%22id%22%3A%22f20a6258-ed38-48d5-9cef-ec48c9438341%22%7D%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%221036%22%2C%22hp%22%3A1%2C%22rid%22%3A%22a597bcbc-1385-4d78-8f74-7bf79d17e038%22%7D%5D%7D&userid=%7B%22hadronId%22%3A%220001yum0eakgjaifdl7eblija66blijibhk6ilibb6abackkc2jl%22%2C%22tdid%22%3A%22aecd6e24-a5c6-432b-b87d-76314db61f68%22%7D&eids=%5B%7B%22source%22%3A%22audigent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220001yum0eakgjaifdl7eblija66blijibhk6ilibb6abackkc2jl%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22aecd6e24-a5c6-432b-b87d-76314db61f68%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D&coppa=0
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.34.250.78 Los Angeles, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
23022383b3a03da01e4f749f771683df24f78b51c5e8bc405badf9f670d6601a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:25 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-56
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://anotepad.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
121
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.193 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://anotepad.com
date
Mon, 07 Nov 2022 12:50:24 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
view
googleads4.g.doubleclick.net/pcs/ Frame 2F81 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssLR_bHAYyZbYQX2K3XtIYnVtxzZ-BvRP1AXK478HFXUmZE-f5NA6fiZkVvKJog7QvbeoGf8Y-8D6pPyG8_Bb-dgbwZ2FwpdQAIvHyq4wKqJJSPfTX_8OnNy2nG0SAJM3xmKev2qNEtx98UfSNdchY9acdXp2JOTKoIwxa4iGyK0koPjp5eV6E6bdPC3XusW5oCCQ1QYyFi4IYx41je5QC64t86S9vvDzVCvQYZoqrrl4RyFOb9sHk5LS7y4GAWyN5J-ePblCv-BMTwC3mIoN-SuEdtY7O48aVvVKq4ZDz-TnXils3NvfhYIuMrkPB8HiJupwzyyt3aTWzVAWzZk2UBYYfI1MXO6A9pLNQwCILFVW5SRkMdkn3v_iPspJPARG_lz2_kvlmrQLNUFElLbShAOGcD36_oRm9LCRnkdpfKiJguu_UPQ2RAcZS6ohfg3tYasCKs9YgylHM5aSFrQFSSubV28T0x92DYnkP-iklwb4Irlh1FjGpuanJicchMMWaqOUfDrWnHY8NtjfGWg2FTwvhpVvuD1oM1tgi33tcW97hq76fzSdnLC8VGjH2jQbT3_V4Qbd0dMRVe0kmU4Go3DaGMKGPpBJPyx_OT73Fvov4kDKmfKrJV0nS6myCwO2Nz0xTlS7wMhgZISMxyKWYtRiHKt-wVxoQf8LJaiY0I5TB6biezBrfyAVCuMYc7qAJylb3MCsTt4qW_IMjvEQnolCGCllH9fSkRKcVh8o07gz37sr7ogiQBZpDM2bDu0GysoPUkGY_pDylUDa900Wi2bUQrNR_p9bJlb-yVxHi6h3NLn6fCDjggG4tb6WouOrC3lpYibxx5luoUlTWr1iiGuhm7J8ZjK7Cu1V3DTSwmRaxQUw-ORijDN_AoLl_fCr4kwE_m77Tukvuevmjue13UHdPgTeMm31IYiP-sgKYI_2ElAxEkMXFJ1QjhygjE-kuKQ1ssIiuHCX4zbpXPXEAaD67wgidbj-JuiAcnIu1fauNM7E4XPD2PmxUJNbn3C-zV4PwmPnqi4Kb5gEZPQfcovRqFWY2Yfa6YfEa-hzOAVVuvjbdrX2a54iX83Z-2JmBHklDPpzjSnmF9M02meNq4Kf5xXQ-8G6nr7B9UHNhLj6A7zuahNOLs_aE7egpjXVngpmkyi0XFMGxJYw&sai=AMfl-YQmiKH_VMrh2Df80dEEySpbYhWDLERkiWdSRfJMnfXgdCBe2828Kyfbhasnnql2A3_vXt4iEJ2b7jIGwkEsTR2A9MkrXk0AgmyUVUcpHS6jle3X3H3FwRMoAsVsmKj-gSdb0pOTdKhWzRASS0t6biiLwDCGB4zJ0EnYUMcpUOtlWxVCnldQ3QDmfX3B6vnUckUyDsFst5AQBQymFvQluzvRpNuwqLxuM1jbfYcuMx0wOCjTwB00_mcTRSY07Fs71rHfv91fX7Y&sig=Cg0ArKJSzIxHWAGUcs0GEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1026&cbvp=1&cisv=r20221027.86986&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 07 Nov 2022 12:50:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 07 Nov 2022 12:50:25 GMT
13036425544047775440
s0.2mdn.net/simgad/ Frame 2F81 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/13036425544047775440
Requested by
Host: 126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com
URL: https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
4d19ba68a2d3c490f7586659e9db596c80cccc6752e00f02c4e2bf8f4b84af26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 05 Nov 2022 17:23:09 GMT
x-content-type-options
nosniff
age
156436
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23304
x-xss-protection
0
last-modified
Mon, 26 Sep 2022 22:47:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 05 Nov 2023 17:23:09 GMT
vbl.gif
pre.glotgrx.com/ Frame BA99 		26 B
87 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1667825425067&rnd=id8vwr0qnazq&ifm=1&uai=1&cid=1041&s=anotepad.com&p=undefined&x=&adtg=&ats=0&atf=&nsi=&si=&nci=&nai=&pft=0&iip=0&adb=1&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=&idl=&ttduid=&id5=&emh=
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1667825423174&secure=true&version=9&uuid=bbbd2e19-9bb4-41d0-8975-3079e1f0287a&title=Flight%20ticket%20price%20from%20Tehran%20to%20Najaf%20-%20Online%20Notepad&url=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.118.195 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:25 GMT
cf-cache-status
HIT
last-modified
Wed, 12 Oct 2022 01:08:32 GMT
server
cloudflare
age
1937
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
766631cd294daaef-SYD
content-length
26
expires
Mon, 07 Nov 2022 14:50:25 GMT
nflrc.gif
pre.glotgrx.com/ Frame BA99 		26 B
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=166782542505341&ver=1.2r81&qid=83233313f553333313f513430313&p=undefined&s=anotepad.com&x=&cid=1041&od1=&od2=&adtg=&nci=&nai=&si=&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=id8vwr0qnazq&impid=&idl=&ttduid=&id5=&emh=&tps=2&ver1=2.2.3&1=6c47f21b1a604968adcb1eb2f7b68c9c&2=0.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%220%22%3A%22Chrome%2520PDF%2520Plugin%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%221%22%3A%22Chrome%2520PDF%2520Viewer%2520-%2520%2520-%2520mhjfbmdgcfjbbpaeojofohoefgiehjai%2520-%2520fl_br%22%2C%222%22%3A%22Native%2520Client%2520-%2520%2520-%2520internal-nacl-plugin%2520-%2520fl_br%22%7D%7D&6=2&7={%22e%22:%2211%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=1041&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=1&icpl=25&icp=https%253A//anotepad.com/&irfl=25&irf=https%253A//anotepad.com/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-28-p-fl-9-s-fl-12-x-fl-0-cid-fl-4-od1-fl-0-od2-fl-0-adtg-fl-0-nci-fl-0-nai-fl-0-si-fl-0-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-idl-fl-0-ttduid-fl-0-id5-fl-0-emh-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-&spfp=0&spfnp=0&sp1=Chromefl_andWindows&sp2=Chromefl_andWindows&adv=0&det=1&adb=1&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=0x0&gpu=Intel%20Iris%20OpenGL%20Engine&ncf=4g_10_undefined_null_0_undefined_false&chua={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}&fli=&flerr=0&trim=&fio=23
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1667825423174&secure=true&version=9&uuid=bbbd2e19-9bb4-41d0-8975-3079e1f0287a&title=Flight%20ticket%20price%20from%20Tehran%20to%20Najaf%20-%20Online%20Notepad&url=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.118.195 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:25 GMT
cf-cache-status
HIT
last-modified
Wed, 12 Oct 2022 01:08:32 GMT
server
cloudflare
age
6558
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
766631cd294eaaef-SYD
content-length
26
expires
Mon, 07 Nov 2022 14:50:25 GMT
async_usersync
ib.adnxs.com/ Frame A2CF 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:25 GMT
AN-X-Request-Uuid
80d5f718-8cbc-4d15-a1d5-14549edba260
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.203; 116.90.74.203; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
hde.tynt.com/deb/ Frame 153A
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privac...
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f...
  • https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26...
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 Tinley Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
f8d47fbea9e025346a0ed19a739b08b214dc0dd99a7f6a82c1725b3381776218

Request headers

Referer
https://anotepad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
2178
content-type
text/html
date
Mon, 07 Nov 2022 12:50:27 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Mon, 07 Nov 2022 12:50:26 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
async_usersync
ib.adnxs.com/ Frame 194C 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:25 GMT
AN-X-Request-Uuid
844e54ad-6860-47f0-9973-8d1e0945fefb
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.203; 116.90.74.203; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vbl.gif
pre.glotgrx.com/ Frame F080 		26 B
83 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1667825425232&rnd=9yk3w3ij9zws&ifm=1&uai=1&cid=1041&s=anotepad.com&p=undefined&x=&adtg=&ats=0&atf=&nsi=&si=&nci=&nai=&pft=0&iip=0&adb=1&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=&idl=&ttduid=&id5=&emh=
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1667825422608&secure=true&version=9&uuid=bbbd2e19-9bb4-41d0-8975-3079e1f0287a&title=Flight%20ticket%20price%20from%20Tehran%20to%20Najaf%20-%20Online%20Notepad&url=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.118.195 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:25 GMT
cf-cache-status
HIT
last-modified
Wed, 12 Oct 2022 01:08:32 GMT
server
cloudflare
age
1937
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
766631cd294faaef-SYD
content-length
26
expires
Mon, 07 Nov 2022 14:50:25 GMT
nflrc.gif
pre.glotgrx.com/ Frame F080 		26 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=1667825425219934&ver=1.2r81&qid=83233313f553333313f513430313&p=undefined&s=anotepad.com&x=&cid=1041&od1=&od2=&adtg=&nci=&nai=&si=&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=9yk3w3ij9zws&impid=&idl=&ttduid=&id5=&emh=&tps=2&ver1=2.2.3&1=6c47f21b1a604968adcb1eb2f7b68c9c&2=0.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%220%22%3A%22Chrome%2520PDF%2520Plugin%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%221%22%3A%22Chrome%2520PDF%2520Viewer%2520-%2520%2520-%2520mhjfbmdgcfjbbpaeojofohoefgiehjai%2520-%2520fl_br%22%2C%222%22%3A%22Native%2520Client%2520-%2520%2520-%2520internal-nacl-plugin%2520-%2520fl_br%22%7D%7D&6=2&7={%22e%22:%2211%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=1041&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=1&icpl=25&icp=https%253A//anotepad.com/&irfl=25&irf=https%253A//anotepad.com/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-28-p-fl-9-s-fl-12-x-fl-0-cid-fl-4-od1-fl-0-od2-fl-0-adtg-fl-0-nci-fl-0-nai-fl-0-si-fl-0-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-idl-fl-0-ttduid-fl-0-id5-fl-0-emh-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-&spfp=0&spfnp=0&sp1=Chromefl_andWindows&sp2=Chromefl_andWindows&adv=0&det=1&adb=1&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=0x0&gpu=Intel%20Iris%20OpenGL%20Engine&ncf=4g_10_undefined_null_0_undefined_false&chua={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}&fli=&flerr=0&trim=&fio=21
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1667825422608&secure=true&version=9&uuid=bbbd2e19-9bb4-41d0-8975-3079e1f0287a&title=Flight%20ticket%20price%20from%20Tehran%20to%20Najaf%20-%20Online%20Notepad&url=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.118.195 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:25 GMT
cf-cache-status
HIT
last-modified
Wed, 12 Oct 2022 01:08:32 GMT
server
cloudflare
age
6558
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
766631cd2951aaef-SYD
content-length
26
expires
Mon, 07 Nov 2022 14:50:25 GMT
ecm3
s.amazon-adsystem.com/ Frame EBAF
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=bbKSG2YzRkywCiUijFUM7Q&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=bbKSG2YzRkywCiUijFUM7Q
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=bbKSG2YzRkywCiUijFUM7Q
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
K4HEM88B5QW6DRN2YV57
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=bbKSG2YzRkywCiUijFUM7Q
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame EBAF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/amZOOkLx5N1g2j81g5SqEQ?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=9014975176109573877
42 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=9014975176109573877
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 07 Nov 2022 12:50:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=9014975176109573877
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame EBAF
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=uHLWG2o0SiSeV3D5j9J3wQ&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=uHLWG2o0SiSeV3D5j9J3wQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=uHLWG2o0SiSeV3D5j9J3wQ
Protocol
HTTP/1.1
Server
54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BXPB5NN8TCZ0QEMFGMPC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=uHLWG2o0SiSeV3D5j9J3wQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame EBAF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=ZDM4YzljNWEyMmNiODhkYzVlOWFlMDljYzQ4YjEzMjE3ZDg0NDU0Zg&google_cm
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFz_aoXEISYBSz9li5K3k-s&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEE2UzcxOFItSC1KRTFD&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEE2UzcxOFItSC1KRTFD&google_push=
Protocol
H3
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEE2UzcxOFItSC1KRTFD&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
Expires
0
tap.php
pixel.rubiconproject.com/ Frame EBAF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPy7hgK70Jd4nct3e9lkzq4&google_cver=1
42 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPy7hgK70Jd4nct3e9lkzq4&google_cver=1
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPy7hgK70Jd4nct3e9lkzq4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame EBAF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=aecd6e24-a5c6-432b-b87d-76314db61f68&gdpr=0&gdpr_consent=&expires=30
42 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=aecd6e24-a5c6-432b-b87d-76314db61f68&gdpr=0&gdpr_consent=&expires=30
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=aecd6e24-a5c6-432b-b87d-76314db61f68&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
setuid
px.ads.linkedin.com/ Frame EBAF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LA6S718R-H-JE1C
0
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LA6S718R-H-JE1C
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:26 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: F59EB9B1742C4DAEA2C26183648131F5 Ref B: SYD03EDGE1510 Ref C: 2022-11-07T12:50:26Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXs4N4cqLYnLob2X8S4mg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LA6S718R-H-JE1C
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame EBAF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEE2UzcxOFItSC1KRTFD
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEE2UzcxOFItSC1KRTFD
Protocol
H3
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEE2UzcxOFItSC1KRTFD
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d335433bbbe0efeac67146df47932f6f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js
pagead2.googlesyndication.com/bg/ Frame AB46 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 08:29:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
447652
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Nov 2023 08:29:33 GMT
async_usersync
ib.adnxs.com/ Frame 3B3E 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=7125&pub_id=863137&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7125&pub_id=863137
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:25 GMT
AN-X-Request-Uuid
b7b06a2c-632f-4d5d-b865-459da7e486f9
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.203; 116.90.74.203; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 14FC 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=7125&pub_id=863137&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7125&pub_id=863137
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:25 GMT
AN-X-Request-Uuid
a892fe99-0564-4737-ad0a-76fd7e7368ff
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.203; 116.90.74.203; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
syncframe
gum.criteo.com/ Frame 29D7 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=anotepad.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
b09a581bc29f4bdbe66bef5c69b90cc1a003e849e2f7706f47a9f0c5f5a6860e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://anotepad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 07 Nov 2022 12:50:25 GMT
server
Kestrel
server-processing-duration-in-ticks
458270
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 08 Nov 2022 12:50:25 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6755 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BjMHdD_9oY_XfKqzez7sPi8qPsAEAAAAAOAHgBAI&bg=!UlGlURXNAAZPh4lnb4c7ACkAdvg8WqPWgAO1osKiff25AA_XJQ6WrxeGLqEneXZPc58cnGzZSGJm1AIAAAEVUgAAAAJoAQcKAJo0R4T9XfghwjBphBRckbZd-hmGO5jHiPrnx_ImPylhJba98RHaRlTsXbiZDuE296d0f_ctCjT2rN0WI2qF13NZcGwevyC11Dm1SzlyLGvEh6Ee9r3gkn-49kcEhtdagCp9TQjD_bYUREJeM25iHA0icA85IEBuoW0In-heoOMehc3hWVEmqbMLgtof8DEQVIvwIGMGVRgFjSMGmQL0UIKr7n5zlCtWKRhUMw_beUZLUdFCvL3U42VN3L--00xUR4W1wUDRgNRs9HDwL8b6TmKShawQbnjFYOTUGMDEKlcq77mN4eCvgyyndHSiFfEXA_c0qYqOFb4O-lMnOha8ixg1KXIrjsQX--D_iL71u2v4ZgWP0q_G8eFuMyEHsbovyJDm6LAONUFywBPEkA3jbTUoR-mZSQEQtnbrfpR1zPZOyciPr8x3W3PXGEae9AePH3P0_bNNvjCqOLrGhvcOcyY5zC-W8i9_-Qm6gkbpmxwEOYA6oZviP3S3C6gC-M8Gg2yPzZmp4vpvlipPNEODiD8zUe3rrnyO7nOC6hgLa7iG9FulYMDJ88MtZvaCvF_Q1u-u9nqBYJZkaat7ae6pEM4oY58QZdHs_tYat6RG0a6hoQORUMiFeiyL_v26snUuzG1VNxVh7XPOJZW9S8gOEb6tBh-bLIGlUvCuJA3Q2zmlv_uPcQyDDUmLlNQuINHJAFgsztsTzkni-p4rLS06xB6u_2kUs_ArsBbN_WRe1N1tIgqjI90qpDhbNwK1PS4uyeE6_2bB9HcQcIQKcEYFeKMdGhY5Pbn-QD_sIT0QQn-tKX7oq_qVSEpllvOOrNM1tE2WzTimWSgrri1WovGOMJAGkhhwKtuAkhsHuAO3SG6vVI6UI4WwVObiOcoQs4_LHn5-wP6B0BV9YwvlfCoqkrQRqhOxUIxbHavzk5P9gc0s5yeOfm1oCFdDc22NGpT-sgnUMPLT8WmL74H5GSk2z4CXdY2HtYbKSnlussQDOF80Kd0Nt-JejEUHKhj4NWB80pUmf_vbq7KjoL97IW3UFqJjtcJXfx66WRKhEkphd8dwyn1s8HImYSB82bqNUQFUFjSmgv6F6Cqu8qVhhl4IaGTZ65X9dlouWd70arXUoc7uh5kiDJIEh3iBgjUPko_w0HZURxagK8yS5WYlxF_cjLaZoStVZ8e_qOk4KaBOGCLtVWv4-zhnrOAOvi0OOiXMhCVw
Requested by
Host: 126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com
URL: https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 0E54
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y2j-ELQHPsPZv3bjUYpljgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN4SQa1OALnhuyPoYIq7Y6w&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN4SQa1OALnhuyPoYIq7Y6w&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fanotepad.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN4SQa1OALnhuyPoYIq7Y6w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0E54
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=aecd6e24-a5c6-432b-b87d-76314db61f68&expiration=1670417425&gdpr=0&gdpr_consent=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=aecd6e24-a5c6-432b-b87d-76314db61f68&expiration=1670417425&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fanotepad.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=aecd6e24-a5c6-432b-b87d-76314db61f68&expiration=1670417425&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 0E54
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y2j_EAd7Z_oQdoUVVA8JQQAAEmQAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBDtyP-HU6-URD6w5BUhMr0&google_cver=1
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBDtyP-HU6-URD6w5BUhMr0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fanotepad.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q69CKOnmVUPeW9ikYPxAWLvw2BrPp7j4rrM6ecvog30DKzvlz3gBieoehhY6P%2BKuskWuyBD2F%2BsNGbRQWiohmSMfcpzM3mXwkpiDQc3WgDiEatoCdo6eXMOECM7vQVEl8iGheO79uMc1%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
766631cf2c8cee96-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBDtyP-HU6-URD6w5BUhMr0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 0E54
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2j_EAd7Z_oQdoUVVA8JQQAAEmQAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2j_EAd7Z_oQdoUVVA8JQQAAEmQAAAIB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2j_EAd7Z_oQdoUVVA8JQQAAEmQAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fanotepad.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3P4C6AWSWN2WT35GGZA2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GM2NGWFE3ZWT82EMDDN6
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2j_EAd7Z_oQdoUVVA8JQQAAEmQAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Y2j_EAd7Z_oQdoUVVA8JQQAAEmQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 0E54
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y2j_EAd7Z_oQdoUVVA8JQQAAEmQAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y2j_EAd7Z_oQdoUVVA8JQQAAEmQAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y2j_EAd7Z_oQdoUVVA8JQQAAEmQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fanotepad.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
13.229.186.111 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-186-111.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y2j_EAd7Z_oQdoUVVA8JQQAAEmQAAAIB
date
Mon, 07 Nov 2022 12:50:25 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame 0E54
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=3e116b3e-d2a7-036e-2abdccb7
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=3e116b3e-d2a7-036e-2abdccb7
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fanotepad.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

date
Mon, 07 Nov 2022 12:50:26 GMT
via
1.1 google
server
nginx/1.22.1
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=3e116b3e-d2a7-036e-2abdccb7
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
rum
dsum-sec.casalemedia.com/ Frame 0E54
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=NtxKD2aJTQYt1kgPNY1RAmKJGFItiU9TOd8phXua
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=NtxKD2aJTQYt1kgPNY1RAmKJGFItiU9TOd8phXua
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fanotepad.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=NtxKD2aJTQYt1kgPNY1RAmKJGFItiU9TOd8phXua
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum.casalemedia.com/ Frame 0E54
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1447531807871813638
43 B
873 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1447531807871813638
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fanotepad.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BHvpn4owXvwd%2Fw4R89kaGpO3aa9DnulADvc7T99M%2FALJDrxXzBvis9%2Bw9uWmv6DRtGSX4WNk%2BjOan9T12rMzhr0YGvxJy34EIEphIm2eJCl9EB5zZYpmYfNcLDxVQJef33XcGsJ2"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
766631d27e79ee9a-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:25 GMT
AN-X-Request-Uuid
47e5ce3c-0c2a-48ef-9f1b-c67cb12e44e9
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1447531807871813638
Connection
keep-alive
X-Proxy-Origin
116.90.74.203; 116.90.74.203; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 0E54 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y2j-EAd7Z-oQdoUVVA8JQQAA%264708
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fanotepad.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:26 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
51636
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
766631d36d50a977-SYD
content-length
43
expires
Tue, 08 Nov 2022 12:50:26 GMT
rum
dsum-sec.casalemedia.com/ Frame 8857
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=aecd6e24-a5c6-432b-b87d-76314db61f68&expiration=1670417426&gdpr=0&gdpr_consent=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=aecd6e24-a5c6-432b-b87d-76314db61f68&expiration=1670417426&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=aecd6e24-a5c6-432b-b87d-76314db61f68&expiration=1670417426&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 8857
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y2j_ELQHPsPZv3bjUYpljgAAFMIAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBDtyP-HU6-URD6w5BUhMr0&google_cver=1
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBDtyP-HU6-URD6w5BUhMr0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TvAnQDHjPnSt44UqxV7fPLeCbIVOOHggkV0gZAwblTMM4CYjh%2BrI1VJ8YAW73V0HViGmy%2B6cjeKHTFcli6NKtb03%2F69fUpcEsblChRJ%2B4hJdo4Qtc%2FRUi4DAHXdqFIcEYH3qbVA39qnHRg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
766631cefc79ee96-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBDtyP-HU6-URD6w5BUhMr0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 8857
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2j_ELQHPsPZv3bjUYpljgAAFMIAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2j_ELQHPsPZv3bjUYpljgAAFMIAAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2j_ELQHPsPZv3bjUYpljgAAFMIAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RYPS5XMXNMBEGB91EY0W
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PT9CW62GQ4S9KWFTJFXR
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2j_ELQHPsPZv3bjUYpljgAAFMIAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 8857
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y2j-ELQHPsPZv3bjUYpljgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN4SQa1OALnhuyPoYIq7Y6w&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN4SQa1OALnhuyPoYIq7Y6w&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN4SQa1OALnhuyPoYIq7Y6w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tp_out
d.adroll.com/cm/index/ Frame 8857 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.220.237.110 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-237-110.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:26 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.0
content-length
42
vary
Cookie
content-type
image/gif
user-registering
ads.stickyadstv.com/ Frame 8857 		43 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=Y2j-ELQHPsPZv3bjUYpljgAA%265314&gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.27.123.25 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-27-123-25.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:26 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1667825426316004-42
Expires
Mon, 07 Nov 2022 12:50:26 GMT
crum
dsum-sec.casalemedia.com/ Frame 8857
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1683463826&external_user_id=e5942ac9-15b6-4f9f-a1d0-c65df4a77304
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1683463826&external_user_id=e5942ac9-15b6-4f9f-a1d0-c65df4a77304
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

date
Mon, 07 Nov 2022 12:50:26 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1683463826&external_user_id=e5942ac9-15b6-4f9f-a1d0-c65df4a77304
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
rum
dsum-sec.casalemedia.com/ Frame 8857
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=VqA0OO2CTj1jmXkEhs-heHRaSss
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=VqA0OO2CTj1jmXkEhs-heHRaSss
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=VqA0OO2CTj1jmXkEhs-heHRaSss
Date
Mon, 07 Nov 2022 12:50:25 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
sync
usr.undertone.com/userPixel/ Frame 8857 		0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=57&uid=Y2j_ELQHPsPZv3bjUYpljgAAFMIAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-46.sin2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:26 GMT
via
1.1 84a8283bcf12d6659a335b8d00e9c15a.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
DarxfZ4zSTnC9obOyye_vHUXcyynyx5bDQXIoYrryZOIELRIVk1kFw==
c
c.pub.network/ 		36 B
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.35.0.e0d13514c58243f74fadfae994357dea0b370718.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.110.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.110.160.34.bc.googleusercontent.com
Software
/
Resource Hash
0f0f3b998098773e2c44efc426ddf2389b690e652fee53b2dcc0686bc96cffd2

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 07 Nov 2022 12:50:25 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
truncated
/ Frame 507E 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5dc0855f082f5c9a1f2993fd2a0ab84a9c0e57f59881ffd7330578ec1cc294f6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
match
c1.adform.net/serving/cookie/ Frame CA9E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B&gdpr=0&gdpr_consent=
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 07 Nov 2022 12:50:26 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Mon, 07 Nov 2022 12:50:26 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
sync
usr.undertone.com/userPixel/ Frame C1D6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:fecc6368-ff0f-4500-8782-ef9de7e74b2d&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8BEF0174-B64A-4E0E-8223-1C141AF7A63B
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
0
348 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-46.sin2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
0
date
Mon, 07 Nov 2022 12:50:27 GMT
server
istio-envoy
via
1.1 84a8283bcf12d6659a335b8d00e9c15a.cloudfront.net (CloudFront)
x-amz-cf-id
rcoDiz_eFrY0EwVJVKtrzzpcYWI7fBct9H-b2iWkZyj0rkfTpE4A1Q==
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 07 Nov 2022 12:50:26 GMT
location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 5BCB
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y2j-EgAGTIs6agAO&gdpr=0&gdpr_consent=&_test=Y2j-EgAGTIs6agAO
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Mon, 07 Nov 2022 12:50:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 07 Nov 2022 12:50:26 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
sync
usr.undertone.com/userPixel/ Frame DF6B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1447531807871813638&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8BEF0174-B64A-4E0E-8223-1C141AF7A63B
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
0
349 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-46.sin2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
0
date
Mon, 07 Nov 2022 12:50:27 GMT
server
istio-envoy
via
1.1 84a8283bcf12d6659a335b8d00e9c15a.cloudfront.net (CloudFront)
x-amz-cf-id
RtVi7aw8AnkcCL-hbvfQAZFn2OUhejpb4oUa3L9IkL_GFEg2-lTYHw==
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 07 Nov 2022 12:50:26 GMT
location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
sync
usr.undertone.com/userPixel/ Frame 23DB
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xq51zsjdhgk
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8BEF0174-B64A-4E0E-8223-1C141AF7A63B
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
0
349 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-46.sin2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
0
date
Mon, 07 Nov 2022 12:50:27 GMT
server
istio-envoy
via
1.1 84a8283bcf12d6659a335b8d00e9c15a.cloudfront.net (CloudFront)
x-amz-cf-id
3md2H40ckqTrAbGuyFNrmvZfGBWS9tBuZJnIXAumQMhwpzt2YNVddg==
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 07 Nov 2022 12:50:26 GMT
location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
sync
usr.undertone.com/userPixel/ Frame 8A1C
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=x7-2Q5fqsUrc7bdNxuqtTsO64h3ctLRNwO5_Itiu
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8BEF0174-B64A-4E0E-8223-1C141AF7A63B
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
0
350 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-46.sin2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
0
date
Mon, 07 Nov 2022 12:50:27 GMT
server
istio-envoy
via
1.1 84a8283bcf12d6659a335b8d00e9c15a.cloudfront.net (CloudFront)
x-amz-cf-id
bMg8i1QvoyeZ3s0l4z-XPSt4XLVMqXtQYznHbLcR5MT-LlawTBYTTw==
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 07 Nov 2022 12:50:26 GMT
location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
usersync.aspx
dis.criteo.com/dis/ Frame 8F81 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Mon, 07 Nov 2022 12:50:25 GMT
expires
Mon, 07 Nov 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
248184
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
sync
usr.undertone.com/userPixel/ Frame BE86
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=JuyJllLzRP5fddEZArGtwXRaSss
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8BEF0174-B64A-4E0E-8223-1C141AF7A63B
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
0
348 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-46.sin2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
0
date
Mon, 07 Nov 2022 12:50:27 GMT
server
istio-envoy
via
1.1 84a8283bcf12d6659a335b8d00e9c15a.cloudfront.net (CloudFront)
x-amz-cf-id
gCNgcmZEnoOZsixGW4qM2tfg9V71gG3QkmGEwtFuibJedwtUiBNhBw==
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 07 Nov 2022 12:50:26 GMT
location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 1C7A 		43 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.131.200.84 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 07 Nov 2022 12:50:26 GMT
Pragma
no-cache
Server
nginx
expires
-1
sync
usr.undertone.com/userPixel/ Frame CAAF
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=hUCdsSvsBUCtDCbFEv9oYw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8BEF0174-B64A-4E0E-8223-1C141AF7A63B
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
0
349 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-46.sin2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
0
date
Mon, 07 Nov 2022 12:50:27 GMT
server
istio-envoy
via
1.1 84a8283bcf12d6659a335b8d00e9c15a.cloudfront.net (CloudFront)
x-amz-cf-id
qs16MF9oqFRE2lAN_FTEOMdqM0Bcr_NV2xZj8rdM1Zx_y-P8ulHDwQ==
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 07 Nov 2022 12:50:26 GMT
location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
sync
usr.undertone.com/userPixel/ Frame 4D76
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=15989db9f61442c79a4145281c70897b
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8BEF0174-B64A-4E0E-8223-1C141AF7A63B
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
0
350 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-46.sin2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
0
date
Mon, 07 Nov 2022 12:50:26 GMT
server
istio-envoy
via
1.1 84a8283bcf12d6659a335b8d00e9c15a.cloudfront.net (CloudFront)
x-amz-cf-id
kJm-G-bFAkO3JbDkIKQuMLyd56oWoXL08GKiEEYZ4B145OLs6ukvBQ==
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 07 Nov 2022 12:50:26 GMT
location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
pxd
dps.jp.cinarra.com/ Frame BBA6 		95 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.177.223.79 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-177-223-79.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
95
Content-Type
image/png
Date
Mon, 07 Nov 2022 12:50:26 GMT
sync
usr.undertone.com/userPixel/ Frame 4075
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:EMAmbLl81OS1A55&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8BEF0174-B64A-4E0E-8223-1C141AF7A63B
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
0
350 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-46.sin2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
0
date
Mon, 07 Nov 2022 12:50:27 GMT
server
istio-envoy
via
1.1 84a8283bcf12d6659a335b8d00e9c15a.cloudfront.net (CloudFront)
x-amz-cf-id
Cje_wlHK-ga4irjDA6yXW4Bpjj16JU7HlC7PSMYyuHiA5xPXD4JMnA==
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 07 Nov 2022 12:50:26 GMT
location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
bridge
cm.adgrx.com/ Frame 2FB0 		0
230 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.14.27 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-14-27.ap-southeast-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
date
Mon, 07 Nov 2022 12:50:26 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
aws-apsoutheast1c-delivery-3
i.match
s.tribalfusion.com/z/ Frame 722F
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
418 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.173 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
766631d1d976fb98-AKL
content-length
43
content-type
image/gif; charset=utf-8
date
Mon, 07 Nov 2022 12:50:26 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
766631d028abfb98-AKL
content-type
text/html
date
Mon, 07 Nov 2022 12:50:26 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
117
cookiesync
core.iprom.net/ Frame B076 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 07 Nov 2022 12:50:27 GMT
Vary
Accept-Encoding
X-adserver-worker
erebus-64430c1c6d45@version_1.530v2
X-core-time
0ms
X-server-arch
v2
/
csync.loopme.me/ Frame 7CA9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.236.176 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
176.236.214.35.bc.googleusercontent.com
Software
_ /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

date
Mon, 07 Nov 2022 12:50:26 GMT
server
_
141
match.deepintent.com/usersync/ Frame 3018 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
0
date
Mon, 07 Nov 2022 12:50:26 GMT
server
a
ImgSync
image8.pubmatic.com/AdServer/ Frame 724E
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5CD9ABE038A94558A4EDA8DC9C7BD82B&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Mon, 07 Nov 2022 12:50:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 07 Nov 2022 12:50:26 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BAF0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=i-8BdLZKTg6CIxwUGvemOw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:25 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=43749
accept-ranges
bytes
content-length
5549
expires
Tue, 08 Nov 2022 00:59:34 GMT

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame BAF0
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
  • https://pippio.com/api/sync?pid=5324&it=1&iv=565a60a2125d62208428c469df44259f06262657d7aa6a246b16bda1c95d8ffa791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA1NjVhNjBhMjEyNWQ2MjIwODQyOGM0NjlkZjQ0MjU5ZjA2MjYyNjU3ZDdhYTZhMjQ2YjE2YmRhMWM5NWQ4ZmZhNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA1NjVhNjBhMjEyNWQ2MjIwODQyOGM0NjlkZjQ0MjU5ZjA2MjYyNjU3ZDdhYTZhMjQ2YjE2YmRhMWM5NWQ4ZmZhNzkxNDI2YjU0MTdkY2UyMRAAGgwIkv6jmwYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=2218b310-3bed-4d17-a611-7e4f5f07a76d
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=2218b310-3bed-4d17-a611-7e4f5f07a76d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:27 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=2218b310-3bed-4d17-a611-7e4f5f07a76d
date
Mon, 07 Nov 2022 12:50:27 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame BAF0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=fecc6368-ff0f-4500-8782-ef9de7e74b2d
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=fecc6368-ff0f-4500-8782-ef9de7e74b2d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
67.199.150.85 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 07 Nov 2022 12:50:25 GMT
Server
MT3 4629 97bee97 master hkg-pixel-x19 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=fecc6368-ff0f-4500-8782-ef9de7e74b2d
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 07 Nov 2022 12:50:24 GMT
sync
usr.undertone.com/userPixel/ Frame BAF0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEJFRjAxNzQtQjY0QS00RTBFLTgyMjMtMUMxNDFBRjdBNjNC&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8BEF0174-B64A-4E0E-8223-1C141AF7A63B
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
0
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
54.192.150.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-46.sin2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:27 GMT
via
1.1 84a8283bcf12d6659a335b8d00e9c15a.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
3
content-length
0
x-amz-cf-id
Ua4mqiW8FjwEnbecg3R2Z5UEYOoc5ItUO8D2MUqLLHsxQOwGcZ7rTg==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
date
Mon, 07 Nov 2022 12:50:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
usr.undertone.com/userPixel/ Frame BAF0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEK_0jnOvaTjmfRy-Lmwt59A&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8BEF0174-B64A-4E0E-8223-1C141AF7A63B
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
0
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
54.192.150.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-46.sin2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:27 GMT
via
1.1 84a8283bcf12d6659a335b8d00e9c15a.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1
content-length
0
x-amz-cf-id
EhAQYxleza3oSFmWCVfw7qd_AmDk3PEIArPqp1agIqCsQgKX7bRRTw==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
date
Mon, 07 Nov 2022 12:50:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame BAF0
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:EFB58C39959848CF98FAFE5E90FBBA3A
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:26 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Mon, 07 Nov 2022 12:50:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
8BEF0174-B64A-4E0E-8223-1C141AF7A63B
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame BAF0 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/8BEF0174-B64A-4E0E-8223-1C141AF7A63B?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.229.186.111 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-186-111.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
usr.undertone.com/userPixel/ Frame BAF0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=aecd6e24-a5c6-432b-b87d-76314db61f68&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8BEF0174-B64A-4E0E-8223-1C141AF7A63B
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
0
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
54.192.150.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-46.sin2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:27 GMT
via
1.1 84a8283bcf12d6659a335b8d00e9c15a.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1
content-length
0
x-amz-cf-id
28lNTWVeF2xw9POSpvw1oxrSq-FCp5CaWRtNscZgqtdvMxDTYuB7sA==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
date
Mon, 07 Nov 2022 12:50:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame BAF0
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6175201927420910676
42 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6175201927420910676
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 07 Nov 2022 12:50:26 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6175201927420910676
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
SPug
image4.pubmatic.com/AdServer/ Frame BAF0
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7osKyzxE2uV2NV5nR88USJ_7vlKf8s0-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7osKyzxE2uV2NV5nR88USJ_7vlKf8s0-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
67.199.150.85 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7osKyzxE2uV2NV5nR88USJ_7vlKf8s0-~A&gdpr=0&gdpr_consent=
date
Mon, 07 Nov 2022 12:50:26 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame BAF0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=fc240e64-2c43-4293-a491-f4a75f6549c2
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=fc240e64-2c43-4293-a491-f4a75f6549c2
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=5a23bee7-cf80-482b-83af-8635d41aecd9&user_group=1&ssp=pubmatic&bsw_param=fc240e64-2c43-4293-a491-f4a75f6549c2
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=fc240e64-2c43-4293-a491-f4a75f6549c2&gdpr=&gdpr_consent=&gdpr_pd=
1 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=fc240e64-2c43-4293-a491-f4a75f6549c2&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 07 Nov 2022 12:50:28 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=fc240e64-2c43-4293-a491-f4a75f6549c2&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 07 Nov 2022 12:50:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ImgSync
image8.pubmatic.com/AdServer/ Frame BAF0
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2666033777751808314&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:27 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Mon, 07 Nov 2022 12:50:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame BAF0
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=167d5ef7982920a8&is_secure=true&networkId=17100&version=1&nuid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALmhe7Dh2e-gNIpIfVAAAAAAA&expiration=1667911827&nuid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:27 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Mon, 07 Nov 2022 12:50:27 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame BAF0
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1447531807871813638
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1447531807871813638
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 07 Nov 2022 12:50:28 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:27 GMT
AN-X-Request-Uuid
28cce2a5-0e0b-4ed9-bb85-fc45733ca304
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1447531807871813638
Connection
keep-alive
X-Proxy-Origin
116.90.74.203; 116.90.74.203; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
d1ba4609
rtb.gumgum.com/getuid/ Frame BAF0 		35 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.65.116.136 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-65-116-136.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:27 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
dcm
s.amazon-adsystem.com/ Frame 6D0D
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2j_EOPXzZ1yIvSljRgADwAAEpIAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2j_EOPXzZ1yIvSljRgADwAAEpIAAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2j_EOPXzZ1yIvSljRgADwAAEpIAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fanotepad.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
T5NYXZDJWZY2CTNMKA0E
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
B2YB0E7Z4A5BHFTTH7AH
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2j_EOPXzZ1yIvSljRgADwAAEpIAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 6D0D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y2j-EOPXzZ1yIvSljRgADwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN4SQa1OALnhuyPoYIq7Y6w&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN4SQa1OALnhuyPoYIq7Y6w&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fanotepad.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN4SQa1OALnhuyPoYIq7Y6w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6D0D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=aecd6e24-a5c6-432b-b87d-76314db61f68&expiration=1670417426&gdpr=0&gdpr_consent=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=aecd6e24-a5c6-432b-b87d-76314db61f68&expiration=1670417426&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fanotepad.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=aecd6e24-a5c6-432b-b87d-76314db61f68&expiration=1670417426&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 6D0D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y2j_EOPXzZ1yIvSljRgADwAAEpIAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBDtyP-HU6-URD6w5BUhMr0&google_cver=1
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBDtyP-HU6-URD6w5BUhMr0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fanotepad.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iSavvumPpCs%2BRYa5Z6D2j%2FnAE7uFoAHet7qNnMmX3KbYWtsbrt3m86NF2M%2F%2BMkcL3HgvsTK3n2pH%2FDAMSpFSlqPsJ0Ev7xBFdgavvDLOjoCOUwD99n3vY0vGjKkKbL3R0E5hCBSr30iaiw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
766631cfbcc0ee96-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBDtyP-HU6-URD6w5BUhMr0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tp_out
d.adroll.com/cm/index/ Frame 6D0D 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fanotepad.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.220.237.110 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-237-110.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:26 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.0
content-length
42
vary
Cookie
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 6D0D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2666033777751808314
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2666033777751808314
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fanotepad.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2666033777751808314
pragma
no-cache
date
Mon, 07 Nov 2022 12:50:25 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 6D0D
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=9B4E31979F8D4E72B480B22951A5C75C
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=9B4E31979F8D4E72B480B22951A5C75C
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fanotepad.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Mon, 07 Nov 2022 12:50:26 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=9B4E31979F8D4E72B480B22951A5C75C
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 06 Nov 2022 12:50:26 GMT
demconf.jpg
dpm.demdex.net/ Frame 6D0D
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y2j-EOPXzZ1yIvSljRgADwAA%264754?gdpr_consent=&us_privacy=&gdpr=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y2j-EOPXzZ1yIvSljRgADwAA%264754
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y2j-EOPXzZ1yIvSljRgADwAA%264754
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fanotepad.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.41.79.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-41-79-126.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-00e7d2ee8.edge-usw2.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
we3guUoeR4k=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-2-v041-0a0ce6a7d.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
P5YonyI4TVc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y2j-EOPXzZ1yIvSljRgADwAA%264754
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
htw-pixel.gif
cdn.indexww.com/ht/ Frame 6D0D 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y2j-EOPXzZ1yIvSljRgADwAA%264754
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fanotepad.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:26 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
51636
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
766631d36d52a977-SYD
content-length
43
expires
Tue, 08 Nov 2022 12:50:26 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 507E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstc67ZjXJ02EXRYl9Fa4nqmmjP5Tie31c0K9qgiWn2PHGEg79B__z2B4oyy3dM2M3Rt1HaWSiSt-bmkmdQtl8IY5kKZox5u1i98h27btNLX0lBryrPTx1QqN1Ts9zOYD0WiARgP7_IwkUY5cNQ3YfkssZL806l7JJEUA0UZIOUQrlFRixrbOMp3XRw1drhd6stN1HoysWsltOCmXsrE2KMRpF6zT-immJXcf6XeFBVwFNVMilm124_q3IFiprcQfnDsjaKXGacR1qQkXWyeCS2MM3oWh4KBQVES5cBtUnl8Rogpr5IpCWsHM7wv0kb2Rff877xyplgs543nZE4&sai=AMfl-YQQ2KC1CHh54Xfs0K2EjXTLVGwKplUn-vbbfkYxhfkcsNGG-d15FPRfU_wwqyizPgmBgU6lNVR_D7bJ9IwvHlSYvsMyS6y1vgnrsvFQbQYRhvU8zco8ZCf_gjKDVILa&sig=Cg0ArKJSzEmqwEY51M2yEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 07 Nov 2022 12:50:26 GMT
controller
ssl.connextra.com/servlet/ Frame 1DC1 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssl.connextra.com/servlet/controller?service=DDM_CAS_ACQ_NZ_WelcomeOfferOct2022_300x250&pubhost=anotepad.com&apnauc=6395989821403982122&tclk=https%3A%2F%2Flax1-ib.adnxs.com%2Fclick%3FpCTON1n53D91A12pwSnOPwAAAAApXAlAKSIamdvP0T-yaDo7GRzhPyppzOvaHsNYBkhHiYKqFhQO_2hjAAAAAM3nWQHVGwAAmBwAAAIAAAAvuykXvt4QAAAAAABVU0QAVVNEACwB-gCYHQAAAAABAQUCAAAAAK4AuCJZ9gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21txUMUQjBiecZEK_2prkBGL69QyAAKAAxmpmZmZmZ7T86CUxBWDE6NTUzN0DZL0kAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNMQVgxOjU1Mzc%3D%2Fbn%3D93919%2Fclickenc%3D&client=Videoslots&dspid=3bc1d7fd2e&placement=DDM_APN_CAS_ACQ_NZ_300x250&bidid=6395989821403982122&_cb=708776318
Requested by
Host: ssl.connextra.com
URL: https://ssl.connextra.com/Videoslots/selector/client?client=Videoslots&placement=DDM_APN_CAS_ACQ_NZ_300x250&_cb=708776318&apnauc=6395989821403982122&bidid=6395989821403982122&dspid=3bc1d7fd2e&tclk=https://lax1-ib.adnxs.com/click?pCTON1n53D91A12pwSnOPwAAAAApXAlAKSIamdvP0T-yaDo7GRzhPyppzOvaHsNYBkhHiYKqFhQO_2hjAAAAAM3nWQHVGwAAmBwAAAIAAAAvuykXvt4QAAAAAABVU0QAVVNEACwB-gCYHQAAAAABAQUCAAAAAK4AuCJZ9gAAAAA./bcr=AAAAAAAA8D8=/cnd=%21txUMUQjBiecZEK_2prkBGL69QyAAKAAxmpmZmZmZ7T86CUxBWDE6NTUzN0DZL0kAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=NzMyMCNMQVgxOjU1Mzc=/bn=93919/clickenc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.66.153.10 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-153-10.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d5063b22e5e007930bc8e65d480e2bf5829183aebd7e0cb22ae6223a117f0bdc

Request headers

Referer
https://ssl.connextra.com/Videoslots/selector/client?client=Videoslots&placement=DDM_APN_CAS_ACQ_NZ_300x250&_cb=708776318&apnauc=6395989821403982122&bidid=6395989821403982122&dspid=3bc1d7fd2e&tclk=https://lax1-ib.adnxs.com/click?pCTON1n53D91A12pwSnOPwAAAAApXAlAKSIamdvP0T-yaDo7GRzhPyppzOvaHsNYBkhHiYKqFhQO_2hjAAAAAM3nWQHVGwAAmBwAAAIAAAAvuykXvt4QAAAAAABVU0QAVVNEACwB-gCYHQAAAAABAQUCAAAAAK4AuCJZ9gAAAAA./bcr=AAAAAAAA8D8=/cnd=%21txUMUQjBiecZEK_2prkBGL69QyAAKAAxmpmZmZmZ7T86CUxBWDE6NTUzN0DZL0kAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=NzMyMCNMQVgxOjU1Mzc=/bn=93919/clickenc=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-encoding
gzip
content-length
952
content-type
text/html;charset=UTF-8
date
Mon, 07 Nov 2022 12:50:26 GMT
expires
Mon, 07 Nov 2022 12:59:02 GMT
vary
Accept-Encoding
x-served-by
vlp-cxtadsrv14.connextra.net
usync.js
eus.rubiconproject.com/ Frame 3761 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4d621a2a8897ad3e6f3dcac6c188926f5db6ac256b62aea1826cfdfc4fd01069

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 07 Nov 2022 12:50:26 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Nov 2022 10:40:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=78615
Connection
keep-alive
Content-Length
9884
Expires
Tue, 08 Nov 2022 10:40:41 GMT
json
gum.criteo.com/sid/ Frame 29D7 		447 B
576 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=anotepad.com&sn=ChromeSyncframe&so=0&topUrl=anotepad.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=anotepad.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4f970364ff0e0256fe3c5f2faf96150728351896c893541a14b49913ea655b55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=anotepad.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:26 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1271073
expires
0
async_usersync
ib.adnxs.com/ Frame A2CF 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:26 GMT
AN-X-Request-Uuid
4d43ce85-0ecc-407f-b0c8-afe17eb61ae8
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.203; 116.90.74.203; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
us.gif
sync.go.sonobi.com/ 		0
0
sync
usr.undertone.com/userPixel/ Frame 3761
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&khaos=LA6S718R-H-JE1C
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LA6S718R-H-JE1C
0
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LA6S718R-H-JE1C
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
H2
Server
54.192.150.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-46.sin2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:26 GMT
via
1.1 84a8283bcf12d6659a335b8d00e9c15a.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1
content-length
0
x-amz-cf-id
zqOTWGPvuKr7KG4NAuu9PWcH6zVJsp4j84ajn1s8fQEiNPZdYtlCMA==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LA6S718R-H-JE1C
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
Expires
0
log
qsearch-a.akamaihd.net/ 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=projectevents&project=prebid&acid=87164ca3-2cd5-484a-a7f9-deb3a12e4682&cid=&crid=447851162|447851162|447851162|447851162|447851162&adunit_count=5&dn=anotepad.com&requrl=https://anotepad.com/notes/32ay37df&istop=true&event=client_timeout&value=5&rd=1200
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
42.99.128.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-128-161.pacnet.net
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:27 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Mon, 07 Nov 2022 12:50:27 GMT
integrator.js
adservice.google.co.nz/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=anotepad.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=anotepad.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		659 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=967245702941916&correlator=1454151402568425&eid=31068458%2C31070683%2C31070742%2C31070232&output=ldjh&gdfp_req=1&vrg=2022110101&ptt=17&impl=fifs&iu_parts=15184186%3A21641952176%2Canotepad_leaderboard_atf&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90%7C300x250%7C970x250%7C336x280&ifi=6&adks=610960399&sfv=1-0-39&ris=3&rcs=1&prev_scp=fsrefresh%3D0%26fsrebid%3D1%26floors_id%3Dtimeout%26floors_hour%3D12%26floors_user%3D0%26fs_placementName%3Danotepad_leaderboard_atf%26fs_ad_product%3Dbanner%26fsbid%3Dtimeout%26fspbg%3Dfreestar%26auctionId%3D36014845-350e-467d-958f-d3e2eee61f8e%26freestar_path%3D%252Fnotes%252F32ay37df%26freestar_domain%3Danotepad.com%26custom_bidder_size%3Dappnexus_970x90%26hb_format%3Dbanner%26hb_size%3D970x90%26hb_pb%3D0.21%26hb_adid%3D170a6f56d21963c3%26hb_bidder%3Dappnexus&eri=1&cust_params=user-agent%3DChrome&sc=1&cookie=ID%3D39b5baa458c18c00%3AT%3D1667825420%3AS%3DALNI_Mb5SB_zKHLPE10idr1M4wz41ieD4w&gpic=UID%3D00000b772d25a617%3AT%3D1667825420%3ART%3D1667825420%3AS%3DALNI_MYyJwUMnzfsi3gcI5yyRUpCZRLZbw&abxe=1&dt=1667825426197&lmt=1667825426&dlt=1667825413834&idt=5497&adxs=436&adys=339&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&frm=20&vis=1&psz=1115x280&msz=1115x-1&fws=4&ohw=1115&psts=APxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9B0WFTPdp2fsH3q6pmY_DgyU60tBhBkZRKZgdtDRDJiBFfDFgyeiC1488vxutUL7omjbvF2QFPeUtxeT-zO0NJXKlr8&ga_vid=1744394758.1667825417&ga_sid=1667825420&ga_hid=974140358&ga_fc=true&a3p=EhkKCnB1YmNpZC5vcmcY6JuRkcUwSABSAghqEhQKBW9wZW54GNmUkZHFMEgAUgIIZBIZCgp1aWRhcGkuY29tGO6dkZHFMEgAUgIIbxIbCgxpZDUtc3luYy5jb20Y1aGRkcUwSABSAghq
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
035633d67cd79df5553a58f4f0667fa7058346e228128a1191db1a0bb3081570
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:26 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
284
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://anotepad.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 194C 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:26 GMT
AN-X-Request-Uuid
5b0efeb6-9425-4740-9a97-a8c07e8e872e
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.203; 116.90.74.203; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 3B3E 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=7125&pub_id=863137&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7125&pub_id=863137
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:26 GMT
AN-X-Request-Uuid
58844f3d-70ab-4a84-9411-8dbba31ab179
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.203; 116.90.74.203; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
controller
ssl.connextra.com/servlet/ Frame BCEA 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssl.connextra.com/servlet/controller?service=DDM_CAS_ACQ_NZ_WelcomeOfferOct2022_300x250&pubhost=anotepad.com&apnauc=6395989821403982122&tclk=https%3A%2F%2Flax1-ib.adnxs.com%2Fclick%3FpCTON1n53D91A12pwSnOPwAAAAApXAlAKSIamdvP0T-yaDo7GRzhPyppzOvaHsNYBkhHiYKqFhQO_2hjAAAAAM3nWQHVGwAAmBwAAAIAAAAvuykXvt4QAAAAAABVU0QAVVNEACwB-gCYHQAAAAABAQUCAAAAAK4AuCJZ9gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21txUMUQjBiecZEK_2prkBGL69QyAAKAAxmpmZmZmZ7T86CUxBWDE6NTUzN0DZL0kAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNMQVgxOjU1Mzc%3D%2Fbn%3D93919%2Fclickenc%3D&client=Videoslots&dspid=3bc1d7fd2e&placement=DDM_APN_CAS_ACQ_NZ_300x250&bidid=6395989821403982122&_cb=708776318
Requested by
Host: ssl.connextra.com
URL: https://ssl.connextra.com/Videoslots/selector/client?client=Videoslots&placement=DDM_APN_CAS_ACQ_NZ_300x250&_cb=708776318&apnauc=6395989821403982122&bidid=6395989821403982122&dspid=3bc1d7fd2e&tclk=https://lax1-ib.adnxs.com/click?pCTON1n53D91A12pwSnOPwAAAAApXAlAKSIamdvP0T-yaDo7GRzhPyppzOvaHsNYBkhHiYKqFhQO_2hjAAAAAM3nWQHVGwAAmBwAAAIAAAAvuykXvt4QAAAAAABVU0QAVVNEACwB-gCYHQAAAAABAQUCAAAAAK4AuCJZ9gAAAAA./bcr=AAAAAAAA8D8=/cnd=%21txUMUQjBiecZEK_2prkBGL69QyAAKAAxmpmZmZmZ7T86CUxBWDE6NTUzN0DZL0kAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=NzMyMCNMQVgxOjU1Mzc=/bn=93919/clickenc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.66.153.10 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-153-10.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d5063b22e5e007930bc8e65d480e2bf5829183aebd7e0cb22ae6223a117f0bdc

Request headers

Referer
https://ssl.connextra.com/Videoslots/selector/client?client=Videoslots&placement=DDM_APN_CAS_ACQ_NZ_300x250&_cb=708776318&apnauc=6395989821403982122&bidid=6395989821403982122&dspid=3bc1d7fd2e&tclk=https://lax1-ib.adnxs.com/click?pCTON1n53D91A12pwSnOPwAAAAApXAlAKSIamdvP0T-yaDo7GRzhPyppzOvaHsNYBkhHiYKqFhQO_2hjAAAAAM3nWQHVGwAAmBwAAAIAAAAvuykXvt4QAAAAAABVU0QAVVNEACwB-gCYHQAAAAABAQUCAAAAAK4AuCJZ9gAAAAA./bcr=AAAAAAAA8D8=/cnd=%21txUMUQjBiecZEK_2prkBGL69QyAAKAAxmpmZmZmZ7T86CUxBWDE6NTUzN0DZL0kAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=NzMyMCNMQVgxOjU1Mzc=/bn=93919/clickenc=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-encoding
gzip
content-length
952
content-type
text/html;charset=UTF-8
date
Mon, 07 Nov 2022 12:50:26 GMT
expires
Mon, 07 Nov 2022 12:59:02 GMT
vary
Accept-Encoding
x-served-by
vlp-cxtadsrv14.connextra.net
async_usersync
ib.adnxs.com/ Frame 14FC 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=7125&pub_id=863137&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7125&pub_id=863137
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:26 GMT
AN-X-Request-Uuid
0b1b1025-e550-4214-b60c-85ad28898b57
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.203; 116.90.74.203; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Advert_v2.css
ssl.connextra.com/services/ActiveAd/ Frame 1DC1 		412 B
422 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ssl.connextra.com/services/ActiveAd/Advert_v2.css
Requested by
Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_CAS_ACQ_NZ_WelcomeOfferOct2022_300x250&pubhost=anotepad.com&apnauc=6395989821403982122&tclk=https%3A%2F%2Flax1-ib.adnxs.com%2Fclick%3FpCTON1n53D91A12pwSnOPwAAAAApXAlAKSIamdvP0T-yaDo7GRzhPyppzOvaHsNYBkhHiYKqFhQO_2hjAAAAAM3nWQHVGwAAmBwAAAIAAAAvuykXvt4QAAAAAABVU0QAVVNEACwB-gCYHQAAAAABAQUCAAAAAK4AuCJZ9gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21txUMUQjBiecZEK_2prkBGL69QyAAKAAxmpmZmZmZ7T86CUxBWDE6NTUzN0DZL0kAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNMQVgxOjU1Mzc%3D%2Fbn%3D93919%2Fclickenc%3D&client=Videoslots&dspid=3bc1d7fd2e&placement=DDM_APN_CAS_ACQ_NZ_300x250&bidid=6395989821403982122&_cb=708776318
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.66.153.10 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-153-10.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
243ffb98099f4879764870b76b08cf1d85731b18d05c1b84fd4068af8af780c6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssl.connextra.com/servlet/controller?service=DDM_CAS_ACQ_NZ_WelcomeOfferOct2022_300x250&pubhost=anotepad.com&apnauc=6395989821403982122&tclk=https%3A%2F%2Flax1-ib.adnxs.com%2Fclick%3FpCTON1n53D91A12pwSnOPwAAAAApXAlAKSIamdvP0T-yaDo7GRzhPyppzOvaHsNYBkhHiYKqFhQO_2hjAAAAAM3nWQHVGwAAmBwAAAIAAAAvuykXvt4QAAAAAABVU0QAVVNEACwB-gCYHQAAAAABAQUCAAAAAK4AuCJZ9gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21txUMUQjBiecZEK_2prkBGL69QyAAKAAxmpmZmZmZ7T86CUxBWDE6NTUzN0DZL0kAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNMQVgxOjU1Mzc%3D%2Fbn%3D93919%2Fclickenc%3D&client=Videoslots&dspid=3bc1d7fd2e&placement=DDM_APN_CAS_ACQ_NZ_300x250&bidid=6395989821403982122&_cb=708776318
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:27 GMT
content-encoding
gzip
last-modified
Tue, 31 Jul 2012 15:34:33 GMT
server
AkamaiNetStorage
etag
"48e322b48aeb3e54d346a6c2a0f81a7a:1343748890"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
248
Utils_v9-long.js
ssl.connextra.com/services/ActiveAd/ Frame 1DC1 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.connextra.com/services/ActiveAd/Utils_v9-long.js
Requested by
Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_CAS_ACQ_NZ_WelcomeOfferOct2022_300x250&pubhost=anotepad.com&apnauc=6395989821403982122&tclk=https%3A%2F%2Flax1-ib.adnxs.com%2Fclick%3FpCTON1n53D91A12pwSnOPwAAAAApXAlAKSIamdvP0T-yaDo7GRzhPyppzOvaHsNYBkhHiYKqFhQO_2hjAAAAAM3nWQHVGwAAmBwAAAIAAAAvuykXvt4QAAAAAABVU0QAVVNEACwB-gCYHQAAAAABAQUCAAAAAK4AuCJZ9gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21txUMUQjBiecZEK_2prkBGL69QyAAKAAxmpmZmZmZ7T86CUxBWDE6NTUzN0DZL0kAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNMQVgxOjU1Mzc%3D%2Fbn%3D93919%2Fclickenc%3D&client=Videoslots&dspid=3bc1d7fd2e&placement=DDM_APN_CAS_ACQ_NZ_300x250&bidid=6395989821403982122&_cb=708776318
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.66.153.10 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-153-10.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
93e6639c3f07cb77467754907778fc49a74b1194368a93923c824ebec4d78298

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssl.connextra.com/servlet/controller?service=DDM_CAS_ACQ_NZ_WelcomeOfferOct2022_300x250&pubhost=anotepad.com&apnauc=6395989821403982122&tclk=https%3A%2F%2Flax1-ib.adnxs.com%2Fclick%3FpCTON1n53D91A12pwSnOPwAAAAApXAlAKSIamdvP0T-yaDo7GRzhPyppzOvaHsNYBkhHiYKqFhQO_2hjAAAAAM3nWQHVGwAAmBwAAAIAAAAvuykXvt4QAAAAAABVU0QAVVNEACwB-gCYHQAAAAABAQUCAAAAAK4AuCJZ9gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21txUMUQjBiecZEK_2prkBGL69QyAAKAAxmpmZmZmZ7T86CUxBWDE6NTUzN0DZL0kAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNMQVgxOjU1Mzc%3D%2Fbn%3D93919%2Fclickenc%3D&client=Videoslots&dspid=3bc1d7fd2e&placement=DDM_APN_CAS_ACQ_NZ_300x250&bidid=6395989821403982122&_cb=708776318
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:26 GMT
content-encoding
gzip
last-modified
Mon, 07 Jun 2010 11:57:50 GMT
server
AkamaiNetStorage
etag
"159f636ee9f642a0c8c12354adf10d7c:1275911870"
vary
Accept-Encoding
content-type
application/x-javascript
accept-ranges
bytes
content-length
1742
Flipper_v1-long.js
ssl.connextra.com/services/ActiveAd/ Frame 1DC1 		918 B
610 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.connextra.com/services/ActiveAd/Flipper_v1-long.js
Requested by
Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_CAS_ACQ_NZ_WelcomeOfferOct2022_300x250&pubhost=anotepad.com&apnauc=6395989821403982122&tclk=https%3A%2F%2Flax1-ib.adnxs.com%2Fclick%3FpCTON1n53D91A12pwSnOPwAAAAApXAlAKSIamdvP0T-yaDo7GRzhPyppzOvaHsNYBkhHiYKqFhQO_2hjAAAAAM3nWQHVGwAAmBwAAAIAAAAvuykXvt4QAAAAAABVU0QAVVNEACwB-gCYHQAAAAABAQUCAAAAAK4AuCJZ9gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21txUMUQjBiecZEK_2prkBGL69QyAAKAAxmpmZmZmZ7T86CUxBWDE6NTUzN0DZL0kAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNMQVgxOjU1Mzc%3D%2Fbn%3D93919%2Fclickenc%3D&client=Videoslots&dspid=3bc1d7fd2e&placement=DDM_APN_CAS_ACQ_NZ_300x250&bidid=6395989821403982122&_cb=708776318
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.66.153.10 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-153-10.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7879b6a7897077d50bf41c9afd92664e4b47b3751a0ed2121a5bdc3a10baddec

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssl.connextra.com/servlet/controller?service=DDM_CAS_ACQ_NZ_WelcomeOfferOct2022_300x250&pubhost=anotepad.com&apnauc=6395989821403982122&tclk=https%3A%2F%2Flax1-ib.adnxs.com%2Fclick%3FpCTON1n53D91A12pwSnOPwAAAAApXAlAKSIamdvP0T-yaDo7GRzhPyppzOvaHsNYBkhHiYKqFhQO_2hjAAAAAM3nWQHVGwAAmBwAAAIAAAAvuykXvt4QAAAAAABVU0QAVVNEACwB-gCYHQAAAAABAQUCAAAAAK4AuCJZ9gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21txUMUQjBiecZEK_2prkBGL69QyAAKAAxmpmZmZmZ7T86CUxBWDE6NTUzN0DZL0kAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNMQVgxOjU1Mzc%3D%2Fbn%3D93919%2Fclickenc%3D&client=Videoslots&dspid=3bc1d7fd2e&placement=DDM_APN_CAS_ACQ_NZ_300x250&bidid=6395989821403982122&_cb=708776318
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:26 GMT
content-encoding
gzip
last-modified
Mon, 07 Jun 2010 11:57:41 GMT
server
AkamaiNetStorage
etag
"0dbe272b8ed7fdbb6ca0e797396869ae:1275911861"
vary
Accept-Encoding
content-type
application/x-javascript
accept-ranges
bytes
content-length
425
633da6863b59743d4efca8ec
c.bannerflow.net/a/ Frame 1DC1 		66 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/a/633da6863b59743d4efca8ec?did=5cf6638e8e4e100001a17710&deeplink=on&redirecturl=
Requested by
Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_CAS_ACQ_NZ_WelcomeOfferOct2022_300x250&pubhost=anotepad.com&apnauc=6395989821403982122&tclk=https%3A%2F%2Flax1-ib.adnxs.com%2Fclick%3FpCTON1n53D91A12pwSnOPwAAAAApXAlAKSIamdvP0T-yaDo7GRzhPyppzOvaHsNYBkhHiYKqFhQO_2hjAAAAAM3nWQHVGwAAmBwAAAIAAAAvuykXvt4QAAAAAABVU0QAVVNEACwB-gCYHQAAAAABAQUCAAAAAK4AuCJZ9gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21txUMUQjBiecZEK_2prkBGL69QyAAKAAxmpmZmZmZ7T86CUxBWDE6NTUzN0DZL0kAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNMQVgxOjU1Mzc%3D%2Fbn%3D93919%2Fclickenc%3D&client=Videoslots&dspid=3bc1d7fd2e&placement=DDM_APN_CAS_ACQ_NZ_300x250&bidid=6395989821403982122&_cb=708776318
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3baa098d18318635306ba697d04cf9cce6894d1e9aa7202b05987960f7f3ea40

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssl.connextra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

request-context
appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb
date
Mon, 07 Nov 2022 12:50:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
766631d79941a94f-SYD
content-type
application/javascript
view
googleads4.g.doubleclick.net/pcs/ Frame 2F81 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssLR_bHAYyZbYQX2K3XtIYnVtxzZ-BvRP1AXK478HFXUmZE-f5NA6fiZkVvKJog7QvbeoGf8Y-8D6pPyG8_Bb-dgbwZ2FwpdQAIvHyq4wKqJJSPfTX_8OnNy2nG0SAJM3xmKev2qNEtx98UfSNdchY9acdXp2JOTKoIwxa4iGyK0koPjp5eV6E6bdPC3XusW5oCCQ1QYyFi4IYx41je5QC64t86S9vvDzVCvQYZoqrrl4RyFOb9sHk5LS7y4GAWyN5J-ePblCv-BMTwC3mIoN-SuEdtY7O48aVvVKq4ZDz-TnXils3NvfhYIuMrkPB8HiJupwzyyt3aTWzVAWzZk2UBYYfI1MXO6A9pLNQwCILFVW5SRkMdkn3v_iPspJPARG_lz2_kvlmrQLNUFElLbShAOGcD36_oRm9LCRnkdpfKiJguu_UPQ2RAcZS6ohfg3tYasCKs9YgylHM5aSFrQFSSubV28T0x92DYnkP-iklwb4Irlh1FjGpuanJicchMMWaqOUfDrWnHY8NtjfGWg2FTwvhpVvuD1oM1tgi33tcW97hq76fzSdnLC8VGjH2jQbT3_V4Qbd0dMRVe0kmU4Go3DaGMKGPpBJPyx_OT73Fvov4kDKmfKrJV0nS6myCwO2Nz0xTlS7wMhgZISMxyKWYtRiHKt-wVxoQf8LJaiY0I5TB6biezBrfyAVCuMYc7qAJylb3MCsTt4qW_IMjvEQnolCGCllH9fSkRKcVh8o07gz37sr7ogiQBZpDM2bDu0GysoPUkGY_pDylUDa900Wi2bUQrNR_p9bJlb-yVxHi6h3NLn6fCDjggG4tb6WouOrC3lpYibxx5luoUlTWr1iiGuhm7J8ZjK7Cu1V3DTSwmRaxQUw-ORijDN_AoLl_fCr4kwE_m77Tukvuevmjue13UHdPgTeMm31IYiP-sgKYI_2ElAxEkMXFJ1QjhygjE-kuKQ1ssIiuHCX4zbpXPXEAaD67wgidbj-JuiAcnIu1fauNM7E4XPD2PmxUJNbn3C-zV4PwmPnqi4Kb5gEZPQfcovRqFWY2Yfa6YfEa-hzOAVVuvjbdrX2a54iX83Z-2JmBHklDPpzjSnmF9M02meNq4Kf5xXQ-8G6nr7B9UHNhLj6A7zuahNOLs_aE7egpjXVngpmkyi0XFMGxJYw&sai=AMfl-YQmiKH_VMrh2Df80dEEySpbYhWDLERkiWdSRfJMnfXgdCBe2828Kyfbhasnnql2A3_vXt4iEJ2b7jIGwkEsTR2A9MkrXk0AgmyUVUcpHS6jle3X3H3FwRMoAsVsmKj-gSdb0pOTdKhWzRASS0t6biiLwDCGB4zJ0EnYUMcpUOtlWxVCnldQ3QDmfX3B6vnUckUyDsFst5AQBQymFvQluzvRpNuwqLxuM1jbfYcuMx0wOCjTwB00_mcTRSY07Fs71rHfv91fX7Y&sig=Cg0ArKJSzIxHWAGUcs0GEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2532&vt=11&dtpt=1506&dett=3&cstd=2532&cisv=r20221027.86986&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/32ay37df
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 07 Nov 2022 12:50:26 GMT
728x90_aws_banner.html
s0.2mdn.net/sadbundle/15382550933627157751/728x90/ Frame 6BFA 		76 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15382550933627157751/728x90/728x90_aws_banner.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
2ae3b1224d2c754bd0627c99c168f2a55f0b7245e03dd9148959142a5b29c95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
156437
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
15903
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 05 Nov 2022 17:23:09 GMT
expires
Sun, 05 Nov 2023 17:23:09 GMT
last-modified
Mon, 26 Sep 2022 22:47:14 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
Advert_v2.css
ssl.connextra.com/services/ActiveAd/ Frame BCEA 		412 B
422 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ssl.connextra.com/services/ActiveAd/Advert_v2.css
Requested by
Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_CAS_ACQ_NZ_WelcomeOfferOct2022_300x250&pubhost=anotepad.com&apnauc=6395989821403982122&tclk=https%3A%2F%2Flax1-ib.adnxs.com%2Fclick%3FpCTON1n53D91A12pwSnOPwAAAAApXAlAKSIamdvP0T-yaDo7GRzhPyppzOvaHsNYBkhHiYKqFhQO_2hjAAAAAM3nWQHVGwAAmBwAAAIAAAAvuykXvt4QAAAAAABVU0QAVVNEACwB-gCYHQAAAAABAQUCAAAAAK4AuCJZ9gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21txUMUQjBiecZEK_2prkBGL69QyAAKAAxmpmZmZmZ7T86CUxBWDE6NTUzN0DZL0kAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNMQVgxOjU1Mzc%3D%2Fbn%3D93919%2Fclickenc%3D&client=Videoslots&dspid=3bc1d7fd2e&placement=DDM_APN_CAS_ACQ_NZ_300x250&bidid=6395989821403982122&_cb=708776318
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.66.153.10 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-153-10.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
243ffb98099f4879764870b76b08cf1d85731b18d05c1b84fd4068af8af780c6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssl.connextra.com/servlet/controller?service=DDM_CAS_ACQ_NZ_WelcomeOfferOct2022_300x250&pubhost=anotepad.com&apnauc=6395989821403982122&tclk=https%3A%2F%2Flax1-ib.adnxs.com%2Fclick%3FpCTON1n53D91A12pwSnOPwAAAAApXAlAKSIamdvP0T-yaDo7GRzhPyppzOvaHsNYBkhHiYKqFhQO_2hjAAAAAM3nWQHVGwAAmBwAAAIAAAAvuykXvt4QAAAAAABVU0QAVVNEACwB-gCYHQAAAAABAQUCAAAAAK4AuCJZ9gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21txUMUQjBiecZEK_2prkBGL69QyAAKAAxmpmZmZmZ7T86CUxBWDE6NTUzN0DZL0kAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNMQVgxOjU1Mzc%3D%2Fbn%3D93919%2Fclickenc%3D&client=Videoslots&dspid=3bc1d7fd2e&placement=DDM_APN_CAS_ACQ_NZ_300x250&bidid=6395989821403982122&_cb=708776318
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:27 GMT
content-encoding
gzip
last-modified
Tue, 31 Jul 2012 15:34:33 GMT
server
AkamaiNetStorage
etag
"48e322b48aeb3e54d346a6c2a0f81a7a:1343748890"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
248
Utils_v9-long.js
ssl.connextra.com/services/ActiveAd/ Frame BCEA 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.connextra.com/services/ActiveAd/Utils_v9-long.js
Requested by
Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_CAS_ACQ_NZ_WelcomeOfferOct2022_300x250&pubhost=anotepad.com&apnauc=6395989821403982122&tclk=https%3A%2F%2Flax1-ib.adnxs.com%2Fclick%3FpCTON1n53D91A12pwSnOPwAAAAApXAlAKSIamdvP0T-yaDo7GRzhPyppzOvaHsNYBkhHiYKqFhQO_2hjAAAAAM3nWQHVGwAAmBwAAAIAAAAvuykXvt4QAAAAAABVU0QAVVNEACwB-gCYHQAAAAABAQUCAAAAAK4AuCJZ9gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21txUMUQjBiecZEK_2prkBGL69QyAAKAAxmpmZmZmZ7T86CUxBWDE6NTUzN0DZL0kAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNMQVgxOjU1Mzc%3D%2Fbn%3D93919%2Fclickenc%3D&client=Videoslots&dspid=3bc1d7fd2e&placement=DDM_APN_CAS_ACQ_NZ_300x250&bidid=6395989821403982122&_cb=708776318
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.66.153.10 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-153-10.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
93e6639c3f07cb77467754907778fc49a74b1194368a93923c824ebec4d78298

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssl.connextra.com/servlet/controller?service=DDM_CAS_ACQ_NZ_WelcomeOfferOct2022_300x250&pubhost=anotepad.com&apnauc=6395989821403982122&tclk=https%3A%2F%2Flax1-ib.adnxs.com%2Fclick%3FpCTON1n53D91A12pwSnOPwAAAAApXAlAKSIamdvP0T-yaDo7GRzhPyppzOvaHsNYBkhHiYKqFhQO_2hjAAAAAM3nWQHVGwAAmBwAAAIAAAAvuykXvt4QAAAAAABVU0QAVVNEACwB-gCYHQAAAAABAQUCAAAAAK4AuCJZ9gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21txUMUQjBiecZEK_2prkBGL69QyAAKAAxmpmZmZmZ7T86CUxBWDE6NTUzN0DZL0kAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNMQVgxOjU1Mzc%3D%2Fbn%3D93919%2Fclickenc%3D&client=Videoslots&dspid=3bc1d7fd2e&placement=DDM_APN_CAS_ACQ_NZ_300x250&bidid=6395989821403982122&_cb=708776318
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:26 GMT
content-encoding
gzip
last-modified
Mon, 07 Jun 2010 11:57:50 GMT
server
AkamaiNetStorage
etag
"159f636ee9f642a0c8c12354adf10d7c:1275911870"
vary
Accept-Encoding
content-type
application/x-javascript
accept-ranges
bytes
content-length
1742
Flipper_v1-long.js
ssl.connextra.com/services/ActiveAd/ Frame BCEA 		918 B
610 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.connextra.com/services/ActiveAd/Flipper_v1-long.js
Requested by
Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_CAS_ACQ_NZ_WelcomeOfferOct2022_300x250&pubhost=anotepad.com&apnauc=6395989821403982122&tclk=https%3A%2F%2Flax1-ib.adnxs.com%2Fclick%3FpCTON1n53D91A12pwSnOPwAAAAApXAlAKSIamdvP0T-yaDo7GRzhPyppzOvaHsNYBkhHiYKqFhQO_2hjAAAAAM3nWQHVGwAAmBwAAAIAAAAvuykXvt4QAAAAAABVU0QAVVNEACwB-gCYHQAAAAABAQUCAAAAAK4AuCJZ9gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21txUMUQjBiecZEK_2prkBGL69QyAAKAAxmpmZmZmZ7T86CUxBWDE6NTUzN0DZL0kAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNMQVgxOjU1Mzc%3D%2Fbn%3D93919%2Fclickenc%3D&client=Videoslots&dspid=3bc1d7fd2e&placement=DDM_APN_CAS_ACQ_NZ_300x250&bidid=6395989821403982122&_cb=708776318
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.66.153.10 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-153-10.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7879b6a7897077d50bf41c9afd92664e4b47b3751a0ed2121a5bdc3a10baddec

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssl.connextra.com/servlet/controller?service=DDM_CAS_ACQ_NZ_WelcomeOfferOct2022_300x250&pubhost=anotepad.com&apnauc=6395989821403982122&tclk=https%3A%2F%2Flax1-ib.adnxs.com%2Fclick%3FpCTON1n53D91A12pwSnOPwAAAAApXAlAKSIamdvP0T-yaDo7GRzhPyppzOvaHsNYBkhHiYKqFhQO_2hjAAAAAM3nWQHVGwAAmBwAAAIAAAAvuykXvt4QAAAAAABVU0QAVVNEACwB-gCYHQAAAAABAQUCAAAAAK4AuCJZ9gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21txUMUQjBiecZEK_2prkBGL69QyAAKAAxmpmZmZmZ7T86CUxBWDE6NTUzN0DZL0kAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNMQVgxOjU1Mzc%3D%2Fbn%3D93919%2Fclickenc%3D&client=Videoslots&dspid=3bc1d7fd2e&placement=DDM_APN_CAS_ACQ_NZ_300x250&bidid=6395989821403982122&_cb=708776318
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:26 GMT
content-encoding
gzip
last-modified
Mon, 07 Jun 2010 11:57:41 GMT
server
AkamaiNetStorage
etag
"0dbe272b8ed7fdbb6ca0e797396869ae:1275911861"
vary
Accept-Encoding
content-type
application/x-javascript
accept-ranges
bytes
content-length
425
633da6863b59743d4efca8ec
c.bannerflow.net/a/ Frame BCEA 		66 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/a/633da6863b59743d4efca8ec?did=5cf6638e8e4e100001a17710&deeplink=on&redirecturl=
Requested by
Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_CAS_ACQ_NZ_WelcomeOfferOct2022_300x250&pubhost=anotepad.com&apnauc=6395989821403982122&tclk=https%3A%2F%2Flax1-ib.adnxs.com%2Fclick%3FpCTON1n53D91A12pwSnOPwAAAAApXAlAKSIamdvP0T-yaDo7GRzhPyppzOvaHsNYBkhHiYKqFhQO_2hjAAAAAM3nWQHVGwAAmBwAAAIAAAAvuykXvt4QAAAAAABVU0QAVVNEACwB-gCYHQAAAAABAQUCAAAAAK4AuCJZ9gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21txUMUQjBiecZEK_2prkBGL69QyAAKAAxmpmZmZmZ7T86CUxBWDE6NTUzN0DZL0kAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNMQVgxOjU1Mzc%3D%2Fbn%3D93919%2Fclickenc%3D&client=Videoslots&dspid=3bc1d7fd2e&placement=DDM_APN_CAS_ACQ_NZ_300x250&bidid=6395989821403982122&_cb=708776318
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3baa098d18318635306ba697d04cf9cce6894d1e9aa7202b05987960f7f3ea40

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssl.connextra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

request-context
appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb
date
Mon, 07 Nov 2022 12:50:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
766631d79942a94f-SYD
content-type
application/javascript
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 6BFA 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15382550933627157751/728x90/728x90_aws_banner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15382550933627157751/728x90/728x90_aws_banner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:42:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
472
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 12:42:34 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 6BFA 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15382550933627157751/728x90/728x90_aws_banner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15382550933627157751/728x90/728x90_aws_banner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 07 Nov 2022 12:50:26 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2F81 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssSEoUTATzOob0T6TWgtEJ_MizlqgfmyllpVhllo442ITPcSLhH8y8W_0hcgdSpYic_lY8sq9rDrAJZDfVP4BCot589K7zubJKAVbQzoiR8LRfwEDeSDJrdbHpkWcOaaDPz16Q&sai=AMfl-YRddFcvLJstSKgbxOy2AOJ3_CS-rPhrVpGt5eMbr73KCJARbmNTrfBJf2hzP_fV1YkU5TjtYliMkLsBbszEB1jFsJ6TZ9TzYVRxxJtoLtHNlWawCyCHGfGcfXCohA&sig=Cg0ArKJSzJSq0dinrGJnEAE&cid=CAQSOwDq26N9jnVh0K0RzDFri3phks2npsPOcRYFFRb7m6_XCGsRq9JUOE5vNfW95syPKnz0TqtRJazxd9L6GAEgDg&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=317,1000,1000,1000,1000&tos=317,683,0,0,0&v=20221103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1723632371&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667825423315&rpt=2514&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c
c.pub.network/ 		36 B
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.35.0.e0d13514c58243f74fadfae994357dea0b370718.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.110.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.110.160.34.bc.googleusercontent.com
Software
/
Resource Hash
0f0f3b998098773e2c44efc426ddf2389b690e652fee53b2dcc0686bc96cffd2

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 07 Nov 2022 12:50:27 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
setuid
s2s.t13.io/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sortable
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=fc240e64-2c43-4293-a491-f4a75f6549c2&ssp=sortable&gdpr=&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10524138275672831780&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vis...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=10f90be7-2fc3-48af-b44a-471735ad387f&ssp=sortable&gdpr_consent=&gdpr=
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10524138275672831780&ssp=sortable&gdpr=&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=207460804328003677870&ssp=sortable&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10524138275672831780&ssp=sortable&gdpr=&gdpr_consent=
  • https://s2s.t13.io/setuid?bidder=bidswitch&gdpr=&gdpr_consent=&us_privacy=&uid=fc240e64-2c43-4293-a491-f4a75f6549c2
86 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=bidswitch&gdpr=&gdpr_consent=&us_privacy=&uid=fc240e64-2c43-4293-a491-f4a75f6549c2
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:30 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

Location
//s2s.t13.io/setuid?bidder=bidswitch&gdpr=&gdpr_consent=&us_privacy=&uid=fc240e64-2c43-4293-a491-f4a75f6549c2
Date
Mon, 07 Nov 2022 12:50:29 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
vevent
lax1-ib.adnxs.com/ Frame 8F06 		0
834 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lax1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&e=wqT_3QLdFvDeXQsAAAMA1gAFAQiO_qObBhCq0rHertvH4VgYhpCdyqjQqosUKjYJpCTON1n53D8RdQNdqcEpzj8ZAAAAAClcCUAhKSIamdvP0T8psmg6Oxkc4T8xAAAAoJmZuT8wzc_nCjjVN0CYOUgCUK_2prkBWL69Q2AAaJi7XHjf3QWAAQGKAQNVU0SSAQNVU0SYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgMTQ4MzE1NSwgMCk7dWYoJ2knLCA3NjczMTk3LCAwKTt1ZignZwEoIDkxNTI3NTksIA0pMHMnLCAyNzg3NTM1ODUVFjByJywgMzg4NjEwODYzBRbwi5ICwQ4hc0lhN3JBakJpZWNaRUtfMnBya0JHQUFndnIxRE1BSTRBRUFBU0pnNVVNM1A1d3BZQUdELUJHZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJDcWdCQ3JBQkFMa0JaUUQ0RkI0YzRUX0JBV1VBLUJRZUhPRV95UUVBQUFBQUFBRHdQOWtCQUFBBQ50OERfZ0FlMnExQVAxQWVPLWd6LVlBZ0NnQWdHMUFnASMEQzkJCNhEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnR0FBd0dZQXdHaUF3NElzc2F0SlJBTEdBSXRBAUPoTG9EQ1V4QldERTZOVFV6Ti1BRDJTLUFCUGlNeWdtSUJQeU15Z21RQkFHWUJBR2dCQlNxQk04SENQX18VAgh3RVEVDBRfX19BUmoBBw0BDDhCSVANCwEBCHdFbwEHEQEIQVREEQsUX19fOEJPMiwABEZBARYRAQRBVTZYAABVNiwAAFkRKAEBBEFXNlgAAGE2LAAAdwEkEQEEQVg2WAAIZ0FIERsFlABpOhAAAGs6EAAgbUFIRnc1TUJvOhgAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAAhnQUwB8Q0BCDhCaToQAABrOhAAAG06EAAAbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAEZ0EuJQIhADYQAABrOhAAAG06EAAAbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FULfwBASEANhAAAGs6EAAAbToQAABvOhAAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAAhnQVgB-Q0BIQA2EAAAazoQAABtOhAACHdRUaFSCQEITWtFCQkBARhEWUJBRHhCAQsNAVxpQVdoSzVBRi12cy1tQVd4NHZXRUFha0YNHxRBOEQteEIBT1BHQnZjdXNfd1FYTnpNeHMzSGZ3UDguKAAEX1IFKA0BCDJRVQ0KyER3UC1BRjNLRUQ4QVgzX3BBSi1BV1R3MXFDQmdOVlUwU0lCZ1NRQmdHWUJnQ2hCcHFabQECLGUwX3FBWUVzZ1lrQwGADQEARR0MAEcdDABJHQw4dUFZS5oCmQEhdHhVTVVROkUHNEw2OVF5QUFLQUF4bXBtAWsUWjdUODZDLn0GFDBEWkwwaw1zDER3UDE9RABGERgMQUFBRx0YAEcdGABIHRgMSGdBaS5ZB_DXdy4u2AKeSOACzdtX6gIjaHR0cHM6Ly9hbm90ZXBhZC5jb20vbm90ZXMvMzJheTM3ZGaAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APFw5MB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTExNi45MC43NC4yMDOoBACyBBAIABABGMoHIPoBKAAwADgCuAQAwAQAyAQA0gQONzMyMCNMQVgxOjU1MzfaBAIIAeAEAfAEr_amuQGIBQGYBQCgBf___________wHABQDJBQAADpkJFPA_0gUJCQEKAQG42AUB4AUB8AX08SX6BQQIABAAkAYAmAYAogYONzEyNSNMQVgxOjYzMDK4BgDBBgABMywA8D_QBqkl2gYWChAFEB0BYBAAGADgBgHyBocBCPr7PhKAATF4Tm1RbG8hithEQUFrQ0JRRUktdHZJQmhDYjBic0NHSTM0eFFJZ0J5Z0FRSy1TcndWSTZMU3ZCVkRaTDFpZU1YNqgBAGc1qAxBQUFJGkEJLEpvQkFnZ0FxQUVBcy4gADxBLi6ABwGIBwCgBwG6Bw8IBaAAICFNLIwWQADIB9_dBdIHDS0NBDlAAb4I2gcGCSfwXuAHAOoHAggA8AeW5AuKCEYKQgAAAYRSJE6wWMMe2uvMaSrV7cXGZBCtNrP9oJ9vbEVuQn8jcHWomh1J-kK5mhHIBNse8z9aXTHLBVv7lIYbtMlZ7xABlQgAAIA_mAgB&s=5f8c21ee4ce57c9bd638c97d7d06f8018029568a&type=nv&nvt=5&jm=1003&px=862&py=1147&bw=300&bh=250&sid=9014664831530545421&vd=ct~0|rr~0&sv=229&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22669261&cid=3&cr=nv&sw=1600&sh=1200&pw=1600&ph=2040&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/229/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:27 GMT
AN-X-Request-Uuid
db2bae10-592a-4d9f-92cc-da50a3a60f7d
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://anotepad.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
116.90.74.203; 116.90.74.203; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
lax1-ib.adnxs.com/ Frame 507E 		0
834 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lax1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&e=wqT_3QLdFvDeXQsAAAMA1gAFAQiO_qObBhCq0rHertvH4VgYhpCdyqjQqosUKjYJpCTON1n53D8RdQNdqcEpzj8ZAAAAAClcCUAhKSIamdvP0T8psmg6Oxkc4T8xAAAAoJmZuT8wzc_nCjjVN0CYOUgCUK_2prkBWL69Q2AAaJi7XHjf3QWAAQGKAQNVU0SSAQNVU0SYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgMTQ4MzE1NSwgMCk7dWYoJ2knLCA3NjczMTk3LCAwKTt1ZignZwEoIDkxNTI3NTksIA0pMHMnLCAyNzg3NTM1ODUVFjByJywgMzg4NjEwODYzBRbwi5ICwQ4hc0lhN3JBakJpZWNaRUtfMnBya0JHQUFndnIxRE1BSTRBRUFBU0pnNVVNM1A1d3BZQUdELUJHZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJDcWdCQ3JBQkFMa0JaUUQ0RkI0YzRUX0JBV1VBLUJRZUhPRV95UUVBQUFBQUFBRHdQOWtCQUFBBQ50OERfZ0FlMnExQVAxQWVPLWd6LVlBZ0NnQWdHMUFnASMEQzkJCNhEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnR0FBd0dZQXdHaUF3NElzc2F0SlJBTEdBSXRBAUPoTG9EQ1V4QldERTZOVFV6Ti1BRDJTLUFCUGlNeWdtSUJQeU15Z21RQkFHWUJBR2dCQlNxQk04SENQX18VAgh3RVEVDBRfX19BUmoBBw0BDDhCSVANCwEBCHdFbwEHEQEIQVREEQsUX19fOEJPMiwABEZBARYRAQRBVTZYAABVNiwAAFkRKAEBBEFXNlgAAGE2LAAAdwEkEQEEQVg2WAAIZ0FIERsFlABpOhAAAGs6EAAgbUFIRnc1TUJvOhgAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAAhnQUwB8Q0BCDhCaToQAABrOhAAAG06EAAAbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAEZ0EuJQIhADYQAABrOhAAAG06EAAAbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FULfwBASEANhAAAGs6EAAAbToQAABvOhAAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAAhnQVgB-Q0BIQA2EAAAazoQAABtOhAACHdRUaFSCQEITWtFCQkBARhEWUJBRHhCAQsNAVxpQVdoSzVBRi12cy1tQVd4NHZXRUFha0YNHxRBOEQteEIBT1BHQnZjdXNfd1FYTnpNeHMzSGZ3UDguKAAEX1IFKA0BCDJRVQ0KyER3UC1BRjNLRUQ4QVgzX3BBSi1BV1R3MXFDQmdOVlUwU0lCZ1NRQmdHWUJnQ2hCcHFabQECLGUwX3FBWUVzZ1lrQwGADQEARR0MAEcdDABJHQw4dUFZS5oCmQEhdHhVTVVROkUHNEw2OVF5QUFLQUF4bXBtAWsUWjdUODZDLn0GFDBEWkwwaw1zDER3UDE9RABGERgMQUFBRx0YAEcdGABIHRgMSGdBaS5ZB_DXdy4u2AKeSOACzdtX6gIjaHR0cHM6Ly9hbm90ZXBhZC5jb20vbm90ZXMvMzJheTM3ZGaAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APFw5MB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTExNi45MC43NC4yMDOoBACyBBAIABABGMoHIPoBKAAwADgCuAQAwAQAyAQA0gQONzMyMCNMQVgxOjU1MzfaBAIIAeAEAfAEr_amuQGIBQGYBQCgBf___________wHABQDJBQAADpkJFPA_0gUJCQEKAQG42AUB4AUB8AX08SX6BQQIABAAkAYAmAYAogYONzEyNSNMQVgxOjYzMDK4BgDBBgABMywA8D_QBqkl2gYWChAFEB0BYBAAGADgBgHyBocBCPr7PhKAATF4Tm1RbG8hithEQUFrQ0JRRUktdHZJQmhDYjBic0NHSTM0eFFJZ0J5Z0FRSy1TcndWSTZMU3ZCVkRaTDFpZU1YNqgBAGc1qAxBQUFJGkEJLEpvQkFnZ0FxQUVBcy4gADxBLi6ABwGIBwCgBwG6Bw8IBaAAICFNLIwWQADIB9_dBdIHDS0NBDlAAb4I2gcGCSfwXuAHAOoHAggA8AeW5AuKCEYKQgAAAYRSJE6wWMMe2uvMaSrV7cXGZBCtNrP9oJ9vbEVuQn8jcHWomh1J-kK5mhHIBNse8z9aXTHLBVv7lIYbtMlZ7xABlQgAAIA_mAgB&s=5f8c21ee4ce57c9bd638c97d7d06f8018029568a&type=nv&nvt=5&jm=1003&px=438&py=1147&bw=300&bh=250&sid=9014664831530545421&vd=ct~0|rr~0&sv=229&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22669261&cid=3&cr=nv&sw=1600&sh=1200&pw=1600&ph=2040&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/229/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:28 GMT
AN-X-Request-Uuid
2c43cc0a-c642-4c89-b467-410a58e25b97
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://anotepad.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
116.90.74.203; 116.90.74.203; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel;r=471112200;rf=0;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df;uht=2;fpan=1;fpa=P0-929662524-1667825424379;pbc=;ns=0;ce=1;qjs=1;qv=52053f22-20221102120139;cm=;gdpr=0;ref...
pixel.quantserve.com/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=471112200;rf=0;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df;uht=2;fpan=1;fpa=P0-929662524-1667825424379;pbc=;ns=0;ce=1;qjs=1;qv=52053f22-20221102120139;cm=;gdpr=0;ref=;d=anotepad.com;dst=0;et=1667825427487;tzo=0;ogl=;ses=211ed8c3-2255-4f19-ba73-e45b79a228af
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.171 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 07 Nov 2022 12:50:28 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 178F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 07 Nov 2022 12:50:27 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 07 Nov 2022 12:50:27 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
cm
us-u.openx.net/w/1.0/ Frame E467
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1667825427329.6&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c...
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D...
1 KB
625 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
30b4213756ebdf11bb064efea6d2e17d02825331c505206204e977ec74425aad

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
606
content-type
text/html
date
Mon, 07 Nov 2022 12:50:27 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Mon, 07 Nov 2022 12:50:26 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP007
x-33x-status
40000000008200000A
setuid
s2s.t13.io/ Frame 153A
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1667825427329.&ri=zzz000000000002zzz&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3...
  • https://s2s.t13.io/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=&f=b&uid=212025377257192
0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=&f=b&uid=212025377257192
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:27 GMT
via
1.1 google
content-type
text/html
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:26 GMT
referrer-policy
unsafe-url
server
33XP014
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://s2s.t13.io/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=&f=b&uid=212025377257192
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 153A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=the33across&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=aecd6e24-a5c6-432b-b87d-76314db61f68&expires=30&ssp=the33across&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=fc240e64-2c43-4293-a491-f4a75f6549c2
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=fc240e64-2c43-4293-a491-f4a75f6549c2&ts=1667825428&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=fc240e64-2c43-4293-a491-f4a75f6549c2&ts=1667825428&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:28 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:27 GMT
referrer-policy
unsafe-url
server
33XP015
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=fc240e64-2c43-4293-a491-f4a75f6549c2&ts=1667825428&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 153A
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1667825427329.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fe...
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=fecc6368-ff0f-4500-8782-ef9de7e74b2d
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=fecc6368-ff0f-4500-8782-ef9de7e74b2d
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:28 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Date
Mon, 07 Nov 2022 12:50:27 GMT
Server
MT3 4629 97bee97 master hkg-pixel-x1 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=fecc6368-ff0f-4500-8782-ef9de7e74b2d
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 07 Nov 2022 12:50:26 GMT
match
events-ssc.33across.com/ Frame 153A
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=0cedcec1-0595-4a97-9e3c-1b0a7c3569e7-6368ff11-4e5a
  • https://events-ssc.33across.com/match?bidder_id=45&external_user_id=0cedcec1-0595-4a97-9e3c-1b0a7c3569e7-6368ff11-4e5a&ts=1667825428&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=45&external_user_id=0cedcec1-0595-4a97-9e3c-1b0a7c3569e7-6368ff11-4e5a&ts=1667825428&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:28 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:27 GMT
referrer-policy
unsafe-url
server
33XP019
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=45&external_user_id=0cedcec1-0595-4a97-9e3c-1b0a7c3569e7-6368ff11-4e5a&ts=1667825428&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 153A
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1667825427329.7&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=1447531807871813638
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=1447531807871813638
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:28 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:27 GMT
AN-X-Request-Uuid
865b1453-839c-4041-b0d5-c4e32df10ad4
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=1447531807871813638
Connection
keep-alive
X-Proxy-Origin
116.90.74.203; 116.90.74.203; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame BAF0 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156696&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.85 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:27 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame CD99 		603 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=85375351&p=156696&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
dd270db44ecccdf58e57182aa8197e42b24a93b45fcd9700cf3a8625e726c714

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 07 Nov 2022 12:50:27 GMT
content-length
603
content-type
text/html; charset=UTF-8
c
c.pub.network/ 		36 B
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.35.0.e0d13514c58243f74fadfae994357dea0b370718.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.110.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.110.160.34.bc.googleusercontent.com
Software
/
Resource Hash
0f0f3b998098773e2c44efc426ddf2389b690e652fee53b2dcc0686bc96cffd2

Request headers

Referer
https://anotepad.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 07 Nov 2022 12:50:28 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
preload.jpg
c.bannerflow.net/accounts/videoslots/5b51d34868173955bc45cde2/published/3137291/3508517/ Frame 1DC1 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/videoslots/5b51d34868173955bc45cde2/published/3137291/3508517/preload.jpg
Requested by
Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_CAS_ACQ_NZ_WelcomeOfferOct2022_300x250&pubhost=anotepad.com&apnauc=6395989821403982122&tclk=https%3A%2F%2Flax1-ib.adnxs.com%2Fclick%3FpCTON1n53D91A12pwSnOPwAAAAApXAlAKSIamdvP0T-yaDo7GRzhPyppzOvaHsNYBkhHiYKqFhQO_2hjAAAAAM3nWQHVGwAAmBwAAAIAAAAvuykXvt4QAAAAAABVU0QAVVNEACwB-gCYHQAAAAABAQUCAAAAAK4AuCJZ9gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21txUMUQjBiecZEK_2prkBGL69QyAAKAAxmpmZmZmZ7T86CUxBWDE6NTUzN0DZL0kAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNMQVgxOjU1Mzc%3D%2Fbn%3D93919%2Fclickenc%3D&client=Videoslots&dspid=3bc1d7fd2e&placement=DDM_APN_CAS_ACQ_NZ_300x250&bidid=6395989821403982122&_cb=708776318
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9686e45f0a8b2b98219b4722574e7b816378f09a94b9bb819bcd450d4210cfe5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssl.connextra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 07 Nov 2022 12:50:28 GMT
cf-cache-status
HIT
age
303813
content-length
18150
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Wed, 05 Oct 2022 15:54:37 GMT
server
cloudflare
etag
"0x8DAA6E9E82CEAAE"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
b6219db1-b01e-0093-16e4-ef362c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
accept-ranges
bytes
cf-ray
766631dd9dcaa94f-SYD
controller
ssl.connextra.com/servlet/ Frame 1DC1 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.connextra.com/servlet/controller?service=DDM_CAS_ACQ_NZ_WelcomeOfferOct2022_300x250&pubhost=anotepad.com&apnauc=6395989821403982122&tclk=https%3A%2F%2Flax1-ib.adnxs.com%2Fclick%3FpCTON1n53D91A12pwSnOPwAAAAApXAlAKSIamdvP0T-yaDo7GRzhPyppzOvaHsNYBkhHiYKqFhQO_2hjAAAAAM3nWQHVGwAAmBwAAAIAAAAvuykXvt4QAAAAAABVU0QAVVNEACwB-gCYHQAAAAABAQUCAAAAAK4AuCJZ9gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21txUMUQjBiecZEK_2prkBGL69QyAAKAAxmpmZmZmZ7T86CUxBWDE6NTUzN0DZL0kAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNMQVgxOjU1Mzc%3D%2Fbn%3D93919%2Fclickenc%3D&client=Videoslots&dspid=3bc1d7fd2e&placement=DDM_APN_CAS_ACQ_NZ_300x250&bidid=6395989821403982122&_cb=708776318
Requested by
Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_CAS_ACQ_NZ_WelcomeOfferOct2022_300x250&pubhost=anotepad.com&apnauc=6395989821403982122&tclk=https%3A%2F%2Flax1-ib.adnxs.com%2Fclick%3FpCTON1n53D91A12pwSnOPwAAAAApXAlAKSIamdvP0T-yaDo7GRzhPyppzOvaHsNYBkhHiYKqFhQO_2hjAAAAAM3nWQHVGwAAmBwAAAIAAAAvuykXvt4QAAAAAABVU0QAVVNEACwB-gCYHQAAAAABAQUCAAAAAK4AuCJZ9gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21txUMUQjBiecZEK_2prkBGL69QyAAKAAxmpmZmZmZ7T86CUxBWDE6NTUzN0DZL0kAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNMQVgxOjU1Mzc%3D%2Fbn%3D93919%2Fclickenc%3D&client=Videoslots&dspid=3bc1d7fd2e&placement=DDM_APN_CAS_ACQ_NZ_300x250&bidid=6395989821403982122&_cb=708776318
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.66.153.10 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-153-10.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssl.connextra.com/servlet/controller?service=DDM_CAS_ACQ_NZ_WelcomeOfferOct2022_300x250&pubhost=anotepad.com&apnauc=6395989821403982122&tclk=https%3A%2F%2Flax1-ib.adnxs.com%2Fclick%3FpCTON1n53D91A12pwSnOPwAAAAApXAlAKSIamdvP0T-yaDo7GRzhPyppzOvaHsNYBkhHiYKqFhQO_2hjAAAAAM3nWQHVGwAAmBwAAAIAAAAvuykXvt4QAAAAAABVU0QAVVNEACwB-gCYHQAAAAABAQUCAAAAAK4AuCJZ9gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21txUMUQjBiecZEK_2prkBGL69QyAAKAAxmpmZmZmZ7T86CUxBWDE6NTUzN0DZL0kAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNMQVgxOjU1Mzc%3D%2Fbn%3D93919%2Fclickenc%3D&client=Videoslots&dspid=3bc1d7fd2e&placement=DDM_APN_CAS_ACQ_NZ_300x250&bidid=6395989821403982122&_cb=708776318
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Mon, 07 Nov 2022 12:59:02 GMT
date
Mon, 07 Nov 2022 12:50:28 GMT
content-encoding
gzip
content-type
text/html;charset=UTF-8
content-length
952
vary
Accept-Encoding
x-served-by
vlp-cxtadsrv14.connextra.net
preload.jpg
c.bannerflow.net/accounts/videoslots/5b51d34868173955bc45cde2/published/3137291/3508517/ Frame BCEA 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/videoslots/5b51d34868173955bc45cde2/published/3137291/3508517/preload.jpg
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/633da6863b59743d4efca8ec?did=5cf6638e8e4e100001a17710&deeplink=on&redirecturl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9686e45f0a8b2b98219b4722574e7b816378f09a94b9bb819bcd450d4210cfe5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssl.connextra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 07 Nov 2022 12:50:28 GMT
cf-cache-status
HIT
age
303813
content-length
18150
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Wed, 05 Oct 2022 15:54:37 GMT
server
cloudflare
etag
"0x8DAA6E9E82CEAAE"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
b6219db1-b01e-0093-16e4-ef362c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
accept-ranges
bytes
cf-ray
766631dd9dd1a94f-SYD
controller
ssl.connextra.com/servlet/ Frame BCEA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.connextra.com/servlet/controller?service=DDM_CAS_ACQ_NZ_WelcomeOfferOct2022_300x250&pubhost=anotepad.com&apnauc=6395989821403982122&tclk=https%3A%2F%2Flax1-ib.adnxs.com%2Fclick%3FpCTON1n53D91A12pwSnOPwAAAAApXAlAKSIamdvP0T-yaDo7GRzhPyppzOvaHsNYBkhHiYKqFhQO_2hjAAAAAM3nWQHVGwAAmBwAAAIAAAAvuykXvt4QAAAAAABVU0QAVVNEACwB-gCYHQAAAAABAQUCAAAAAK4AuCJZ9gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21txUMUQjBiecZEK_2prkBGL69QyAAKAAxmpmZmZmZ7T86CUxBWDE6NTUzN0DZL0kAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNMQVgxOjU1Mzc%3D%2Fbn%3D93919%2Fclickenc%3D&client=Videoslots&dspid=3bc1d7fd2e&placement=DDM_APN_CAS_ACQ_NZ_300x250&bidid=6395989821403982122&_cb=708776318
Requested by
Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_CAS_ACQ_NZ_WelcomeOfferOct2022_300x250&pubhost=anotepad.com&apnauc=6395989821403982122&tclk=https%3A%2F%2Flax1-ib.adnxs.com%2Fclick%3FpCTON1n53D91A12pwSnOPwAAAAApXAlAKSIamdvP0T-yaDo7GRzhPyppzOvaHsNYBkhHiYKqFhQO_2hjAAAAAM3nWQHVGwAAmBwAAAIAAAAvuykXvt4QAAAAAABVU0QAVVNEACwB-gCYHQAAAAABAQUCAAAAAK4AuCJZ9gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21txUMUQjBiecZEK_2prkBGL69QyAAKAAxmpmZmZmZ7T86CUxBWDE6NTUzN0DZL0kAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNMQVgxOjU1Mzc%3D%2Fbn%3D93919%2Fclickenc%3D&client=Videoslots&dspid=3bc1d7fd2e&placement=DDM_APN_CAS_ACQ_NZ_300x250&bidid=6395989821403982122&_cb=708776318
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.66.153.10 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-153-10.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssl.connextra.com/servlet/controller?service=DDM_CAS_ACQ_NZ_WelcomeOfferOct2022_300x250&pubhost=anotepad.com&apnauc=6395989821403982122&tclk=https%3A%2F%2Flax1-ib.adnxs.com%2Fclick%3FpCTON1n53D91A12pwSnOPwAAAAApXAlAKSIamdvP0T-yaDo7GRzhPyppzOvaHsNYBkhHiYKqFhQO_2hjAAAAAM3nWQHVGwAAmBwAAAIAAAAvuykXvt4QAAAAAABVU0QAVVNEACwB-gCYHQAAAAABAQUCAAAAAK4AuCJZ9gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21txUMUQjBiecZEK_2prkBGL69QyAAKAAxmpmZmZmZ7T86CUxBWDE6NTUzN0DZL0kAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNMQVgxOjU1Mzc%3D%2Fbn%3D93919%2Fclickenc%3D&client=Videoslots&dspid=3bc1d7fd2e&placement=DDM_APN_CAS_ACQ_NZ_300x250&bidid=6395989821403982122&_cb=708776318
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Mon, 07 Nov 2022 12:59:02 GMT
date
Mon, 07 Nov 2022 12:50:28 GMT
content-encoding
gzip
content-type
text/html;charset=UTF-8
content-length
952
vary
Accept-Encoding
x-served-by
vlp-cxtadsrv14.connextra.net
usync.js
eus.rubiconproject.com/ Frame 178F 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4d621a2a8897ad3e6f3dcac6c188926f5db6ac256b62aea1826cfdfc4fd01069

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 07 Nov 2022 12:50:28 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Nov 2022 10:40:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=78613
Connection
keep-alive
Content-Length
9884
Expires
Tue, 08 Nov 2022 10:40:41 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame DC98
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1667825428861
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3307588191
  • https://sync.1rx.io/usersync/tradedesk/aecd6e24-a5c6-432b-b87d-76314db61f68
  • https://sync.targeting.unrulymedia.com/csync/RX-d198bfc5-cb4a-4f60-b1da-4878327bd77c-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d198bfc5-cb4a-4f60-b1da-4878327bd77c-004
42 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d198bfc5-cb4a-4f60-b1da-4878327bd77c-004
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 07 Nov 2022 12:50:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Mon, 07 Nov 2022 12:50:30 GMT
etag
RXd198bfc5cb4a4f60b1da4878327bd77c004
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d198bfc5-cb4a-4f60-b1da-4878327bd77c-004
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
info2
uipglob.semasio.net/pubmatic/1/ Frame CD99
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=8BEF0174-B64A-4E0E-8223-1C141AF7A63B&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=8BEF0174-B64A-4E0E-8223-1C141AF7A63B&sInitiator=external&gdpr=0&gdpr_consent=
42 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=8BEF0174-B64A-4E0E-8223-1C141AF7A63B&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
119.9.108.180 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

uip-response-status
FallbackResponse
date
Mon, 07 Nov 2022 12:50:26 GMT
frontend-id
0
content-length
42
routing-server-id
1
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:26 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=8BEF0174-B64A-4E0E-8223-1C141AF7A63B&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame CD99 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=8BEF0174-B64A-4E0E-8223-1C141AF7A63B&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.220.14.31 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-14-31.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:28 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.0.148
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame CD99
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=8BEF0174-B64A-4E0E-8223-1C141AF7A63B
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=10f90be7-2fc3-48af-b44a-471735ad387f%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=aecd6e24-a5c6-432b-b87d-76314db61f68&ttd_puid=10f90be7-2fc3-48af-b44a-471735ad387f%2C
95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=aecd6e24-a5c6-432b-b87d-76314db61f68&ttd_puid=10f90be7-2fc3-48af-b44a-471735ad387f%2C
Protocol
H3
Server
107.178.244.193 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
193.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:28 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:28 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=aecd6e24-a5c6-432b-b87d-76314db61f68&ttd_puid=10f90be7-2fc3-48af-b44a-471735ad387f%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
353
match
events-ssc.33across.com/ Frame E467 		68 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=70&external_user_id=188fedea-c3f6-4acc-9617-04b5f276248f
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:28 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png
sync
ups.analytics.yahoo.com/ups/58294/ Frame E467 		0
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&gdpr=0&uid=4020620d-c517-406a-a907-ca6f6f8142b9
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.13.196 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sd
us-u.openx.net/w/1.0/ Frame E467
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=9B4E31979F8D4E72B480B22951A5C75C
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=9B4E31979F8D4E72B480B22951A5C75C
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:28 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Mon, 07 Nov 2022 12:50:28 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=9B4E31979F8D4E72B480B22951A5C75C
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 06 Nov 2022 12:50:28 GMT
redirect
match.rundsp.com/ Frame E467 		0
0
19cb1bfc173dcb98ccec
s.amazon-adsystem.com/x/ Frame E467 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/19cb1bfc173dcb98ccec
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sd
us-u.openx.net/w/1.0/ Frame E467
Redirect Chain
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=EMAmbLl81OS1A55
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072979&val=EMAmbLl81OS1A55
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:29 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 12:50:28 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-0be4466892d3f37f0@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Location
https://us-u.openx.net/w/1.0/sd?id=537072979&val=EMAmbLl81OS1A55
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame E467
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y2j-EgAGTIs6agAO
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y2j-EgAGTIs6agAO
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:28 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-mel11227-MEL
pragma
no-cache
date
Mon, 07 Nov 2022 12:50:28 GMT
via
1.1 varnish
server
Varnish
x-timer
S1667825428.177876,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y2j-EgAGTIs6agAO
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
openx
tr.blismedia.com/v1/api/sync/ Frame E467 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/openx
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:28 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sd
jp-u.openx.net/w/1.0/ Frame E467
Redirect Chain
  • https://bk.r-ad.ne.jp/3/cs
  • https://jp-u.openx.net/w/1.0/sd?id=537097918&val=51LCoT007BDAY008SkuH
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537097918&val=51LCoT007BDAY008SkuH
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:29 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-store, no-cache
Date
Mon, 07 Nov 2022 12:50:29 GMT
Server
nginx
P3P
CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location
//jp-u.openx.net/w/1.0/sd?id=537097918&val=51LCoT007BDAY008SkuH
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
X-SID
159f32b0
pxd
dps.jp.cinarra.com/ Frame E467 		95 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=1&USER_ID=08567c84-03a8-806f-f028-b9316bbe092e
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.177.223.79 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-177-223-79.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 07 Nov 2022 12:50:28 GMT
Connection
keep-alive
Content-Length
95
Content-Type
image/png
fa2387c0-8dd1-e86a-cbf7-1d9007757b99
pr-bh.ybp.yahoo.com/sync/openx/ Frame E467 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/fa2387c0-8dd1-e86a-cbf7-1d9007757b99?gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.229.186.111 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-186-111.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
setuid
s2s.t13.io/
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsmartadserver%26gdpr%3D%26gdpr_consent%3D%26us_...
  • https://s2s.t13.io/setuid?bidder=smartadserver&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=5107663499214103132
86 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=smartadserver&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=5107663499214103132
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:29 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

location
https://s2s.t13.io/setuid?bidder=smartadserver&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=5107663499214103132
date
Mon, 07 Nov 2022 12:50:28 GMT
content-length
0
/
c.bannerflow.net/tr/v2/pixel/ Frame 1DC1 		0
72 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/tr/v2/pixel/
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/633da6863b59743d4efca8ec?did=5cf6638e8e4e100001a17710&deeplink=on&redirecturl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssl.connextra.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 07 Nov 2022 12:50:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
766631deaef7a94f-SYD
content-length
0
request-context
appId=cid-v1:2080cc18-71b2-4e5d-992c-a3d1331a0b3e
/
c.bannerflow.net/tr/v2/pixel/ Frame BCEA 		0
33 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/tr/v2/pixel/
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/633da6863b59743d4efca8ec?did=5cf6638e8e4e100001a17710&deeplink=on&redirecturl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssl.connextra.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 07 Nov 2022 12:50:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
766631decf0aa94f-SYD
content-length
0
request-context
appId=cid-v1:2080cc18-71b2-4e5d-992c-a3d1331a0b3e
match
events-ssc.33across.com/ Frame 178F
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LA6S718R-H-JE1C
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LA6S718R-H-JE1C
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LA6S718R-H-JE1C&ts=1667825428&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LA6S718R-H-JE1C&ts=1667825428&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:29 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 12:50:28 GMT
referrer-policy
unsafe-url
server
33XP011
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LA6S718R-H-JE1C&ts=1667825428&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
widget.8df41d2671dfa891982b.js
c.bannerflow.net/scripts/ Frame 1DC1 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/widget.8df41d2671dfa891982b.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/633da6863b59743d4efca8ec?did=5cf6638e8e4e100001a17710&deeplink=on&redirecturl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1d598cb92aa54d28e5d648b5ea6e9abbdec81fe68a0001a654f5761762c64e7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssl.connextra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 07 Nov 2022 12:50:29 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
tpR60puMbYiCqblhTVcayg==
age
2856032
cf-polished
origSize=20298
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Wed, 05 Oct 2022 10:59:47 GMT
server
cloudflare
etag
W/"0x8DAA6C0B7E8800F"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f7654d0e-b01e-0093-69ad-d8362c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
766631e3db18a94f-SYD
document.ee344707d1.js
c.bannerflow.net/accounts/videoslots/5b51d34868173955bc45cde2/published/3137291/3508517/ Frame 1DC1 		44 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/accounts/videoslots/5b51d34868173955bc45cde2/published/3137291/3508517/document.ee344707d1.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/633da6863b59743d4efca8ec?did=5cf6638e8e4e100001a17710&deeplink=on&redirecturl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ceb9ce93b2cb70a87cb0aa643b65df68a61d7aae793b4fc671dc43c7d47e0172

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssl.connextra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 07 Nov 2022 12:50:29 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
7jRHB9HayA9IbIW2rGgI0Q==
age
250624
cf-polished
origSize=47514
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Wed, 05 Oct 2022 15:54:43 GMT
server
cloudflare
etag
W/"0x8DAA6E9EB745446"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
aa9b4aca-601e-005b-0b5f-f0d41d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
766631e3db19a94f-SYD
animated-creative.8efb8a8f987018efd96b.js
c.bannerflow.net/scripts/ Frame 1DC1 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/animated-creative.8efb8a8f987018efd96b.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/633da6863b59743d4efca8ec?did=5cf6638e8e4e100001a17710&deeplink=on&redirecturl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d08bc37e61bd6df9b01a6e2571d67bd9dd5d741a22bfb5f0a3d0ecff71ed70e2

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssl.connextra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 07 Nov 2022 12:50:29 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
1mFSQH3i/58pkGoZGun9aA==
age
2856032
cf-polished
origSize=148559
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Wed, 05 Oct 2022 10:59:47 GMT
server
cloudflare
etag
W/"0x8DAA6C0B7BE3F53"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c58ff3eb-601e-0039-52ad-d8163a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
766631e3db1aa94f-SYD
widget.8df41d2671dfa891982b.js
c.bannerflow.net/scripts/ Frame BCEA 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/widget.8df41d2671dfa891982b.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/633da6863b59743d4efca8ec?did=5cf6638e8e4e100001a17710&deeplink=on&redirecturl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1d598cb92aa54d28e5d648b5ea6e9abbdec81fe68a0001a654f5761762c64e7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssl.connextra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 07 Nov 2022 12:50:29 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
tpR60puMbYiCqblhTVcayg==
age
2856032
cf-polished
origSize=20298
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Wed, 05 Oct 2022 10:59:47 GMT
server
cloudflare
etag
W/"0x8DAA6C0B7E8800F"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f7654d0e-b01e-0093-69ad-d8362c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
766631e3eb1ea94f-SYD
document.ee344707d1.js
c.bannerflow.net/accounts/videoslots/5b51d34868173955bc45cde2/published/3137291/3508517/ Frame BCEA 		44 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/accounts/videoslots/5b51d34868173955bc45cde2/published/3137291/3508517/document.ee344707d1.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/633da6863b59743d4efca8ec?did=5cf6638e8e4e100001a17710&deeplink=on&redirecturl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ceb9ce93b2cb70a87cb0aa643b65df68a61d7aae793b4fc671dc43c7d47e0172

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssl.connextra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 07 Nov 2022 12:50:29 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
7jRHB9HayA9IbIW2rGgI0Q==
age
250624
cf-polished
origSize=47514
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Wed, 05 Oct 2022 15:54:43 GMT
server
cloudflare
etag
W/"0x8DAA6E9EB745446"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
aa9b4aca-601e-005b-0b5f-f0d41d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
766631e3eb1fa94f-SYD
animated-creative.8efb8a8f987018efd96b.js
c.bannerflow.net/scripts/ Frame BCEA 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/animated-creative.8efb8a8f987018efd96b.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/633da6863b59743d4efca8ec?did=5cf6638e8e4e100001a17710&deeplink=on&redirecturl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d08bc37e61bd6df9b01a6e2571d67bd9dd5d741a22bfb5f0a3d0ecff71ed70e2

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssl.connextra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 07 Nov 2022 12:50:29 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
1mFSQH3i/58pkGoZGun9aA==
age
2856032
cf-polished
origSize=148559
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Wed, 05 Oct 2022 10:59:47 GMT
server
cloudflare
etag
W/"0x8DAA6C0B7BE3F53"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c58ff3eb-601e-0039-52ad-d8163a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
766631e3eb21a94f-SYD
truncated
/ Frame 1DC1 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
105e45cd-79ca-45b1-ac5a-5eb7ccf75aad
https://ssl.connextra.com/ Frame E135 		668 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://ssl.connextra.com/105e45cd-79ca-45b1-ac5a-5eb7ccf75aad
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.8efb8a8f987018efd96b.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
668
font
c.bannerflow.net/fs/api/v2/ Frame 1DC1 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5b51d2c1a4dbc1557037c930%2Fb0e5c795-3904-4ed0-8cd5-97d3059d89e7.woff&t=%20DEFINOPRSTUVYdeilost
Requested by
Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_CAS_ACQ_NZ_WelcomeOfferOct2022_300x250&pubhost=anotepad.com&apnauc=6395989821403982122&tclk=https%3A%2F%2Flax1-ib.adnxs.com%2Fclick%3FpCTON1n53D91A12pwSnOPwAAAAApXAlAKSIamdvP0T-yaDo7GRzhPyppzOvaHsNYBkhHiYKqFhQO_2hjAAAAAM3nWQHVGwAAmBwAAAIAAAAvuykXvt4QAAAAAABVU0QAVVNEACwB-gCYHQAAAAABAQUCAAAAAK4AuCJZ9gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21txUMUQjBiecZEK_2prkBGL69QyAAKAAxmpmZmZmZ7T86CUxBWDE6NTUzN0DZL0kAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNMQVgxOjU1Mzc%3D%2Fbn%3D93919%2Fclickenc%3D&client=Videoslots&dspid=3bc1d7fd2e&placement=DDM_APN_CAS_ACQ_NZ_300x250&bidid=6395989821403982122&_cb=708776318
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d885d3a2a26cd29dc75166471b4ebc3b8c0eb9e5a6d5d348c6a1c0391b5f27f8

Request headers

Referer
https://ssl.connextra.com/
Origin
https://ssl.connextra.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:29 GMT
cf-cache-status
HIT
last-modified
Fri, 04 Nov 2022 00:27:08 GMT
server
cloudflare
age
303801
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=b0e5c795-3904-4ed0-8cd5-97d3059d89e7-subset.woff
cf-ray
766631e89990aae7-SYD
expires
Sat, 04 Nov 2023 00:27:08 GMT
truncated
/ Frame BCEA 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
434115c4-eaf1-4ecc-b29a-58ca276a7635
https://ssl.connextra.com/ Frame 2709 		668 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://ssl.connextra.com/434115c4-eaf1-4ecc-b29a-58ca276a7635
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.8efb8a8f987018efd96b.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
668
font
c.bannerflow.net/fs/api/v2/ Frame BCEA 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5b51d2c1a4dbc1557037c930%2Fb0e5c795-3904-4ed0-8cd5-97d3059d89e7.woff&t=%20DEFINOPRSTUVYdeilost
Requested by
Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_CAS_ACQ_NZ_WelcomeOfferOct2022_300x250&pubhost=anotepad.com&apnauc=6395989821403982122&tclk=https%3A%2F%2Flax1-ib.adnxs.com%2Fclick%3FpCTON1n53D91A12pwSnOPwAAAAApXAlAKSIamdvP0T-yaDo7GRzhPyppzOvaHsNYBkhHiYKqFhQO_2hjAAAAAM3nWQHVGwAAmBwAAAIAAAAvuykXvt4QAAAAAABVU0QAVVNEACwB-gCYHQAAAAABAQUCAAAAAK4AuCJZ9gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21txUMUQjBiecZEK_2prkBGL69QyAAKAAxmpmZmZmZ7T86CUxBWDE6NTUzN0DZL0kAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNMQVgxOjU1Mzc%3D%2Fbn%3D93919%2Fclickenc%3D&client=Videoslots&dspid=3bc1d7fd2e&placement=DDM_APN_CAS_ACQ_NZ_300x250&bidid=6395989821403982122&_cb=708776318
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d885d3a2a26cd29dc75166471b4ebc3b8c0eb9e5a6d5d348c6a1c0391b5f27f8

Request headers

Referer
https://ssl.connextra.com/
Origin
https://ssl.connextra.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:29 GMT
cf-cache-status
HIT
last-modified
Fri, 04 Nov 2022 00:27:08 GMT
server
cloudflare
age
303801
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=b0e5c795-3904-4ed0-8cd5-97d3059d89e7-subset.woff
cf-ray
766631e89992aae7-SYD
expires
Sat, 04 Nov 2023 00:27:08 GMT
font
c.bannerflow.net/fs/api/v2/ Frame BCEA 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5b51d2c1a4dbc1557037c930%2F38b422fb-04af-407d-915f-7370c1de9f96.woff&t=%20%24%25%27012ABCDEGHILNOPRSTUW
Requested by
Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_CAS_ACQ_NZ_WelcomeOfferOct2022_300x250&pubhost=anotepad.com&apnauc=6395989821403982122&tclk=https%3A%2F%2Flax1-ib.adnxs.com%2Fclick%3FpCTON1n53D91A12pwSnOPwAAAAApXAlAKSIamdvP0T-yaDo7GRzhPyppzOvaHsNYBkhHiYKqFhQO_2hjAAAAAM3nWQHVGwAAmBwAAAIAAAAvuykXvt4QAAAAAABVU0QAVVNEACwB-gCYHQAAAAABAQUCAAAAAK4AuCJZ9gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21txUMUQjBiecZEK_2prkBGL69QyAAKAAxmpmZmZmZ7T86CUxBWDE6NTUzN0DZL0kAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNMQVgxOjU1Mzc%3D%2Fbn%3D93919%2Fclickenc%3D&client=Videoslots&dspid=3bc1d7fd2e&placement=DDM_APN_CAS_ACQ_NZ_300x250&bidid=6395989821403982122&_cb=708776318
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ee4abde9d3ff80cf0c276af8d2f5cc75f90c55d3a88fa09008b04dd6c5c13d0

Request headers

Referer
https://ssl.connextra.com/
Origin
https://ssl.connextra.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:30 GMT
cf-cache-status
HIT
last-modified
Fri, 04 Nov 2022 00:27:12 GMT
server
cloudflare
age
303798
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=38b422fb-04af-407d-915f-7370c1de9f96-subset.woff
cf-ray
766631e9aa83aae7-SYD
expires
Sat, 04 Nov 2023 00:27:12 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame CD99 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156696&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.85 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:30 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
font
c.bannerflow.net/fs/api/v2/ Frame 1DC1 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5b51d2c1a4dbc1557037c930%2F38b422fb-04af-407d-915f-7370c1de9f96.woff&t=%20%24%25%27012ABCDEGHILNOPRSTUW
Requested by
Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_CAS_ACQ_NZ_WelcomeOfferOct2022_300x250&pubhost=anotepad.com&apnauc=6395989821403982122&tclk=https%3A%2F%2Flax1-ib.adnxs.com%2Fclick%3FpCTON1n53D91A12pwSnOPwAAAAApXAlAKSIamdvP0T-yaDo7GRzhPyppzOvaHsNYBkhHiYKqFhQO_2hjAAAAAM3nWQHVGwAAmBwAAAIAAAAvuykXvt4QAAAAAABVU0QAVVNEACwB-gCYHQAAAAABAQUCAAAAAK4AuCJZ9gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21txUMUQjBiecZEK_2prkBGL69QyAAKAAxmpmZmZmZ7T86CUxBWDE6NTUzN0DZL0kAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNMQVgxOjU1Mzc%3D%2Fbn%3D93919%2Fclickenc%3D&client=Videoslots&dspid=3bc1d7fd2e&placement=DDM_APN_CAS_ACQ_NZ_300x250&bidid=6395989821403982122&_cb=708776318
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ee4abde9d3ff80cf0c276af8d2f5cc75f90c55d3a88fa09008b04dd6c5c13d0

Request headers

Referer
https://ssl.connextra.com/
Origin
https://ssl.connextra.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:30 GMT
cf-cache-status
HIT
last-modified
Fri, 04 Nov 2022 00:27:12 GMT
server
cloudflare
age
303798
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=38b422fb-04af-407d-915f-7370c1de9f96-subset.woff
cf-ray
766631ea6b59aae7-SYD
expires
Sat, 04 Nov 2023 00:27:12 GMT
optimize
c.bannerflow.net/io/api/image/ Frame B51E 		932 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fvideoslots%2F5b51d34868173955bc45cde2%2Fimages%2F1b53a974-18d2-4422-930f-2a8579ca537c.jpg&w=321&h=563&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f613fc898027e01e4c9285fc8b189e14fe34bc33dd65650adb1170e87c7bf5d7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:30 GMT
cf-cache-status
HIT
last-modified
Mon, 07 Nov 2022 00:31:53 GMT
api-supported-versions
2.0
server
cloudflare
age
44317
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
766631eae8c3a94f-SYD
content-length
932
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame B51E 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fvideoslots%2F5b51d34868173955bc45cde2%2Fimages%2F96fdfd0a-10ed-4cb4-a240-a62e6a91bbb6.png&w=123&h=17&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74784c8ab69c6047979ebc2810538e6d706b197ab1b7ead8492f8c3b269dab0c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:30 GMT
cf-cache-status
HIT
last-modified
Sun, 06 Nov 2022 15:07:42 GMT
api-supported-versions
2.0
server
cloudflare
age
78168
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
766631eae8c4a94f-SYD
content-length
1202
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame B51E 		870 B
968 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fvideoslots%2F5b51d34868173955bc45cde2%2Fimages%2Febd95c8d-0d33-4b53-a6c5-eae7aa45a748.png&w=71&h=14&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
047dd419be81739b93d085506e9be73a9260b4d8d8b99ce303fdb16ea56bb859

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:30 GMT
cf-cache-status
HIT
last-modified
Mon, 07 Nov 2022 00:31:52 GMT
api-supported-versions
2.0
server
cloudflare
age
44318
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
766631eae8c5a94f-SYD
content-length
870
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame B51E 		824 B
914 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fvideoslots%2F5b51d34868173955bc45cde2%2Fimages%2Fcc49c68b-fc8a-44cb-8c2e-9f3bf6999338.png&w=21&h=20&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65932199ad7eafa8f42880a9d8f7b24d148aa99b110869670aada0b9446e2798

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:30 GMT
cf-cache-status
HIT
last-modified
Sun, 06 Nov 2022 15:16:05 GMT
api-supported-versions
2.0
server
cloudflare
age
77665
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
766631eae8c7a94f-SYD
content-length
824
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame B51E 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fvideoslots%2F5b51d34868173955bc45cde2%2Fimages%2Fe411d746-fa3b-4586-aff1-506da4b8280b.png&w=82&h=49&q=99&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc188663cff3c3a63b6ea5485448eb873694318dae8fa048678662373971dd26

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:30 GMT
cf-cache-status
HIT
last-modified
Mon, 07 Nov 2022 00:52:43 GMT
api-supported-versions
2.0
server
cloudflare
age
43067
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
766631eaf8d5a94f-SYD
content-length
5934
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
font
c.bannerflow.net/fs/api/v2/ Frame BCEA 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5b51d2c1a4dbc1557037c930%2F339fab82-0394-4a92-aa6a-6042aa8bfb8d.woff%3Fr%3D0.6752528648206917&t=%20%24%25%26%2B%2C.%2F01234568%3AABCDFGLMNOPRTVWabcdefghijklmnopqrstuvwxy%E2%80%93%E2%80%99
Requested by
Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_CAS_ACQ_NZ_WelcomeOfferOct2022_300x250&pubhost=anotepad.com&apnauc=6395989821403982122&tclk=https%3A%2F%2Flax1-ib.adnxs.com%2Fclick%3FpCTON1n53D91A12pwSnOPwAAAAApXAlAKSIamdvP0T-yaDo7GRzhPyppzOvaHsNYBkhHiYKqFhQO_2hjAAAAAM3nWQHVGwAAmBwAAAIAAAAvuykXvt4QAAAAAABVU0QAVVNEACwB-gCYHQAAAAABAQUCAAAAAK4AuCJZ9gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21txUMUQjBiecZEK_2prkBGL69QyAAKAAxmpmZmZmZ7T86CUxBWDE6NTUzN0DZL0kAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNMQVgxOjU1Mzc%3D%2Fbn%3D93919%2Fclickenc%3D&client=Videoslots&dspid=3bc1d7fd2e&placement=DDM_APN_CAS_ACQ_NZ_300x250&bidid=6395989821403982122&_cb=708776318
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
239ab2e68c75eab8347c993ab885a04b50d95c81294f51cc09a0d2ae1c8d3e26

Request headers

Referer
https://ssl.connextra.com/
Origin
https://ssl.connextra.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:30 GMT
cf-cache-status
HIT
last-modified
Fri, 07 Oct 2022 14:37:13 GMT
server
cloudflare
age
2671997
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=339fab82-0394-4a92-aa6a-6042aa8bfb8d-subset.woff?r=0
cf-ray
766631eb1c05aae7-SYD
expires
Sat, 07 Oct 2023 14:37:13 GMT
optimize
c.bannerflow.net/io/api/image/ Frame F09A 		932 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fvideoslots%2F5b51d34868173955bc45cde2%2Fimages%2F1b53a974-18d2-4422-930f-2a8579ca537c.jpg&w=321&h=563&q=85&f=webp&rt=contain
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.8efb8a8f987018efd96b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f613fc898027e01e4c9285fc8b189e14fe34bc33dd65650adb1170e87c7bf5d7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:30 GMT
cf-cache-status
HIT
last-modified
Mon, 07 Nov 2022 00:31:53 GMT
api-supported-versions
2.0
server
cloudflare
age
44317
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
766631eb6925a94f-SYD
content-length
932
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame F09A 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fvideoslots%2F5b51d34868173955bc45cde2%2Fimages%2F96fdfd0a-10ed-4cb4-a240-a62e6a91bbb6.png&w=123&h=17&q=85&f=webp&rt=contain
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.8efb8a8f987018efd96b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74784c8ab69c6047979ebc2810538e6d706b197ab1b7ead8492f8c3b269dab0c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:30 GMT
cf-cache-status
HIT
last-modified
Sun, 06 Nov 2022 15:07:42 GMT
api-supported-versions
2.0
server
cloudflare
age
78168
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
766631eb6926a94f-SYD
content-length
1202
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame F09A 		870 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fvideoslots%2F5b51d34868173955bc45cde2%2Fimages%2Febd95c8d-0d33-4b53-a6c5-eae7aa45a748.png&w=71&h=14&q=85&f=webp&rt=contain
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.8efb8a8f987018efd96b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
047dd419be81739b93d085506e9be73a9260b4d8d8b99ce303fdb16ea56bb859

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:30 GMT
cf-cache-status
HIT
last-modified
Mon, 07 Nov 2022 00:31:52 GMT
api-supported-versions
2.0
server
cloudflare
age
44318
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
766631eb6927a94f-SYD
content-length
870
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame F09A 		824 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fvideoslots%2F5b51d34868173955bc45cde2%2Fimages%2Fcc49c68b-fc8a-44cb-8c2e-9f3bf6999338.png&w=21&h=20&q=85&f=webp&rt=contain
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.8efb8a8f987018efd96b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65932199ad7eafa8f42880a9d8f7b24d148aa99b110869670aada0b9446e2798

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:30 GMT
cf-cache-status
HIT
last-modified
Sun, 06 Nov 2022 15:16:05 GMT
api-supported-versions
2.0
server
cloudflare
age
77665
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
766631eb6929a94f-SYD
content-length
824
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame F09A 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fvideoslots%2F5b51d34868173955bc45cde2%2Fimages%2Fe411d746-fa3b-4586-aff1-506da4b8280b.png&w=82&h=49&q=99&f=webp&rt=contain
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.8efb8a8f987018efd96b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc188663cff3c3a63b6ea5485448eb873694318dae8fa048678662373971dd26

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:30 GMT
cf-cache-status
HIT
last-modified
Mon, 07 Nov 2022 00:52:43 GMT
api-supported-versions
2.0
server
cloudflare
age
43067
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
766631eb792ca94f-SYD
content-length
5934
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
font
c.bannerflow.net/fs/api/v2/ Frame 1DC1 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5b51d2c1a4dbc1557037c930%2F339fab82-0394-4a92-aa6a-6042aa8bfb8d.woff%3Fr%3D0.6752528648206917&t=%20%24%25%26%2B%2C.%2F01234568%3AABCDFGLMNOPRTVWabcdefghijklmnopqrstuvwxy%E2%80%93%E2%80%99
Requested by
Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_CAS_ACQ_NZ_WelcomeOfferOct2022_300x250&pubhost=anotepad.com&apnauc=6395989821403982122&tclk=https%3A%2F%2Flax1-ib.adnxs.com%2Fclick%3FpCTON1n53D91A12pwSnOPwAAAAApXAlAKSIamdvP0T-yaDo7GRzhPyppzOvaHsNYBkhHiYKqFhQO_2hjAAAAAM3nWQHVGwAAmBwAAAIAAAAvuykXvt4QAAAAAABVU0QAVVNEACwB-gCYHQAAAAABAQUCAAAAAK4AuCJZ9gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21txUMUQjBiecZEK_2prkBGL69QyAAKAAxmpmZmZmZ7T86CUxBWDE6NTUzN0DZL0kAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNMQVgxOjU1Mzc%3D%2Fbn%3D93919%2Fclickenc%3D&client=Videoslots&dspid=3bc1d7fd2e&placement=DDM_APN_CAS_ACQ_NZ_300x250&bidid=6395989821403982122&_cb=708776318
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
239ab2e68c75eab8347c993ab885a04b50d95c81294f51cc09a0d2ae1c8d3e26

Request headers

Referer
https://ssl.connextra.com/
Origin
https://ssl.connextra.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:50:30 GMT
cf-cache-status
HIT
last-modified
Fri, 07 Oct 2022 14:37:13 GMT
server
cloudflare
age
2671997
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=339fab82-0394-4a92-aa6a-6042aa8bfb8d-subset.woff?r=0
cf-ray
766631ebaca7aae7-SYD
expires
Sat, 07 Oct 2023 14:37:13 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.floors.dev
URL
https://api.floors.dev/sgw/v1/floors
Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=106
Domain
oajs.openx.net
URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&rid=esp&cc=1
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=2223364&size_id=2&alt_size_ids=55&rp_schain=1.0,1!freestar.com,1036,1,,,&eid_audigent.com=0001yum0eakgjaifdl7eblija66blijibhk6ilibb6abackkc2jl%5E1&tpid_tdid=aecd6e24-a5c6-432b-b87d-76314db61f68&eid_adserver.org=aecd6e24-a5c6-432b-b87d-76314db61f68&rf=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&tg_i.name=anotepad-com&tg_i.domain=anotepad.com&tg_i.cat=IAB5&tg_i.sectioncat=IAB5&tg_i.pagecat=IAB5&tg_i.page=https%3A%2F%2Fanotepad.com%2Fnotes%2F32ay37df&tg_i.fs_ad_product=stickyFooter&tg_i.pbadslot=%2F15184186%2Fanotepad_adhesion%2Fanotepad_adhesion&tk_flint=pbjs_lite_v7.19.0&x_source.tid=6e73224d-ccaa-4e10-aac5-c7ca499114bc&l_pb_bid_id=185b593bcf184d9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F15184186%2Fanotepad_adhesion%2Fanotepad_adhesion&slots=1&rand=0.39834687787235934
Domain
grid.bidswitch.net
URL
https://grid.bidswitch.net/hbjson
Domain
cs.nex8.net
URL
https://cs.nex8.net/cs/openx
Domain
cs.nex8.net
URL
https://cs.nex8.net/cs/openx
Domain
api.floors.dev
URL
https://api.floors.dev/sgw/v1/floors
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%5BUID%5D
Domain
match.rundsp.com
URL
https://match.rundsp.com/redirect?ex=openx

Verdicts & Comments Add Verdict or Comment

182 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dataLayer object| freestar object| Notepad function| admiral object| googletag object| regeneratorRuntime function| $ function| jQuery object| jQuery1124016164950276844303 function| fnLookup function| fnLanguage function| fnEmailNote function| fnEmailNoteSend function| fnPremiumUpgrade function| fnImportFile function| fnAttachFile function| fnUpgradeNow function| fnMobileMenu function| fnTaskSave function| fnTaskSaveClicked function| fnTaskNewClicked function| fnTaskCheckboxClicked function| fnTaskDeleteClicked function| fnTaskTextFocus function| fnTaskTextBlur function| fnTaskTextNewFocus function| fnTaskTextNewBlur function| fnTaskTextNewKeyDown function| fnTaskTextKeyDown function| fnTextNoteToTask function| fnTaskToTextNote function| fnRichTextEditor function| fnPlainTextEditor function| fnTaskEditor function| fnSortByTitle function| fnSortByUpdated function| fnManageFolders function| fnLoadManageFolderContent function| fnMenuActionShareFolder function| fnFolderShareClicked function| fnShowNoteVersions function| fnLoadNoteVersions function| fnMenuActionDeleteFolder function| fnMenuActionRenameFolder function| fnCreateFolder function| fnDeleteFolder function| fnRenameFolder function| fnRenameFolderSave function| fnRenameFolderCancel function| fnOpenFolder function| fnLoadFolderList function| fnMoveNoteToFolder function| fnEnableNoteDragDrop function| fnSaveNote function| fnSaveNoteNew function| fnSaveNoteEdit function| fnSaveNoteQuickEdit function| fnAutoSaveInit function| fnAutoSaveNote function| fnAutoSaveNoteNew function| fnAutoSaveNoteEdit function| fnAutoSaveNoteQuickEdit function| fnManageNoteAccess function| fnUpdateNoteAccessText function| fnCommentLoad function| fnCommentAdd function| fnCommentDelete function| fnCommentReply function| fnShowAlert function| fnLoadNoteFileList function| fnDeleteNoteFile function| fnDeleteNote function| fnCopyNote function| fnTinymceInit object| addthis_config object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| fsdata object| _comscore object| fsprebid function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto function| load_script object| confiant object| COMSCORE function| udm_ object| ns_p function| 4dm1r11545242527 object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady object| fsprebidChunk object| _pbjsGlobals object| mnet boolean| __@@##MUH object| ggeac object| google_js_reporting_queue object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl boolean| __bt_already_invoked undefined| google_measure_js_timing object| addthis_share object| google_reactive_ads_global_state object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| oattr object| GoogleGcLKhOms object| ox_esp function| setImmediate function| clearImmediate object| _qevents object| Criteo object| pbjs function| __esp_getUID2Async object| __uid2 string| mantis_uuid object| google_image_requests function| quantserve function| __qc object| ezt object| _qoptions object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_130 object| Criteo_prebid_130 number| lnt_z

193 Cookies

Domain/Path Name / Value
anotepad.com/ Name: fs.bot.check
Value: true
anotepad.com/ Name: fs.session.id
Value: 22fe4c1d-6de5-4532-922c-a32312482f86
.anotepad.com/ Name: _gid
Value: GA1.2.1054080811.1667825417
.anotepad.com/ Name: _gat_UA-8870545-1
Value: 1
.anotepad.com/ Name: _ga_6PG3MM86KX
Value: GS1.1.1667825417.1.0.1667825417.0.0.0
.anotepad.com/ Name: _ga
Value: GA1.1.1744394758.1667825417
.scorecardresearch.com/ Name: UID
Value: 13D88dc56099045b258c0f71667825417
.anotepad.com/ Name: _awl
Value: 2.1667825418.0.5-109f0bb32cc5aa6f67cd5a5080c4098e-6763652d75732d7765737431-0
.pub.network/ Name: _fsuid
Value: 249dc062-8d6b-44aa-9ca6-ac894bcabe4f
anotepad.com/ Name: __atuvc
Value: 1%7C45
anotepad.com/ Name: __atuvs
Value: 6368ff08e003811b000
anotepad.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
anotepad.com/ Name: _lr_retry_request
Value: true
anotepad.com/ Name: _lr_env_src_ats
Value: false
.addthis.com/ Name: uvc
Value: 1%7C45
.adsrvr.org/ Name: TDID
Value: aecd6e24-a5c6-432b-b87d-76314db61f68
.addthis.com/ Name: ouid
Value: 6368ff0c00010208207e108e0947a4e7426c4148be9c07f9accb
.addthis.com/ Name: di2
Value: aVTu[#$M`6Hq#)Fo
.addthis.com/ Name: um
Value: j.'2022110712502019500078320727'
.addthis.com/ Name: uid
Value: 6368ff0c78cf0c09
.addthis.com/ Name: na_id
Value: 2022110712502019500078320727
.addthis.com/ Name: vc
Value: 2
.addthis.com/ Name: loc
Value: MDAwMDBPQ05aMDAxNDM0MzU0NzAwMTAwMDBDSA==
.anotepad.com/ Name: __gpi
Value: UID=00000b772d25a617:T=1667825420:RT=1667825420:S=ALNI_MYyJwUMnzfsi3gcI5yyRUpCZRLZbw
.undertone.com/ Name: UTID
Value: 4918893f26424e4590fde0be5f93a26a
.undertone.com/ Name: UTID_ENC
Value: 4bsdjqwqbccx9qtwk2lqzo3fu
.doubleclick.net/ Name: IDE
Value: AHWqTUmTRWlDih1hjvkn8k0hjoZXImwzIBYkTAI106FUjKpS2USta_t0OHAzihNaBnQ
.anotepad.com/ Name: __gads
Value: ID=39b5baa458c18c00:T=1667825420:S=ALNI_Mb5SB_zKHLPE10idr1M4wz41ieD4w
.openx.net/ Name: i
Value: bd48dedd-b4fa-45d4-a0f6-c38d9c05852d|1667825421
.sharethrough.com/ Name: stx_user_id
Value: d1fe1e2f-d205-4d4e-9a80-f14998f71484
.adnxs.com/ Name: uuid2
Value: 1447531807871813638
.mantisadnetwork.com/ Name: mantis_id
Value: bbbd2e19-9bb4-41d0-8975-3079e1f0287a
.yahoo.com/ Name: A3
Value: d=AQABBA7_aGMCEM2jgxKDETUENfiauHONBcwFEgEBAQFQamNyYwAAAAAA_eMAAA&S=AQAAArIR0BqpMLKwSBD7s_suNXw
.go.sonobi.com/ Name: __uis
Value: ad4e1879-8c3a-4d8c-9af9-65bddaec8053
.go.sonobi.com/ Name: _usd_anotepad.com
Value: 3ec970c6-5b84-415e-af31-ec50eab0b5bb
.go.sonobi.com/ Name: __uin_td
Value: cf438984-3957-4eb5-b82e-46a57fbff50a
.go.sonobi.com/ Name: __uin_bw
Value: e9edd8fb-e55e-445f-ae7d-e9feb1d8b09d
.go.sonobi.com/ Name: __uin_tl
Value: 2651907977018660045626
.go.sonobi.com/ Name: __uin_mm
Value: 0f4562ea-3f8a-4800-b30b-5c0d407ece85
.go.sonobi.com/ Name: __uih
Value: 1
.onetag-sys.com/ Name: OTP
Value: O-oRwzYQXGzF4CzjnVUfTZF_ORQ-_KIBP5CDy2Y-4mU
.doubleclick.net/ Name: DSID
Value: NO_DATA
.mathtag.com/ Name: uuid
Value: fecc6368-ff0f-4500-8782-ef9de7e74b2d
.rubiconproject.com/ Name: khaos
Value: LA6S718R-H-JE1C
.yieldmo.com/ Name: yieldmo_id
Value: g1c16bcd983f7de09596%7C1667825424188%7C0%7C
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVGhlgo:!]tbPl1M>e)ZlrFUfJ+tGXxoaG7u*gTxt8P9%B^*a^I_2?lGzY_.z%FQjFDk3If)y3KL9D3I?+U%8Y8V
.ads.yieldmo.com/ Name: ptrt
Value: aecd6e24-a5c6-432b-b87d-76314db61f68
.openx.net/ Name: univ_id
Value: 537072971|aecd6e24-a5c6-432b-b87d-76314db61f68|1667825424625560
.ads.yieldmo.com/ Name: ptran
Value: 1447531807871813638
.advertising.com/ Name: A3
Value: d=AQABBBD_aGMCEAz2nK8q2cM9iG27J3_ZVJgFEgEBAQFQamNyYwAAAAAA_eMAAA&S=AQAAAtJOIUsMTwEufUc_cc_uSog
.casalemedia.com/ Name: CMPS
Value: 5314
.ladsp.com/ Name: cr
Value: 1
.socdm.com/ Name: SOC
Value: Y2j-EcCo5s0AAPVpBNYAAAAA
.turn.com/ Name: uid
Value: 2666033777751808314
.bidswitch.net/ Name: c
Value: 1667825425
.bidswitch.net/ Name: tuuid_lu
Value: 1667825425
.adingo.jp/ Name: ID
Value: abe6d8ee1230d0783d6850ccc87d12ba
.go.sonobi.com/ Name: HAPLB3A
Value: s3556|Y2j/F
.w55c.net/ Name: wfivefivec
Value: EMAmbLl81OS1A55
.adnxs.com/ Name: icu
Value: ChgIodc0EAoYAyADKAMwkf6jmwY4A0ADSAMQkf6jmwYYAg..
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 8BEF0174-B64A-4E0E-8223-1C141AF7A63B
.ads.yieldmo.com/ Name: ptrrc
Value: LA6S718R-H-JE1C
.ladsp.com/ Name: smn_uid
Value: nezz5pttgyCWM0f0rP7TBg7--j4sJF8
.ladsp.com/ Name: lum
Value: CLe4kZHFMBIFCAEQqAE
.w55c.net/ Name: matchgoogle
Value: 5
.bidr.io/ Name: bito
Value: AAC90k7G0f4AAB_tgSnQBw
.bidr.io/ Name: bitoIsSecure
Value: ok
.quantserve.com/ Name: d
Value: EKUBCwHCJ_ijAA
.quantserve.com/ Name: mc
Value: 6368ff11-a767f-526bf-8461b
.yandex.ru/ Name: yuidss
Value: 7962419071667825425
.yandex.ru/ Name: yandexuid
Value: 7962419071667825425
.undertone.com/ Name: UID_EXT_39
Value: 258986a3-1dd2-4640-90a5-14a20f8e9682
.undertone.com/ Name: UID_EXT_46
Value: aecd6e24-a5c6-432b-b87d-76314db61f68
.w55c.net/ Name: matchpubmatic
Value: 5
.ads.yieldmo.com/ Name: ptrstk
Value: 6tV1AYqSSLBHjMFoFpEXBXRaSss
.ads.yieldmo.com/ Name: ptreps
Value: AAALXEaF39AMIQMmhHTOAAAAAAA
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-56a03438-ed82-4e3d-6399-790486cfa178.3za8iRi%2FYhrAyXtwOvEWUl3UbKkgxBCswspUxV1N%2Bpg
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AVqA0OO2CTj1jmXkEhs-heHRaSss.ba3suwY%2BF4wOVjbMvmFTcGSt%2FIhkMdYfBsaCPGcaf8k
.bidswitch.net/ Name: tuuid
Value: fc240e64-2c43-4293-a491-f4a75f6549c2
.sitescout.com/ Name: ssi
Value: 0cedcec1-0595-4a97-9e3c-1b0a7c3569e7#1667825425858
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjY3ODI1NDI1fQ
.criteo.com/ Name: uid
Value: 97b81850-044d-4115-b230-8bd1be87446c
.ctnsnet.com/ Name: cid_15989db9f61442c79a4145281c70897b
Value: 1
.brand-display.com/ Name: _knxq_
Value: 3e116b3e-d2a7-036e-2abdccb7.1667825426.0.1667825426.1667825426
.33across.com/ Name: 33x_ps
Value: u%3D212025377257192%3As1%3D1667825426049%3Ats%3D1667825426049
.company-target.com/ Name: tuuid
Value: e5942ac9-15b6-4f9f-a1d0-c65df4a77304
.company-target.com/ Name: tuuid_lu
Value: 1667825426
.mookie1.com/ Name: id
Value: 10524138275672831780
.mookie1.com/ Name: mdata
Value: 1|10524138275672831780|1667825426098
.mookie1.com/ Name: ov
Value: cf3d2afd320fc7316560485a8cf3998f
.ambientdsp.com/ Name: _aGeoIp
Value: NZ-Auckland
.ambientdsp.com/ Name: _aUID
Value: xq51zsjdhgk
.c.appier.net/ Name: _auid
Value: hUCdsSvsBUCtDCbFEv9oYw
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y2j-EgAGTIs6agAO
.adform.net/ Name: C
Value: 1
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEK_0jnOvaTjmfRy-Lmwt59A&KRTB&16514-CAESEK_0jnOvaTjmfRy-Lmwt59A&KRTB&23025-CAESEK_0jnOvaTjmfRy-Lmwt59A&KRTB&23386-CAESEK_0jnOvaTjmfRy-Lmwt59A
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-x7-2Q5fqsUrc7bdNxuqtTsO64h3ctLRNwO5_Itiu&KRTB&19420-x7-2Q5fqsUrc7bdNxuqtTsO64h3ctLRNwO5_Itiu&KRTB&22979-x7-2Q5fqsUrc7bdNxuqtTsO64h3ctLRNwO5_Itiu&KRTB&23403-x7-2Q5fqsUrc7bdNxuqtTsO64h3ctLRNwO5_Itiu
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-1447531807871813638&KRTB&23339-1447531807871813638
.connextra.com/ Name: CxtId
Value: 6a977d9e-9e3f-4cb3-aca0-0ffe90206f9a
.connextra.com/ Name: Videoslots
Value: A%7Cpostimpression%7C1%7C202211071250%7C7%7CDDM_APN_CAS_ACQ_NZ_300x250%7CDDM_CAS_ACQ_NZ_WelcomeOfferOct2022_300x250%7C%7C%7CMbNQVPCnQ9-8jw9bTNO9Dw
.anotepad.com/ Name: cto_bundle
Value: 66TsO19Fa0E2UGZMSGcyY0hVRThRZHNXMkcyJTJCdEc3SEV6eFdoeTJGWm9raklCJTJGMXFWRSUyQnolMkJzTG1hdGlFeHFZNHMySUJqUkJmZUZwdWlZWSUyRnA1WDU1MkxxUFBQUXZwaXFyNTBta3R3d0tTZExyJTJGRkNpdHdIbEZiUkRsSFlyZ3FJcE9HOG04ZHZNdERhWGdKaWpCZiUyQkN2VnNhUSUzRCUzRA
.undertone.com/ Name: UID_EXT_47
Value: LA6S718R-H-JE1C
.simpli.fi/ Name: suid
Value: 9B4E31979F8D4E72B480B22951A5C75C
.pubmatic.com/ Name: KRTBCOOKIE_1159
Value: 23138-15989db9f61442c79a4145281c70897b&KRTB&23328-15989db9f61442c79a4145281c70897b
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:fecc6368-ff0f-4500-8782-ef9de7e74b2d&KRTB&16736-uid:fecc6368-ff0f-4500-8782-ef9de7e74b2d&KRTB&23019-uid:fecc6368-ff0f-4500-8782-ef9de7e74b2d&KRTB&23208-uid:fecc6368-ff0f-4500-8782-ef9de7e74b2d
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-JuyJllLzRP5fddEZArGtwXRaSss&KRTB&23334-JuyJllLzRP5fddEZArGtwXRaSss&KRTB&23417-JuyJllLzRP5fddEZArGtwXRaSss
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-aecd6e24-a5c6-432b-b87d-76314db61f68&KRTB&22918-aecd6e24-a5c6-432b-b87d-76314db61f68&KRTB&23031-aecd6e24-a5c6-432b-b87d-76314db61f68
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:EMAmbLl81OS1A55&KRTB&23421-uid:EMAmbLl81OS1A55
.ads.stickyadstv.com/ Name: UID
Value: 6b6185a929ae6aa278b2a0f2c5ec1fe
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: Y2j-ELQHPsPZv3bjUYpljgAA&5314
.pippio.com/ Name: did
Value: Iq1z16uh9C-3RcHV
.pippio.com/ Name: didts
Value: 1667825426
.pippio.com/ Name: nnls
Value:
.pubmatic.com/ Name: KRTBCOOKIE_1290
Value: 23368-xq51zsjdhgk
.tribalfusion.com/ Name: ANON_ID
Value: aonseFq0I1e9yNy6QwmYtNTZdF5NW8dJZb6LSEQjUT71o8YaRa7wv34ZcPXTVoW9nFHGoByriQ5CCYEYCo1amZdZd
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-hUCdsSvsBUCtDCbFEv9oYw&KRTB&23130-hUCdsSvsBUCtDCbFEv9oYw
.sitescout.com/ Name: _ssuma
Value: eyIzOSI6MTY2NzgyNTQyNjMwMSwiNyI6MTY2NzgyNTQyNjMwMSwiODAiOjE2Njc4MjU0MjYzMDF9
.undertone.com/ Name: UID_EXT_57
Value: Y2j_ELQHPsPZv3bjUYpljgAAFMIAAAAB
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAC90k7G0f4AAB_tgSnQBw
.adform.net/ Name: uid
Value: 6175201927420910676
.undertone.com/ Name: UID_EXT_56
Value: y-eVaSTF1E2uGV1w.yBEeB33i_xZSYu2r4Pw.rcBM-~A
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:EFB58C39959848CF98FAFE5E90FBBA3A
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y2j-EgAGTIs6agAO&KRTB&22978-Y2j-EgAGTIs6agAO&KRTB&23194-Y2j-EgAGTIs6agAO&KRTB&23209-Y2j-EgAGTIs6agAO
.rlcdn.com/ Name: pxrc
Value: CJD+o5sGEgUI6AcQABIFCOhHEAESBgi46wEQAhIGCO25KxAA
.tapad.com/ Name: TapAd_TS
Value: 1667825426679
.tapad.com/ Name: TapAd_DID
Value: 10f90be7-2fc3-48af-b44a-471735ad387f
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6175201927420910676&KRTB&23263-6175201927420910676
.casalemedia.com/ Name: CMID
Value: Y2j-EOPXzZ1yIvSljRgADwAA
.casalemedia.com/ Name: CMTS
Value: 4926
.casalemedia.com/ Name: CMPRO
Value: 4754
.dotomi.com/ Name: DotomiTest
Value: 167d5ef7982920a8
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&5a53d068-037c-46de-80e5-35e291515ac7"
.linkedin.com/ Name: lidc
Value: "b=OGST00:s=O:r=O:a=O:p=O:g=2842:u=1:x=1:i=1667825426:t=1667911826:v=2:sig=AQEiesKXGYdFa38wBc50HZQiYFmbkHhp"
.tynt.com/ Name: uid
Value: LTSFWGNo/xOBrGPCLSSSqg==
ads.playground.xyz/ Name: connect.sid
Value: s%3AY46r9qAVjYmaiRLTULlordVW-ydEKZnS.ddTDI72NG2qu6GNWBneNxdNRkk2W1P1lLQNUiaNWs9U
.rlcdn.com/ Name: rlas3
Value: HFq4gmTv2ZvAkitaU/B801RyC0t/CVGfJnUDXFelbas=
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2666033777751808314&KRTB&23150-2666033777751808314
.bluekai.com/ Name: bku
Value: fEy99OwdSswf8XRh
.bluekai.com/ Name: bkpa
Value: KJy9v9eUd02pSUHknpWNBEAlwtkAwEHiztH3zU5hRZBMKekh5c5g1ZhhKZXpj7De9O/OeMT=
.dpm.demdex.net/ Name: dpm
Value: 27173276043960837581086499935030356105
.demdex.net/ Name: demdex
Value: 27173276043960837581086499935030356105
.pippio.com/ Name: pxrc
Value: CJP+o5sGEgQIAhAAEgYI7OsBEAA=
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAALmhe7Dh2e-gNIpIfVAAAAAAA&KRTB&22713-AAALmhe7Dh2e-gNIpIfVAAAAAAA&KRTB&22715-AAALmhe7Dh2e-gNIpIfVAAAAAAA
.krxd.net/ Name: _kuid_
Value: PL0FvJ4t
.amazon-adsystem.com/ Name: ad-id
Value: A7GS8uxegUislCHwnkXJ1zg
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%223bfd58deb3%22%2C%22f%22%3A1%2C%22ts%22%3A1667825427329%7D%2C%7B%22p%22%3A%227912d88d74%22%2C%22f%22%3A1%2C%22ts%22%3A1667825427329%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1667825427329%7D%2C%7B%22p%22%3A%22bac1bc34e2%22%2C%22f%22%3A1%2C%22ts%22%3A1667825427329%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1667825427329%7D%2C%7B%22p%22%3A%22008c314e8f%22%2C%22f%22%3A1%2C%22ts%22%3A1667825427329%7D%5D
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: 2a9a058f7981034767312131d10a4f35
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMEq0TDQwtUgzt7QwNDA2MTczNzY0MjQ2TDE0SDRJMzZlAILkjP%2FCIBoKAC6LCZU%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIzvgvDKSgAAAXiQHe"
.media.net/ Name: visitor-id
Value: 3108270277444370000V10
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.smartadserver.com/ Name: pid
Value: 5107663499214103132
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AAC90k7G0f4AAB_tgSnQBw
.mookie1.com/ Name: syncdata_TAP
Value: 1
.linksynergy.com/ Name: rmuid
Value: 2218b310-3bed-4d17-a611-7e4f5f07a76d
.linksynergy.com/ Name: icts
Value: 2022-11-07T12:50:27Z
.undertone.com/ Name: UID_EXT_53
Value: 8BEF0174-B64A-4E0E-8223-1C141AF7A63B
.mookie1.com/ Name: syncdata_IOW
Value: 1
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 5
.pubmatic.com/ Name: pi
Value: 156696:4
.pubmatic.com/ Name: DPSync3
Value: 1668988800%3A226_245_201_197%7C1668384000%3A248_164%7C1667865600%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1668384000%3A223_2_15%7C1672963200%3A69%7C1669075200%3A35%7C1668988800%3A8_56_176_5_3_220_189_22_179_107_204_234_71_238_247_96_7_231_54_233_165_209_13_99_21%7C1668643200%3A63
.openx.net/ Name: pd
Value: v2|1667825424.3|lYvOiajEiuuIlQkalUhI.vysnrAjIpMvGvAkqvHsP
pool.admedo.com/ Name: tuuid
Value: 5a23bee7-cf80-482b-83af-8635d41aecd9
pool.admedo.com/ Name: c
Value: 1667825428
pool.admedo.com/ Name: tuuid_lu
Value: 1667825428
.analytics.yahoo.com/ Name: IDSYNC
Value: "18z9~285o:175w~285o:1969~285o:18z8~285o:18za~285o"
.blismedia.com/ Name: b
Value: 6368FF148519449BB0BC2325BLIS
.anotepad.com/ Name: __qca
Value: P0-929662524-1667825424379
.rubiconproject.com/ Name: audit
Value: 1|5VjrwXSftGn7MMxp48CFk2mX3QMp0EhB3p2tosNHu0OgPkpb7mceI2JwujrnVHXxiWRlOWdrS2OM1KxoLazIt6NWShwHx7KI6rocrMY9/A/bqWMcc5SkbH2xuYqJQwiV1OVM6IOFW4aBaLNgxWbfIYMXf57b3q4YWkSB3vEDad11lSmgR8yx1M9sdGeFC9lF
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!7476
.contextweb.com/ Name: V
Value: hLq5f3lwIBXd
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1h3j|7dN.0.AAC90k7G0f4AAB_tgSnQBw
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 4573ee8e9adc8c79
.mookie1.com/ Name: syncdata_NEU
Value: 1
.undertone.com/ Name: UID_EXT_54
Value: 0cedcec1-0595-4a97-9e3c-1b0a7c3569e7-6368ff11-4e5a
.semasio.net/ Name: SEUNCY
Value: 3D1D422D89C7D5
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-fc240e64-2c43-4293-a491-f4a75f6549c2
.w55c.net/ Name: matchopenx
Value: 5
.r-ad.ne.jp/ Name: r_ad_token
Value: 51LCoT007BDAY008SkuH
.agkn.com/ Name: ab
Value: 0001%3AiyvYmCUip3SCs54h8Po72%2BgslPjM9R7a
.ads.yieldmo.com/ Name: ptrbsw
Value: fc240e64-2c43-4293-a491-f4a75f6549c2
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHcnViaWNvbhILCMjKicSVsqA7EAUSFQoGY2FzYWxlEgsIyOXXy5WyoDsQBRIYCgliaWRzd2l0Y2gSCwjkhK3clbKgOxAFEhQKBXRhcGFkEgsIjp2R4ZWyoDsQBRgBIAEoAjILCPL-qZ2ssqA7EAU4AVoLYWRjb25kdWN0b3JgAg..
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-d198bfc5-cb4a-4f60-b1da-4878327bd77c-004%22%2C%22nxtrdr%22%3Afalse%7D
s2s.t13.io/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsiYmlkc3dpdGNoIjp7InVpZCI6ImZjMjQwZTY0LTJjNDMtNDI5My1hNDkxLWY0YTc1ZjY1NDljMiIsImV4cGlyZXMiOiIyMDIyLTExLTIxVDEyOjUwOjMwLjAyODI4NDg4NVoifSwib25ldGFnIjp7InVpZCI6Ik8tb1J3ellRWEd6RjRDempuVlVmVFpGX09SUS1fS0lCUDVDRHkyWS00bVUiLCJleHBpcmVzIjoiMjAyMi0xMS0yMVQxMjo1MDoyNC41ODYwNjY5MTVaIn0sInNtYXJ0YWRzZXJ2ZXIiOnsidWlkIjoiNTEwNzY2MzQ5OTIxNDEwMzEzMiIsImV4cGlyZXMiOiIyMDIyLTExLTIxVDEyOjUwOjI5LjAzMTUwMjkxNloifSwiMzNhY3Jvc3MiOnsidWlkIjoiMjEyMDI1Mzc3MjU3MTkyIiwiZXhwaXJlcyI6IjIwMjItMTEtMjFUMTI6NTA6MjcuOTgxOTMyMTc4WiJ9fSwiYmRheSI6IjIwMjItMTEtMDdUMTI6NTA6MjQuNTg1OTQ2Njg5WiJ9
.pubmatic.com/ Name: SPugT
Value: 1667825430
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-d198bfc5-cb4a-4f60-b1da-4878327bd77c-004%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-d198bfc5-cb4a-4f60-b1da-4878327bd77c-004&KRTB&17107-RX-d198bfc5-cb4a-4f60-b1da-4878327bd77c-004
.pubmatic.com/ Name: PugT
Value: 1667825431

9 Console Messages

Source Level URL
Text
javascript error URL: https://anotepad.com/notes/32ay37df
Message:
Access to fetch at 'https://api.floors.dev/sgw/v1/floors' from origin 'https://anotepad.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://api.floors.dev/sgw/v1/floors
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://anotepad.com/notes/32ay37df
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=106' from origin 'https://anotepad.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=106
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://cs.nex8.net/cs/openx
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://cs.nex8.net/cs/openx
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript error URL: https://anotepad.com/notes/32ay37df
Message:
Access to fetch at 'https://api.floors.dev/sgw/v1/floors' from origin 'https://anotepad.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://api.floors.dev/sgw/v1/floors
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://match.rundsp.com/redirect?ex=openx
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

126b847860f6d44768794826a7cbca66.safeframe.googlesyndication.com
a.pub.network
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
adservice.google.co.nz
adservice.google.com
an.yandex.ru
anotepad.com
apex.go.sonobi.com
api.btloader.com
api.floors.dev
api.rlcdn.com
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
biddr.brealtime.com
bk.r-ad.ne.jp
btloader.com
btlr.sharethrough.com
c.bannerflow.net
c.pub.network
c1.adform.net
c2shb.pubgw.yahoo.com
c2shb.ssp.yahoo.com
cc.adingo.jp
cdn.adnxs.com
cdn.anotepad.com
cdn.confiant-integrations.net
cdn.id5-sync.com
cdn.indexww.com
cdn.undertone.com
cdnjs.cloudflare.com
cm.adgrx.com
cm.ambientdsp.com
cm.g.doubleclick.net
cms.quantserve.com
colossusssp.com
core.iprom.net
cr-p1.ladsp.com
cr-p3.ladsp.com
cs.admanmedia.com
cs.emxdgt.com
cs.nex8.net
csync.loopme.me
curvedhoney.com
cw.addthis.com
d.adroll.com
d.pub.network
de.tynt.com
dis.criteo.com
dmp.brand-display.com
dpm.demdex.net
dps.jp.cinarra.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
ecs.mantisadnetwork.com
eus.rubiconproject.com
events-ssc.33across.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
freestar-d.openx.net
freestar-io.videoplayerhub.com
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb.undertone.com
hbopenbid.pubmatic.com
hbx.media.net
hde.tynt.com
htlb.casalemedia.com
i.w55c.net
ib.adnxs.com
id.hadron.ad.gt
id.rlcdn.com
id.sharedid.org
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
ipac.ctnsnet.com
jp-u.openx.net
js-sec.indexww.com
lax1-ib.adnxs.com
m.addthis.com
mantodea.mantisadnetwork.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.rundsp.com
match.sharethrough.com
oa.openxcdn.net
oajs.openx.net
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
pippio.com
pixel-apac.rubiconproject.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.yabidos.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
pre.glotgrx.com
prod.uidapi.com
protected-by.clarium.io
pubmatic-match.dotomi.com
px.ads.linkedin.com
qsearch-a.akamaihd.net
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
s0.2mdn.net
s2s.t13.io
s7.addthis.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssl.connextra.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.go.sonobi.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
tags.bluekai.com
tags.rd.linksynergy.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usr.undertone.com
v1.addthisedge.com
v9999.adv.admeme.net
www.google-analytics.com
www.google.co.nz
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
yieldmo-match.dotomi.com
z.moatads.com
api.floors.dev
api.rlcdn.com
btlr.sharethrough.com
cs.admanmedia.com
cs.nex8.net
fastlane.rubiconproject.com
grid.bidswitch.net
match.rundsp.com
oajs.openx.net
s7.addthis.com
sync.go.sonobi.com
103.229.10.171
103.229.206.240
103.231.98.193
103.231.98.194
103.231.98.196
103.231.98.197
104.16.118.195
104.16.12.64
104.16.201.58
104.17.119.107
104.17.25.14
104.18.12.76
104.18.13.76
104.18.16.107
104.18.18.126
104.18.19.126
104.18.20.206
104.18.25.173
104.22.52.86
104.254.150.228
104.254.151.69
104.26.3.70
104.26.6.139
104.26.9.50
107.178.244.193
107.178.254.65
108.139.243.47
108.139.243.7
119.9.108.180
13.107.42.14
13.228.105.246
13.228.240.119
13.228.50.99
13.229.186.111
13.250.173.68
13.250.192.86
13.33.88.32
13.33.88.61
13.33.88.71
13.33.88.81
13.49.167.89
130.211.23.194
139.162.58.205
139.5.84.243
141.95.98.64
142.250.4.94
142.251.10.102
142.251.10.157
142.251.12.148
142.251.12.154
142.251.12.155
142.251.12.97
151.101.129.108
151.101.130.49
172.217.194.132
172.217.194.94
172.253.118.149
172.253.118.157
175.41.187.173
18.138.18.111
18.155.68.53
18.155.68.67
18.176.234.133
18.177.178.108
18.177.223.79
18.177.254.176
18.178.91.110
182.161.73.129
182.161.73.136
182.161.73.145
182.161.73.146
184.27.123.25
185.84.60.30
195.5.165.20
2.20.137.181
202.131.200.84
202.241.208.54
213.180.193.90
216.22.3.241
23.106.127.52
23.106.127.53
23.15.148.136
23.36.252.26
23.66.153.10
23.72.44.183
23.72.44.196
23.72.45.156
23.73.13.201
3.1.14.27
3.114.121.152
3.22.200.52
34.102.146.192
34.102.253.54
34.107.140.113
34.110.181.170
34.111.151.213
34.117.239.71
34.160.110.8
34.202.80.64
34.227.51.174
34.236.45.231
34.96.105.8
34.96.71.22
34.98.64.218
34.98.67.3
35.186.193.173
35.186.253.211
35.190.60.146
35.213.117.18
35.213.12.39
35.214.236.176
35.227.202.26
35.227.238.208
35.230.38.116
35.71.131.137
35.84.109.80
38.91.45.7
42.99.128.161
50.116.239.135
51.79.234.101
52.220.14.31
52.220.237.110
52.36.23.219
52.41.79.126
52.46.128.147
52.74.13.196
52.77.9.69
54.188.185.41
54.192.150.46
54.192.150.55
54.239.38.253
54.65.116.136
66.155.71.149
67.199.150.85
67.199.150.86
67.202.105.21
67.202.105.31
69.173.144.139
69.173.151.100
69.173.158.64
69.173.158.65
72.34.250.78
74.118.186.45
74.125.130.95
74.125.200.155
74.125.24.103
74.125.24.132
74.125.24.154
74.125.24.156
74.125.24.94
74.125.68.157
74.214.196.131
80.77.87.217
89.207.22.108
96.16.116.154
00a1081b52175533a7f3b857f50cd13add6909e438464b56998e51d827ada440
028d7cd3987974616649498c65086f6e0f06827872182f1030f8f78fd4e496ce
02d5267190e72466ca3a4ce018b4d9dcbb65839812f366f22dbacaf2d3ef5ae7
035633d67cd79df5553a58f4f0667fa7058346e228128a1191db1a0bb3081570
047dd419be81739b93d085506e9be73a9260b4d8d8b99ce303fdb16ea56bb859
04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
052416fc677e49401ffe6d1cb8724a14f2069bafa6f19d1907512c4bcc8c39b7
05252893101c3ec933ceb617e8c9ea6333b520eee5d92e8ab1d5306d9d0259a3
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bf92f80f4362c5adbec23a97e8d15461dbb44813683d4e11d5888a1f6614439
0cb3eb7bd6128f24d1e6fd51de62a61a1049d43a62f8e8d283644745df3581a3
0f0f3b998098773e2c44efc426ddf2389b690e652fee53b2dcc0686bc96cffd2
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12fcf527503235e9d6f35287613b1d3e9163c9f662bf56fe8d47f6ba3d0eb840
132ea8bc4c7a458faa8538e9aef2335177a9e263a0647d8f8de3d9b8066234b2
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
195610547f8166486be5983375136c1d5f08c4bf2b06bc6ba3a38bc6cf31d264
19f6a5101e396e7c3c44065290afaa0c1d1451aad07d85525ea95111c14419cf
1f848d12e0c73ffe76cce049dd372c19fd257214e8ec43be66bd27a4d335837f
205bd8717c5f2dccecd218321d9b43d38442b058e4ee406ca0aa9cc190a83644
2296c439f6a4b9f66707b62b3ada8300805671d83ffbf9a0245387f47e2311c3
23022383b3a03da01e4f749f771683df24f78b51c5e8bc405badf9f670d6601a
239ab2e68c75eab8347c993ab885a04b50d95c81294f51cc09a0d2ae1c8d3e26
23ecb90e3e2d336112f7039913d3b5d7b5f10b75350503568afa89a8a71f4eea
243ffb98099f4879764870b76b08cf1d85731b18d05c1b84fd4068af8af780c6
244048e73946a6788e9376e826d4717d50bdaeff7ab1be560fcdaa43f3864163
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
29a24baf918a3b9bbda58c98de4ba638f939c8b46fe292000cb833a50e4c303d
2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ae3b1224d2c754bd0627c99c168f2a55f0b7245e03dd9148959142a5b29c95a
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
300352443c8d9c947a3c1ef669ea2e3180f477a6f239542dc98ad5563dfd8ef3
30b4213756ebdf11bb064efea6d2e17d02825331c505206204e977ec74425aad
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
334e4750fcb60ad4b702751b718cd9150b001c98dea005663c45e829f9639932
349544eac2a5e347ebc6e23a6ca44ab6531e59c40f5d337ddddf1270608ce257
350a787a722a405da6e1c1c8de24d50a63726bef3d25e8fb020352e60ef35ee2
36367e0c3f5a8b490bebc5bfc526b10c7d4e4c371eb2b73d438f80f167fb9ca4
39c1cd3d955799c71f8f85a01290ff02425b3b92340a8f83d46213fd65050183
39f7934cd70665d8b0d270a08c39d99801879ef8ece0d3c94f0b48cb9597ba21
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3baa098d18318635306ba697d04cf9cce6894d1e9aa7202b05987960f7f3ea40
3c40c45207cc232e950fa315466932e038f95d51724aa6a2d1de8f95361bae55
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e93cdb9deb91dde983b9d33949f1ba15d63e6206cac33222c9ed5db2a57d2c5
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
43e399173b9ddf3830d183bb26779b709322b8dd9ba52ff56fa8226c42d76aff
442a9b031afd1f2ce0f3952d288c522c35ee3f1c924ac0303cff18f139e01bbb
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46dd068220961196933d80c89fa84869998c1c53cd17fd6ceae554b0db98375e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
491899a54e4cbe3dc68e02a98dac091406d625c1a7ed140788d7774d9b977749
49309e5aeccd601a6720ba553a17ad61c1f3f740de90ca6c3ab9304867c0ddc8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c5926d838ace2aa240041e7281e72790fde1f2310b705c5e8f85af72a66e5df
4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028
4d19ba68a2d3c490f7586659e9db596c80cccc6752e00f02c4e2bf8f4b84af26
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d621a2a8897ad3e6f3dcac6c188926f5db6ac256b62aea1826cfdfc4fd01069
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f970364ff0e0256fe3c5f2faf96150728351896c893541a14b49913ea655b55
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50686ac2fd26f59c9275f2f099d25641b6bc1cf84316ae96c6643322dffc1401
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c8ecea2c87a14b6ba5bd162863634b5101a9eeafd543caf83263070ca89d65
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c2de1085f64f34299ff633e3602a2ec6bab4291dc43a4f8a602deab2a147d7
5822d0ff4fa90ae57908ce1f5def152e4a7df89a0071e054ed7e89fbfbdb1c4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5dc0855f082f5c9a1f2993fd2a0ab84a9c0e57f59881ffd7330578ec1cc294f6
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
627fb1d7694d9869a132649aaf77979f421ef71bb44937972e344eef80fc6d66
6349e42906d89f34f676a25488e843370e7e0297de183bc3f7ca8fd1bae42415
639c95855066c8a809098256e9d8a24825b2b91cdeb043f00d44bac1f30556da
648fc80b8c1782160d9670352167f863d2ee3e41bc74bab4b18f879608c8f053
65622e9d48714f0fffd17f51dc0bf5bf1ca784c7225a6ec451ffda1307e05b51
65932199ad7eafa8f42880a9d8f7b24d148aa99b110869670aada0b9446e2798
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6959776a32569e23a433062f212859d20286c6268416e2eaf2865b721e3013b6
697e4ad2c6a3705c5fec2202b39f7b6da877b9032fd982340968bcbc58f0d57e
6982092054422f63675ccddecd3de2b10d28d370daea0978b3945c8a2e7310ac
6a01cc8046306e9d3b8a28525bbfc6b6f7d595ea2c3fa34acf2568fb0b7a5487
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b85d52272bb7ec2e4a5c5594bc8b1a545d5adba6f1c5f2e4b746c2084929625
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
6f5cb13f54997c6eb4c0a2be63c170b50bc1cae0599f5ba3d3dc710bcd9901d1
6f8676bf3bfc3de9d03230f9abe689eb43da147c6edf739526f98c50f9315356
71ada39cdf875fbf8701345113330ce40e3421244842fde2fb7932f1995239ee
71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986
71e991c91947feb894c8af47f2b280490f4e0b1333d93fe4ec7d15fff3ad5ba8
73f22d48c156344b9ce5b2ce74b83e832483968935b0efd5bd3df4e0fa675598
74784c8ab69c6047979ebc2810538e6d706b197ab1b7ead8492f8c3b269dab0c
750bf0a9c440cc5b1842544a00d9424bc8d05bc2124836d007042421826c41a6
7682bcc947ed46991d9f51f30997d4a59e7a9215e5a419a1e354b6300ae735e1
7879b6a7897077d50bf41c9afd92664e4b47b3751a0ed2121a5bdc3a10baddec
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7b5a56411c2ffe630e1d471ad9202552551f300c7a840d481a69eb870fae5e4d
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7d4e5ddbeeff214799c4f72929f3e46b96bd0db766ee246353a9bc4029459f1a
7e049faa4be15aac6c609c9af83675c89dd1ac32533f288157dc3b6a58ca2c9f
7ee4abde9d3ff80cf0c276af8d2f5cc75f90c55d3a88fa09008b04dd6c5c13d0
7f59045c7c08d7f2c81801abe86b9a628798505db3708578e3969240cb7b702c
7f9164a13476744c911fea7dbab9a2924750f69f82ec1d51d2a09e64638952c0
823736c869c5514fd03b3a93b6f7269f7db916894fd8d8a407abd3c3f8d435a3
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
83082bb4bb6a5e5d829a8b5eed8d7b3f7376cd124713a42d485dde21c26454cf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8424b4bf4e834f2a02cb806736c6f233efe100be5debe5d40200932e2b5d4dac
84d8eb6af559cc3d679dcbbdc021f2bcd43b699edaf99c7443b0e30c1e65e205
85225421ee8cd63e2d4cc4a33f5142f7d87f73eed2642866e01a68e641734308
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
8940d185bc7be361a9af531b1b9130f6b4bec98d8f7a38f79d9ed966113b1029
8ccfc550c0f227d025190ddbd55abb5de07e0168ebdd27d02e5ce886fe64dcd9
8d59600c71819efd9513ea48d57eb86572a2c6f2a71020c00b5cee27c46766cd
8e7365e13e3fc947115dcb143739bb407c8c90a8fcc950e2756f8cf1033ea15b
8e9fc5b2cab42ec75725533f43650c99a97d3d721e2fcfaaae999aee9bbc1dde
93e6639c3f07cb77467754907778fc49a74b1194368a93923c824ebec4d78298
9686e45f0a8b2b98219b4722574e7b816378f09a94b9bb819bcd450d4210cfe5
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a10a5768f359b6049db53f3771864d770b1da81dbbcddb9785a5f31105d9de16
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a2cc20b3508f79cbefae2632d9757a11d0380fae0884dc1f743fa33d6a970642
a33084b0430d0aa46ba1c806d614bab52aa16868d848c6cff2d5c6fff613b8b1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a50e0c1a8c365c6c37ecf497333b3b03ddfcee3978b81100eca6461f75f6f71b
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a58e69205055c3fd815573937c61233dad7c83e41f3bd35b0cc67e78eaa17627
a685fab61803ff97f4a1e0b570ef3adfe9688670d96c86f25864fb6ba64b08ba
a6fa77e3cb4472bc0f034ddf6155c196c0b5574e33877675c60df2aa6750dcb6
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
aa9b104349488eae675c7bffc141d805121107e76a10f1215ef9f5069ea67d71
ab4b6f1b78cdb8006a9fb699606f009babd4613be85041eec986fe7bc7b3ae08
ac32377ae624ac720172de6cd59d7fad67c0c78fe658c7a7b2b43be14b9d74ab
ac32938c6db02dbb2a25f17f91f7569896f7d3238c671177ab0f7335d258a536
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ad750038357123d5eb30d8691fd2bf658a647e5539d87eceb4b2d61f0e284e69
af43363568ace4b57fe8219025d343fece66fa5367b394660003be87bb12bcb2
af58233354d9837a58e05c594f01be2ea6dcd7150d70a34aaf4cd2994f59e103
b09a581bc29f4bdbe66bef5c69b90cc1a003e849e2f7706f47a9f0c5f5a6860e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1d598cb92aa54d28e5d648b5ea6e9abbdec81fe68a0001a654f5761762c64e7
b22985e70370df24230b8e906631c7fca30d8b251232d20be31b107228fd1903
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b7dcbe28cf7fe73b58707b6b1f81d9fa7d3bc3dd37a6f4cd256a5c88a87fafd5
b93e0d4020bef9eb50ebf04a4436f91ed71af0feb36e598d2b9826eb2ed88e0d
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bd1081ae39df66501afa8df86d726ab3bedc52fc5f73f78eb6a6060f8bcfd56f
bd39f6888cce7126d5163d60fe8dcdcdd861f9563c49992d6d08c835349fb56b
bd84251842459aec583a2cbebc00328444bb4835fdfccbe46f8b4cb3ae33e065
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
beabe065ca7212bcc65b1f83045ecbfcfd350318d2172b0d7a0437027c31ede1
c1b10d4a6e077f317e6ff7e03854087ce4d004cdff1c8ed683d26b951aa3b622
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c25b1b927e6423cbea6f83f9b47770117c8ceb0aaab6ecec85c43bfddd46d0d6
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c4b3da07d9bd9970f444b2288c34dcde72cbc4278ffae9524c6a19c2f5255c43
c4cbcc68d7a949e09034b1bdf19f4da6d9727b7f0d91bfaa146579d84d027f25
c56adf2fd448a470f4e93e715fe85dece3468f3071c05ed8692c1a0c83748139
c57a5d09de0dbb1ba5d0bb29f9a000421f6864ce225370baf16d01cfbf72b7bc
c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec
c96507386689e69f6112a5d0a91ea851a260e5c023642dc374a8489271f53246
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876
ce331bf5c6c5e330f399d37e697146dd66cbc23038c122adba0b3cd3b1fe2781
ceb9ce93b2cb70a87cb0aa643b65df68a61d7aae793b4fc671dc43c7d47e0172
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d08b654bbde3895f2aa76475df2a1b8ef409d4402a5ac58ad67adbf7fbd34ba9
d08bc37e61bd6df9b01a6e2571d67bd9dd5d741a22bfb5f0a3d0ecff71ed70e2
d14f4b0f7dc9f3ea3e33ab581346f75681ac5f6a35def70cbd8c1ee03a3478c9
d338942229ff300382b383f3fe0a3e9603511aea04491596f19855d3c5c95f24
d3e1669711b485803cf11f7b52b0bf81ba26604ea14e266f6cfc6a758fa2f25d
d4fd99fb81b7a54dde7ec7af98a536d555323b8c4445005fd82aeaa0351c975c
d5063b22e5e007930bc8e65d480e2bf5829183aebd7e0cb22ae6223a117f0bdc
d885d3a2a26cd29dc75166471b4ebc3b8c0eb9e5a6d5d348c6a1c0391b5f27f8
d9608ec4ea86f70691860daf1b477654e08357662b2fdc33568a376b0fcbdf5c
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da469c699a610f8af46c24c7c12c7e93766498d7fc9becc5ea61a9bf2bc6e438
dbac848192e838123fd05c4dafd8a3e350f9d34cbe3794b7feb8d49e3a472702
dc0a663389200c5c44fc2389dbcd17ac03a7c8d51e39f8468c590c0a047318c9
dc188663cff3c3a63b6ea5485448eb873694318dae8fa048678662373971dd26
dd270db44ecccdf58e57182aa8197e42b24a93b45fcd9700cf3a8625e726c714
dd529a89ac4b7c0a162934abb5dda7432d8cb15f0c2bd59e9976d987231ecfd1
de051b98a931762f4fdb33f675a5423da6e27a3037bca5d200871422fad549e4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de81fd4c33bd08263cc0ed66a844ad8a147c15aeed23509ffe69cb6cc6968414
dfeb455a294c606d60a74ee84ad48cad06e7aaf943c792f9250e4a90ae5ddefc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c26b7d466791298e4d0710cd239d1af926af50f20f140dd66de5dbb96b015d
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e729caf6afbc1ae8cd10848c3aa5bd8f75301b3c017860ee104ea00bfc29e904
e99607d3e6c97d4724e598bea4800eab936d1ca0eb7500c57d95617f94273ba7
ea0d7f3221f146e4bebf1f6d2d88e20034678a4383e48187bbc1d75462be6643
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecba68e0d565219c117d5b851f2f6d60847655f1502e49aa83eeac8d4e3ede7c
ee02f3067b0e2b082aef93be179c0ca1e2a3204c78a610ca6189174db5ba04f8
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f07f8d1127f4f78258897b6248772fd08b78c096b1cb0a167815b4a49c1dd294
f3ced260cba8dbd420fa2a127062350d681174c4ed26cdf80ce1c64014b7694f
f45f42097ab97da2bd3034f5f7331e2283a38f7147638825cd71912fe8dcbbb6
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f613fc898027e01e4c9285fc8b189e14fe34bc33dd65650adb1170e87c7bf5d7
f8d47fbea9e025346a0ed19a739b08b214dc0dd99a7f6a82c1725b3381776218
fb1f8f3374929873577fca8654c82090c9d496cdfa3d44d1c6621f65b2789cd6
fe7d3629df2573982a89639c7f273039095ba42bf6c2d6ab00af2ffa0539e567
fe7d779bde3fe41e0cf7475ecd80fe7d497371f31b90cbc900657ca48d262670