www.edocr.com Open in urlscan Pro
34.197.251.127 Public Scan

Software

/ Express

Resource Hash

743317e140ff9bb0811b5d611ed32d02ae673c6a47827c112b614092caf5ff41

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

Connection: keep-alive
Content-Security-Policy: frame-ancestors 'none'
Referrer-Policy: origin-when-cross-origin
X-Content-Type-Options: nosniff
build-number: 3056
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 23 Jan 2023 01:56:47 GMT
etag: W/"116e-wFLPin73lNcANie8+6AQUnb5HpI"
strict-transport-security: max-age=31536000; includeSubDomains; preload
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: Express

Redirect headers

Connection: keep-alive
Content-Length: 196
Content-Security-Policy: frame-ancestors 'none'
Referrer-Policy: origin-when-cross-origin
X-Content-Type-Options: nosniff
build-number: 3056
content-type: text/html; charset=utf-8
date: Mon, 23 Jan 2023 01:56:46 GMT
location: /v/857bqmz0/annabalkerrin/mojang-bans-brands-from-building-minecraft-promo-m
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
x-powered-by: Express

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 833ms
287ms Script
text/javascript 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6933461940627641

Requested by

Host: www.edocr.com
URL: https://www.edocr.com/v/857bqmz0/annabalkerrin/mojang-bans-brands-from-building-minecraft-promo-m

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66c4657becd3540df07331e0684df020978a352e6a3b116f3e08c11f495121fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edocr.com/
Origin: https://www.edocr.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 01:56:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49617
x-xss-protection: 0
server: cafe
etag: 900684285010315469
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 23 Jan 2023 01:56:47 GMT

GET
H/1.1 200
OK main.00f291007fc7948c83c0.css
www.edocr.com/v/static/ 2 KB
2 KB 349ms
349ms Stylesheet
text/css 34.197.251.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edocr.com/v/static/main.00f291007fc7948c83c0.css

Requested by

Host: www.edocr.com
URL: https://www.edocr.com/v/857bqmz0/annabalkerrin/mojang-bans-brands-from-building-minecraft-promo-m

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.197.251.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

/ Express

Resource Hash

65e4e63638e9c69fe634cc25b595b20afe3e704f5eb8adf36a551e3c23a12ecf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.edocr.com/v/857bqmz0/annabalkerrin/mojang-bans-brands-from-building-minecraft-promo-m
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'none'
content-encoding: gzip
X-Content-Type-Options: nosniff
date: Mon, 23 Jan 2023 01:56:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-powered-by: Express
transfer-encoding: chunked
Connection: keep-alive
Referrer-Policy: origin-when-cross-origin
last-modified: Thu, 19 Jan 2023 10:10:41 GMT
etag: W/"814-185c98258e8"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
build-number: 3056

GET
H/1.1 200
OK bundle.js Show response
www.edocr.com/v/static/ 5 MB
1 MB 351ms
351ms Script
application/javascript 34.197.251.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edocr.com/v/static/bundle.js

Requested by

Host: www.edocr.com
URL: https://www.edocr.com/v/857bqmz0/annabalkerrin/mojang-bans-brands-from-building-minecraft-promo-m

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.197.251.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

/ Express

Resource Hash

d647563f1557996f828a0e749886773bb425e69f2fa4b53579aa3a8a2da1033e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.edocr.com/v/857bqmz0/annabalkerrin/mojang-bans-brands-from-building-minecraft-promo-m
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'none'
content-encoding: gzip
X-Content-Type-Options: nosniff
date: Mon, 23 Jan 2023 01:56:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-powered-by: Express
transfer-encoding: chunked
Connection: keep-alive
Referrer-Policy: origin-when-cross-origin
last-modified: Thu, 19 Jan 2023 18:49:20 GMT
etag: W/"5652f1-185cb5d331f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
build-number: 3056

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 820ms
272ms Script
text/javascript 142.250.4.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.edocr.com
URL: https://www.edocr.com/v/857bqmz0/annabalkerrin/mojang-bans-brands-from-building-minecraft-promo-m

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f139.1e100.net

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.edocr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 22 Jan 2023 23:57:24 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 7163
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20085
expires: Mon, 23 Jan 2023 01:57:24 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
206 B 274ms
273ms XHR
text/plain 142.250.4.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=898922709&t=pageview&_s=1&dl=https%3A%2F%2Fwww.edocr.com%2Fv%2F857bqmz0%2Fannabalkerrin%2Fmojang-bans-brands-from-building-minecraft-promo-m&ul=en-us&de=UTF-8&dt=Mojang%20Bans%20Brands%20from%20Building%20Minecraft%20Promo%20Maps%20And%20Mods%20%7C%20edocr&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=2097423716&gjid=1453384252&cid=695047994.1674439008&tid=UA-160144-46&_gid=1982251586.1674439008&_r=1&_slc=1&z=1157817916

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f139.1e100.net

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.edocr.com/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 01:56:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.edocr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/ 358 KB
118 KB 859ms
314ms Script
text/javascript 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6933461940627641

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f37aa4c1d6f1585df818296a250a89d53030c7c4b559e13332fbe9a256a4d6b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.edocr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 01:56:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120544
x-xss-protection: 0
server: cafe
etag: 9913866819930570398
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Jan 2023 01:56:49 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230118/r20190131/ Frame 4FE7 10 KB
5 KB 824ms
273ms Document
text/html 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230118/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6933461940627641

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edocr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

age: 19968
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 20:24:01 GMT
etag: 10353107486223812946
expires: Sun, 05 Feb 2023 20:24:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK 857bqmz0 Show response
www.edocr.com/api-user/viewingSession/ 2 KB
2 KB 523ms
522ms XHR
application/json 34.197.251.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edocr.com/api-user/viewingSession/857bqmz0?isEmbed=undefined

Requested by

Host: www.edocr.com
URL: https://www.edocr.com/v/static/bundle.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.197.251.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

47b5b0820a4476cf688d65b7acbbce64fa051cb12d42b072355bb85a36630c1c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.edocr.com/v/857bqmz0/annabalkerrin/mojang-bans-brands-from-building-minecraft-promo-m
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'none'
content-encoding: gzip
Referrer-Policy: origin-when-cross-origin
date: Mon, 23 Jan 2023 01:56:50 GMT
X-Content-Type-Options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: W/"9b1-b5wQeo5ba1je3K8GKvcG+/pYDps"
vary: Accept-Encoding
transfer-encoding: chunked
content-type: application/json; charset=utf-8
access-control-allow-origin: *
Connection: keep-alive
build-number: 3056

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
327 B 275ms
274ms Script
text/javascript 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.edocr.com&callback=_gfp_s_&client=ca-pub-6933461940627641

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9521717f6641f424f2f0470942442d0f805b2ec83120e8a042c61df8802768b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.edocr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 01:56:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 248
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.nz/adsid/ 107 B
792 B 821ms
274ms Script
application/javascript 74.125.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.nz/adsid/integrator.js?domain=www.edocr.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f157.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.edocr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 01:56:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 822ms
275ms Script
application/javascript 142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.edocr.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f155.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.edocr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 01:56:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 274ms
274ms Image
image/gif 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.edocr.com
URL: https://www.edocr.com/v/857bqmz0/annabalkerrin/mojang-bans-brands-from-building-minecraft-promo-m

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.edocr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 01:56:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 275ms
274ms Image
image/gif 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.edocr.com%2Fv%2F857bqmz0%2Fannabalkerrin%2Fmojang-bans-brands-from-building-minecraft-promo-m&tn=HEADER&cls=MuiPaper-root%20MuiAppBar-root%20MuiAppBar-positionFixed%20MuiAppBar-colorPrimary%20jss2%20mui-fixed%20MuiPaper-elevation4&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.edocr.com
URL: https://www.edocr.com/v/857bqmz0/annabalkerrin/mojang-bans-brands-from-building-minecraft-promo-m

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.edocr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 01:56:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0EE0 0
188 B 350ms
349ms Document
text/html 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&adk=1812271804&adf=3025194257&lmt=1674439010&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.edocr.com%2Fv%2F857bqmz0%2Fannabalkerrin%2Fmojang-bans-brands-from-building-minecraft-promo-m&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674439008495&bpp=3&bdt=1239&idt=1859&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5835459438035&frm=20&pv=2&ga_vid=695047994.1674439008&ga_sid=1674439010&ga_hid=898922709&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44781117%2C31071663&oid=2&pvsid=188906562703787&tmod=1144356411&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1881

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edocr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 01:56:50 GMT
expires: Mon, 23 Jan 2023 01:56:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 919E 436 B
509 B 675ms
675ms Document
text/html 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&h=250&slotname=8628223775&adk=2306401753&adf=2492855624&pi=t.ma~as.8628223775&w=350&lmt=1674439010&format=350x250&url=https%3A%2F%2Fwww.edocr.com%2Fv%2F857bqmz0%2Fannabalkerrin%2Fmojang-bans-brands-from-building-minecraft-promo-m&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674439010721&bpp=4&bdt=3465&idt=-M&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D49d499d0f3ab225f-22cf164263d900bf%3AT%3D1674439010%3ART%3D1674439010%3AS%3DALNI_MYTL8LI_JLLHHp3mrCYKWv2untnBg&gpic=UID%3D00000baaf93c19c3%3AT%3D1674439010%3ART%3D1674439010%3AS%3DALNI_Mbi3ReUM29FM0lKIhWoODRT4cRHig&prev_fmts=0x0&nras=1&correlator=5835459438035&frm=20&pv=1&ga_vid=695047994.1674439008&ga_sid=1674439010&ga_hid=898922709&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-975&ady=474&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44781117%2C31071663&oid=2&pvsid=188906562703787&tmod=1144356411&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=n41w3DkGGD&p=https%3A//www.edocr.com&dtd=35

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c68924df21314478d148594b941ebd69894b1984c7de457816c4a8a570a09bfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edocr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 214
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 01:56:51 GMT
expires: Mon, 23 Jan 2023 01:56:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3597 436 B
531 B 434ms
434ms Document
text/html 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&h=600&slotname=3952982610&adk=937441900&adf=3216936516&pi=t.ma~as.3952982610&w=120&lmt=1674439010&format=120x600&url=https%3A%2F%2Fwww.edocr.com%2Fv%2F857bqmz0%2Fannabalkerrin%2Fmojang-bans-brands-from-building-minecraft-promo-m&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674439010721&bpp=1&bdt=3466&idt=-M&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D49d499d0f3ab225f-22cf164263d900bf%3AT%3D1674439010%3ART%3D1674439010%3AS%3DALNI_MYTL8LI_JLLHHp3mrCYKWv2untnBg&gpic=UID%3D00000baaf93c19c3%3AT%3D1674439010%3ART%3D1674439010%3AS%3DALNI_Mbi3ReUM29FM0lKIhWoODRT4cRHig&prev_fmts=0x0%2C350x250&nras=1&correlator=5835459438035&frm=20&pv=1&ga_vid=695047994.1674439008&ga_sid=1674439010&ga_hid=898922709&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=25&ady=346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44781117%2C31071663&oid=2&pvsid=188906562703787&tmod=1144356411&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ycOKdxeNfI&p=https%3A//www.edocr.com&dtd=39

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63a5c56dcb8887aaa25068f564d9027e3777a590fe34d87e81f08849c7eb774a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edocr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 01:56:51 GMT
expires: Mon, 23 Jan 2023 01:56:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ABBE 35 KB
16 KB 475ms
475ms Document
text/html 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&h=250&slotname=4103433139&adk=402904232&adf=2068165500&pi=t.ma~as.4103433139&w=300&lmt=1674439010&format=300x250&url=https%3A%2F%2Fwww.edocr.com%2Fv%2F857bqmz0%2Fannabalkerrin%2Fmojang-bans-brands-from-building-minecraft-promo-m&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674439010721&bpp=1&bdt=3465&idt=0&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D49d499d0f3ab225f-22cf164263d900bf%3AT%3D1674439010%3ART%3D1674439010%3AS%3DALNI_MYTL8LI_JLLHHp3mrCYKWv2untnBg&gpic=UID%3D00000baaf93c19c3%3AT%3D1674439010%3ART%3D1674439010%3AS%3DALNI_Mbi3ReUM29FM0lKIhWoODRT4cRHig&prev_fmts=0x0%2C350x250%2C120x600&nras=1&correlator=5835459438035&frm=20&pv=1&ga_vid=695047994.1674439008&ga_sid=1674439010&ga_hid=898922709&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1270&ady=236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44781117%2C31071663&oid=2&pvsid=188906562703787&tmod=1144356411&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=Zz4OkDFDv7&p=https%3A//www.edocr.com&dtd=43

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0b6bfc2702a08ced55782f2b2e5d90f08eb102ad656cee1dba3825d9f05ed95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edocr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 15864
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 01:56:51 GMT
expires: Mon, 23 Jan 2023 01:56:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK restrictions Show response
www.edocr.com/pas/v2/ViewingSessions/OdcaPOeuwx9Gh2B9qTfQkL1HaISkUF0IOck3Dp87qS8Q16VuJkKUJGMUYesGyseONLWnX-iNglaEY7hUAVBQxocomvIglpowEJP6Z1Ku_K5nG09e4k2qVViHtG8nF7Wk_Z8KKFjpRqwy-OlPI9yqMG6QUosX0O8p... 226 B
787 B 482ms
482ms XHR
application/json 34.197.251.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edocr.com/pas/v2/ViewingSessions/OdcaPOeuwx9Gh2B9qTfQkL1HaISkUF0IOck3Dp87qS8Q16VuJkKUJGMUYesGyseONLWnX-iNglaEY7hUAVBQxocomvIglpowEJP6Z1Ku_K5nG09e4k2qVViHtG8nF7Wk_Z8KKFjpRqwy-OlPI9yqMG6QUosX0O8pR2lk9G7E59c/restrictions

Requested by

Host: www.edocr.com
URL: https://www.edocr.com/v/static/bundle.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.197.251.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx /

Resource Hash

b1ba9fa4ad8fdf667f000a62ef0aebcd3b169d9e70a0e7079072471016139c68

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accusoft-Gid: 6ZCmGDTIQciqbRPw2QUawg
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Accusoft-Parent-Name: ViewerControl
Referer: https://www.edocr.com/v/857bqmz0/annabalkerrin/mojang-bans-brands-from-building-minecraft-promo-m
Accusoft-Parent-Pid: 0
Accusoft-Parent-Taskid: 0

Response headers

Content-Security-Policy: frame-ancestors 'none'
content-encoding: gzip
X-Content-Type-Options: nosniff
date: Mon, 23 Jan 2023 01:56:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
transfer-encoding: chunked
Connection: keep-alive
pragma: no-cache
Referrer-Policy: origin-when-cross-origin
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: *
build-number: 3056
expires: -1

GET
H/1.1 200
OK clientFile Show response
www.edocr.com/pas/v2/viewingSessions/OdcaPOeuwx9Gh2B9qTfQkL1HaISkUF0IOck3Dp87qS8Q16VuJkKUJGMUYesGyseONLWnX-iNglaEY7hUAVBQxocomvIglpowEJP6Z1Ku_K5nG09e4k2qVViHtG8nF7Wk_Z8KKFjpRqwy-OlPI9yqMG6QUosX0O8p... 2 KB
2 KB 446ms
445ms XHR
application/pdf 34.197.251.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edocr.com/pas/v2/viewingSessions/OdcaPOeuwx9Gh2B9qTfQkL1HaISkUF0IOck3Dp87qS8Q16VuJkKUJGMUYesGyseONLWnX-iNglaEY7hUAVBQxocomvIglpowEJP6Z1Ku_K5nG09e4k2qVViHtG8nF7Wk_Z8KKFjpRqwy-OlPI9yqMG6QUosX0O8pR2lk9G7E59c/clientFile?accept=pdf

Requested by

Host: www.edocr.com
URL: https://www.edocr.com/v/static/bundle.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.197.251.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx /

Resource Hash

f96a986742b168d3211e62a4b0525fc0d77348660d5e3ecdb5e9dd8e4144bf88

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accusoft-Parent-Name: ViewerControl
Referer: https://www.edocr.com/v/857bqmz0/annabalkerrin/mojang-bans-brands-from-building-minecraft-promo-m
Accusoft-Gid: ySoZGAxZc7czMwzFY9x6Vg
Accusoft-Parent-Pid: 0
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accusoft-Parent-Taskid: 0

Response headers

Content-Security-Policy: frame-ancestors 'none'
date: Mon, 23 Jan 2023 01:56:51 GMT
X-Content-Type-Options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
transfer-encoding: chunked
Connection: keep-alive
Referrer-Policy: origin-when-cross-origin
server: nginx
access-control-allow-methods: GET
content-type: application/pdf
access-control-allow-origin: *
cache-control: public, max-age=18000
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: *
build-number: 3056

GET
DATA 200
OK truncated
/ 1 KB
1 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b8657baaa6b95a17c934001c3338f3cdff05bf8ce67ffe25c3b7ab53cd580241

Request headers

Referer
Origin: https://www.edocr.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
BLOB 200
OK 01d8830f-b29f-44c5-a312-b8b10bc2ceec
https://www.edocr.com/ 1 MB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.edocr.com/01d8830f-b29f-44c5-a312-b8b10bc2ceec
Requested by: Host: www.edocr.com
URL: https://www.edocr.com/v/857bqmz0/annabalkerrin/mojang-bans-brands-from-building-minecraft-promo-m
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 382bc641ce5c628902c7b373806537d7b93fa7fff3ae5774e3ed9241ceb614cc

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 1408036
Content-Type

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame ABBE 0
0 284ms
283ms Fetch
text/html 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CgO3KYunNY8LaNvec9fwP54ylqA6s1_3wZLT2qJPiC8CNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi02OTMzNDYxOTQwNjI3NjQxyAEJqAMBqgSCAk_Q6pKFuOVzfvB8G9XNAwxMCUX_FLRNniIj7DyA1TQxTQ5d-g672817l5qF9-Fzuu_9oWEyj63LZfOrE9CdAWIxZ7jr88yZER2QYT4Fb7FvR_RflQPBYkqi0XsE8IClGvsHgtxBnqP-2St7t_-rppQkkCIrel8XiRywD9bj6pvHvrbJcLDudxOU1g3vKo-oK1WXB8rZipMQ2P8v6tYl240baC8ScNqfDNUrPAwaHsr3yhVh3z2nisaIWShLRm4FSg58Xut7hSbg9ib5GjojDDKydGjZeb7sgL02vZe04ewqRwHzglegQDVcb-NexplSeQamImczQbeufo1lUNmoAbaf_4AG2uKxnsqS9rs0oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNjkzMzQ2MTk0MDYyNzY0MRgA&sigh=BKEHg3DIktY&uach_m=[UACH]&cid=CAQSOwDq26N9kDFTGsx9-eCEbBbo_byjKDwRjW47zG04Wh7tkrqo4fezuIEGqd7KAABhc6zXqJ5CTSU4QKb4GAEgEw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&h=250&slotname=4103433139&adk=402904232&adf=2068165500&pi=t.ma~as.4103433139&w=300&lmt=1674439010&format=300x250&url=https%3A%2F%2Fwww.edocr.com%2Fv%2F857bqmz0%2Fannabalkerrin%2Fmojang-bans-brands-from-building-minecraft-promo-m&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674439010721&bpp=1&bdt=3465&idt=0&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D49d499d0f3ab225f-22cf164263d900bf%3AT%3D1674439010%3ART%3D1674439010%3AS%3DALNI_MYTL8LI_JLLHHp3mrCYKWv2untnBg&gpic=UID%3D00000baaf93c19c3%3AT%3D1674439010%3ART%3D1674439010%3AS%3DALNI_Mbi3ReUM29FM0lKIhWoODRT4cRHig&prev_fmts=0x0%2C350x250%2C120x600&nras=1&correlator=5835459438035&frm=20&pv=1&ga_vid=695047994.1674439008&ga_sid=1674439010&ga_hid=898922709&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1270&ady=236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44781117%2C31071663&oid=2&pvsid=188906562703787&tmod=1144356411&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=Zz4OkDFDv7&p=https%3A//www.edocr.com&dtd=43

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

a125-56-225-45.deploy.static.akamaitechnologies.com

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&h=250&slotname=4103433139&adk=402904232&adf=2068165500&pi=t.ma~as.4103433139&w=300&lmt=1674439010&format=300x250&url=https%3A%2F%2Fwww.edocr.com%2Fv%2F857bqmz0%2Fannabalkerrin%2Fmojang-bans-brands-from-building-minecraft-promo-m&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674439010721&bpp=1&bdt=3465&idt=0&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D49d499d0f3ab225f-22cf164263d900bf%3AT%3D1674439010%3ART%3D1674439010%3AS%3DALNI_MYTL8LI_JLLHHp3mrCYKWv2untnBg&gpic=UID%3D00000baaf93c19c3%3AT%3D1674439010%3ART%3D1674439010%3AS%3DALNI_Mbi3ReUM29FM0lKIhWoODRT4cRHig&prev_fmts=0x0%2C350x250%2C120x600&nras=1&correlator=5835459438035&frm=20&pv=1&ga_vid=695047994.1674439008&ga_sid=1674439010&ga_hid=898922709&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1270&ady=236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44781117%2C31071663&oid=2&pvsid=188906562703787&tmod=1144356411&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=Zz4OkDFDv7&p=https%3A//www.edocr.com&dtd=43
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 23 Jan 2023 01:56:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 log
hblg.media.net/ Frame ABBE 35 B
0 729ms
240ms Fetch
image/gif 125.56.225.45
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://hblg.media.net/log?logid=kfk&evtid=l1log&acid=1d2c0ecf0d5a408aaf54bc1f9febc520&bidrestime=1674439011011&cbdp=0.114&ogbdp=0.26&prvReqId=9457100050250_265197581_42717038513191&pvid=319&scrid=1700080807683300300025000039600&size=300x250&slotVisibility=1&viewability=93&app=0&cc=NZ&cid=8CU3SX34C&csip=rtb-common-istio-78b794d67c-6hpsc.SG&device_id=4&dn=edocr.com&itype=ADX&mang=1&requrl=https%3A%2F%2Fwww.edocr.com%2Fv%2F857bqmz0%2Fannabalkerrin%2Fmojang-bans-brands-from-building-minecraft-promo-m&dtc=apac_sg&zone=b&commit_id=97440901&ugd=4&ctr=3.3236394E-4&rme=nurl

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

125.56.225.45 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 01:56:51 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Mon, 23 Jan 2023 01:56:51 GMT

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ Frame ABBE 35 B
0 1323ms
409ms Fetch
image/gif 42.99.140.144
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=2&ss_d1=0&ogerpm=0.0000&ss_d2=0&stid=aswift_2_expand&other_prv=319&jar_err=&current_day=1.0&adtyp=0&req_id=0eSuqlDPi_2ors0uxzIy5w&bd_m3=0.0000&dmm_d36=NA&bidfp=0.0100&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=62.5854&exp=&deal_id=&fdbk_id=&second_bidder=*&search_res=56&floor_bucket=0.00&gpid_format=&seat=319&rc=-1&size=300x250&url_l1=v&f_seg=&url_l2=857bqmz0&prdp=0.1144&ogcbdp=0.2600&dfpbd=0.1144&server=1&ogerpm_wd_bkt=0-1&model_version=202301221227_generic_adx_2-cid_2&viewability=0.9300&dmm_r=0.6470&cut=56&dmm_l=0.6470&as_cache=1&tcyerpm=&sc=NZ-AUK&send_erpm=true&dmm_m9=0.0000&sd=1&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.00&ugd_ver=&requrl=edocr.com%2Fv%2F857bqmz0%2Fannabalkerrin%2Fmojang-bans-brands-from-building-minecraft-promo-m%2F&bidrestime=1674439011011&cc=NZ&strg=harmony&ss=&current_hour=1&time_stamp=2023-01-23+01%3A56%3A51&model_key=generic_adx_2-cid_2&rvshhon=&mul_ratio=0.0000&bdp=0.2600&ct=Auckland&akey=&mnckfl=0&asn=137409&bdp_bucket=0.25&algo=unison12&dc=apac_sg&dim5=000&splid=&dim4=exploration&erpm_mult=1.000000&dn=edocr.com&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=1d2c0ecf0d5a408aaf54bc1f9febc520&zone=b&infl=&o_ver=NT+10.0&br_ver=89.0.4389.72&bdmm_m6=0.8620&bdmm_m7=0.7470&bdmm_m5=1.0510&ver=9.1.3&totalTimeBucket=3&visibility=1&totalTime=3259490&dmm_m1=2023-01-23+01%3A56%3A51.013138071&e_rpm=0.2640&dmm_m22=0.0000&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.6760&cid=8CU3SX34C&bcrid=1700080807683300300025000039600&rawbid=0.2600&seat_id=319&sub_bidder=0&pst=EMS&pbshr=100.0000&dmm_d10=0.0000&o_id=101&clisp=rtb-common-istio-78b794d67c-6hpsc.SG&dfp_bucket=0.1&adblk=402904232&itype=adx&pvid_seat=319_319&cliIP=1952074240&advurl=topics.businessfocus.online%2F&level_base=0&crid=427170385&sat=1&br_id=265&cut_bkt=55&gpid=&iwb=1&dmm_d22=0.04&second_bid=0.000000&sc_pvid=319&capd=0&other_bids=0.26
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&h=250&slotname=4103433139&adk=402904232&adf=2068165500&pi=t.ma~as.4103433139&w=300&lmt=1674439010&format=300x250&url=https%3A%2F%2Fwww.edocr.com%2Fv%2F857bqmz0%2Fannabalkerrin%2Fmojang-bans-brands-from-building-minecraft-promo-m&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674439010721&bpp=1&bdt=3465&idt=0&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D49d499d0f3ab225f-22cf164263d900bf%3AT%3D1674439010%3ART%3D1674439010%3AS%3DALNI_MYTL8LI_JLLHHp3mrCYKWv2untnBg&gpic=UID%3D00000baaf93c19c3%3AT%3D1674439010%3ART%3D1674439010%3AS%3DALNI_Mbi3ReUM29FM0lKIhWoODRT4cRHig&prev_fmts=0x0%2C350x250%2C120x600&nras=1&correlator=5835459438035&frm=20&pv=1&ga_vid=695047994.1674439008&ga_sid=1674439010&ga_hid=898922709&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1270&ady=236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44781117%2C31071663&oid=2&pvsid=188906562703787&tmod=1144356411&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=Zz4OkDFDv7&p=https%3A//www.edocr.com&dtd=43
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS: ip-42-99-140-144.pacnet.net
Software: /
Resource Hash

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 Jan 2023 01:56:52 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Mon, 23 Jan 2023 01:56:52 GMT

GET
H2 200 nmedianet.js Show response
contextual.media.net/ Frame ABBE 165 KB
57 KB 744ms
258ms Script
text/javascript 23.213.140.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nmedianet.js?cid=8CUABW64L

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.140.31 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-213-140-31.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

1dd504aef5b11410d6733ef6d704d37c2f24fbd25aff069e21effb3b8fb47902

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-mnt-h: 8-31
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 23 Jan 2023 01:56:51 GMT
server: Apache
etag: "f96a7276fb2b7e623c61ad0a0e2579c7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
x-mnt-w: 8-31
timing-allow-origin: *
expires: Mon, 23 Jan 2023 02:01:51 GMT

GET
H2 200 adperformance.js Show response
warp.media.net/rtb/resource/ Frame ABBE 61 KB
62 KB 753ms
236ms Script
application/javascript 125.56.225.45
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

125.56.225.45 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a125-56-225-45.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=604800
date: Mon, 23 Jan 2023 01:56:51 GMT
server: nginx
content-type: application/javascript;charset=ISO-8859-1
cache-control: max-age=8673
access-control-allow-credentials: true
content-length: 62892
expires: Mon, 23 Jan 2023 04:21:24 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame ABBE 3 KB
1 KB 273ms
272ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 16:50:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32786
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Feb 2023 16:50:26 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame ABBE 18 KB
8 KB 819ms
272ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

a23-213-140-31.deploy.static.akamaitechnologies.com

Software

cafe /

Resource Hash

5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 16:53:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32594
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7515
x-xss-protection: 0
server: cafe
etag: 5914713042212191929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Feb 2023 16:53:38 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame ABBE 0
0 868ms
321ms Image
text/html 142.250.4.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRPqtw3KH3zFaHH1YeAZ_EyShTUYeDsHT60O-CDwsjZvHUvRkVUtdKrw93yIEuoekCK2eDnbFMrYp-6SRPEe5Ey_Nytzg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&h=250&slotname=4103433139&adk=402904232&adf=2068165500&pi=t.ma~as.4103433139&w=300&lmt=1674439010&format=300x250&url=https%3A%2F%2Fwww.edocr.com%2Fv%2F857bqmz0%2Fannabalkerrin%2Fmojang-bans-brands-from-building-minecraft-promo-m&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674439010721&bpp=1&bdt=3465&idt=0&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D49d499d0f3ab225f-22cf164263d900bf%3AT%3D1674439010%3ART%3D1674439010%3AS%3DALNI_MYTL8LI_JLLHHp3mrCYKWv2untnBg&gpic=UID%3D00000baaf93c19c3%3AT%3D1674439010%3ART%3D1674439010%3AS%3DALNI_Mbi3ReUM29FM0lKIhWoODRT4cRHig&prev_fmts=0x0%2C350x250%2C120x600&nras=1&correlator=5835459438035&frm=20&pv=1&ga_vid=695047994.1674439008&ga_sid=1674439010&ga_hid=898922709&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1270&ady=236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44781117%2C31071663&oid=2&pvsid=188906562703787&tmod=1144356411&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=Zz4OkDFDv7&p=https%3A//www.edocr.com&dtd=43
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.4.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sm-in-f104.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ABBE 155 KB
48 KB 823ms
274ms Script
text/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

sffe /

Resource Hash

e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 01:56:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48518
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674065973849303"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 23 Jan 2023 01:56:53 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c39b8da49b4b191f00365068d8401cc38c6747b58dbb1a7f5aab9601504e201f

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 smtr Show response
contextual.media.net/ Frame ABBE 82 KB
30 KB 763ms
763ms Script
text/javascript 23.213.140.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CUABW64L&cpcd=ZNUXWKgjxAVr8bMpeLkZyA%3D%3D&crid=866743147&size=300x250&cc=NZ&chnm=HARMONY&pid=8POHZR87R&tpid=T1E3668&https=1&vif=2&requrl=https%3A%2F%2Fwww.edocr.com%2Fv%2F857bqmz0%2Fannabalkerrin%2Fmojang-bans-brands-from-building-minecraft-promo-m&nse=5&vi=1674439011302431873&lw=1&ugd=4&adt1=8CU3SX34C&adt2=427170385&itid=17&bae=B4xNN/a4BB&bcpf=B4xNN%2Fa48fOnRrolnfOur8BB&bdrId=319&ntv=0&sff=0&katpre=1&katbid=-103&pgid=p087761068t202301230156&nb=1&cadomain=tzR-hLcl-L81q0bo4F7GnA3mMwDIDjC2d77KxBXphR-tzTzq2cANvQ%3D%3D

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUABW64L

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.140.31 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

271e670df7718b40e158e108371ad13cb5de2466c5cb08a32020347082f9bb86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 01:56:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, no-cache, no-store
x-sc-h: 22-56pv
timing-allow-origin: *
content-length: 30184
expires: Mon, 23 Jan 2023 01:56:53 GMT

GET
H2 200 bping.php
lg3.media.net/ Frame ABBE 15 B
15 B 245ms
240ms Image
text/html 125.56.225.45
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=615&&vgd_cdv=853&vgd_cage=3&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=866743147&vi=1674439011302431873&ugd=4&lf=6&cc=NZ&lper=100&wsip=2886993991&r=1674439012561&requrl=https%3A%2F%2Fwww.edocr.com%2Fv%2F857bqmz0%2Fannabalkerrin%2Fmojang-bans-brands-from-building-minecraft-promo-m&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=137409&vgd_rakh=1674439011163342462&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=427170385&vgd_pgid=p087761068t202301230156&vgd_pgids=1&vgd_uspa=0&hvsid=00001674439012558019520744488171&gdpr=0&vgd_l2type=scs_newfl&vgd_end=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

125.56.225.45 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a125-56-225-45.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=21600
date: Mon, 23 Jan 2023 01:56:52 GMT
server: Apache
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=73019
content-length: 15

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 2D9C 26 KB
10 KB 272ms
271ms Document
text/html 23.213.140.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.140.31 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-213-140-31.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

3696e3f2798a0458e2b8d1265ea586b83a3444d0f9ca9814534248e2212ae915

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

cache-control: max-age=119982
content-encoding: gzip
content-length: 9546
content-type: text/html; charset=UTF-8
date: Mon, 23 Jan 2023 01:56:52 GMT
expires: Tue, 24 Jan 2023 11:16:34 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 clog
hblg.media.net/ Frame ABBE 35 B
199 B 241ms
240ms Image
image/gif 125.56.225.45
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=5516&lper=1&itypeid=17&itype=ADX&cc=NZ&cid=8CU3SX34C&reqid=0eSuqlDPi_2ors0uxzIy5w&vid=0eSuqlDPi_2ors0uxzIy5w&dn=edocr.com&rawDn=edocr.com&pid=8PR113JGC&ugd=4&fleet=common-istio&requrl=https%3A%2F%2Fwww.edocr.com%2Fv%2F857bqmz0%2Fannabalkerrin%2Fmojang-bans-brands-from-building-minecraft-promo-m&cliIPType=v4&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=2&sc=NZ-AUK&ct=Auckland&pubid=pub-ADX-101418826937&tgtval=pub-ADX-101418826937&csip=rtb-common-istio-78b794d67c-6hpsc.SG&dtc=apac_sg&zone=b&sd=1&ptype=23&tmax=300&xtmax=290&gdpr=0&app=0&sat=1&device_id=4&asn=137409&sckfl=1&suid=CAESEGtZ7P6PRoa8aAJkMGS1wt0&smbrid=adx-1&usp_status=0&usp_enf=1&gqid=AGJvdde_Y9qfX5iZAyxkyGioQ7dyM1y6hOn9n3k7tDddx_CsiSh8biqE4rdO7PCDpi34X3Mq&pexid=ADX-pub-6933461940627641&geoll=false&is_ortb=false&s_ip=74.125.190.29&s_city=singapore&commit_id=97440901&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-01-20+00%3A00%3A00&schain_cmpl=1&dummy_vsid=false&amptype=1&second_call=false&supply_cc=NZ&ipcc=NZ&rtttime=22&pvid=319&prvAccId=866743147&prvApiId=8CUABW64L&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=427170385&prspt=headerBid&prvReqId=9457100050250_265197581_42717038513191&reqsize=300x250&size=300x250&chnl=HARMONY&bdp=0.260&cbdp=0.114&og_cbdp=0.260&ogbdp=0.26&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&cat=IAB-3&advUrl=https%3A%2F%2Ftopics.businessfocus.online%2F&dfpBd=0.114&dt=O&dbf=1&epc=866743147&s=1&snm=SUCCESS&pcrid=8CUABW64L-866743147-4-12&tpbTkn=false&exid=31&bidflr=0.010&pbidflr=0.010&opbidflr=0.010&spbf=0&viewability=93&slotVisibility=1&adpos=1&iframingState=0&sbdrid=99&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&mnrf=0&ortbseat=319&brsrclk=0&bidrestime=1674439011011&fpuReq=1&bfs=103&acsn=1&dmm_erpm=true&dmm_ogerpm=false&bcrid=1700080807683300300025000039600&strg=HARMONY&stagid=aswift_2_expand&vls=0&scrid=1700080807683300300025000039600&mang=1&pvdTmax=251&fpusp=false&ae=false&epcexp=false&moau=true&incentive_type=0&ucrid_ver=2&omid=0&apTags%3C%3E=75&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_epbc=8CUABW64L&mx_SPRIG=0&mx_bsBucket=0&mx_ssProfile=0&mx_int_dsp_id=32&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_sid=8CUABW64L&mx_SC=1&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=1&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_tgs=300x250&mx_bsProfileRa=0&mx_IAB2=0&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=0&mx_UCC=1&mx_isLossNtf=false&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=false&mx_commit_id=0ba9489b10&acid=1d2c0ecf0d5a408aaf54bc1f9febc520&rtime=7.0&wsip=mowx-istio-556f588569-2f8m5&ltime=14.0&act=headerBid&abs=0%7C0%7Cxtmax%3D290%7Cbrr%3D0&adtypes=0&adblk=402904232&impId=1&reftime=0&reftype=0&psrc=cid_abk_div&mowxReqId=1d2c0ecf0d5a408aaf54bc1f9febc520_1&policy_enf=2&pub_blk_enf=1&renderer=0&ifst=0&ifdp=0&media=0&native_asset=0&req_mtype%3C%3E=0&vcmplrt=-1.0&ctr=3.3236394E-4&ctr_vendor=EXCHANGE&rfc=-1&dfpDiv=aswift_2_expand&feedback_id=0eSuqlDPi_2ors0uxzIy5w&supplyTagId=402904232&mnrfc=-1&viewability_vendor=EXCHANGE&actltime=14&debug_ts=2023-01-23+01%3A56%3A51&__expireat=1674439611265&mview=1&rme=adm&bdata=~bx_len%3D1496~bhp%3D0~bid%3D0.260~bx_agl2a_l%3D0~bx_asn%3D137409~bx_cs%3D0~bx_dcl%3D0.001~bx_epl%3D1~bx_exp%3D0~bx_ginsu%3D0~bx_intmd%3D0~bx_l2as%3D0~bx_lvmp%3D00000000000000000000000000000000000000000000000000~bx_ref_url%3D%40Lhz6grA1wm%2F~bx_rh%3D47DEQpj8HB~bx_rpc%3D0000011~bx_size%3D300x250~bx_t_enabled%3D0~bx_t_exp%3D0~bx_tmax%3D250~bx_tml_suffix%3D%2F~city%3DAUCKLAND~ck_fl%3D2~dc%3Dgcp-apac-se1-b~dmm_d1%3D0~dmm_d10%3D0~dmm_d11%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D1~dmm_d18%3D85~dmm_d19%3D0000~dmm_d2%3DT~dmm_d21%3D-1~dmm_d22%3D0.04~dmm_d24%3D5~dmm_d25%3Ddef_new_mt~dmm_d26%3D0~dmm_d27%3D0~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d3%3D0~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d39%3Djson%2Fbid%2FgetOrtbResponse~dmm_d4%3D10~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~dmm_d5%3D0~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d53%3D0000~dmm_d56%3D0~dmm_d6%3D0~dmm_d7%3D0~dmm_d8%3D0~dmm_d9%3D0~dmm_l%3D0.041~dmm_m1%3D0.264~dmm_m10%3D1.000~dmm_m11%3D0.922~dmm_m12%3D0.676~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D1.014~dmm_m16%3D0.647~dmm_m17%3D1.000~dmm_m2%3D0.060~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m28%3D1.000~dmm_m29%3D1.000~dmm_m3%3D1.000~dmm_m30%3D1.000~dmm_m32%3D0.010~dmm_m33%3D0.033~dmm_m34%3D1.000~dmm_m39%3D269.000~dmm_m40%3D269.000~dmm_m43%3D0.445~dmm_m44%3D1.004~dmm_m45%3D36.000~dmm_m46%3D6139.000~dmm_m47%3D133.000~dmm_m48%3D20081.000~dmm_m5%3D1.051~dmm_m52%3D0.930~dmm_m6%3D0.862~dmm_m7%3D0.747~dmm_m9%3D1.000~dmm_r%3D0.647~e_rpm%3D0.264~erpm%3D0.264~hc%3D0%20%2B%200~iha%3D0~itype%3DADX~r_ip%3D116.90.74.0~r_sc%3DNZ-AUK~rbo%3D5_3~ref_cnt%3D0~seller_tag_id%3Daswift_2_expand~sgmt%3Dempty~std%3Daswift_2_expand~vbr%3D0~visibility%3D1~supply_tag_id%3D%7Eviewability%3D0.93%7Eamp%3D1%7Ecbdp%3D0.114%7Edmm%3Dharmony%7Esuid%3DCAESEGtZ7P6PRoa8aAJkMGS1wt0%7Esd%3D1%7Edtc%3Dapac_sg%7Exid%3DADX-pub-6933461940627641%7Edalg%3Dunison12%7Ehtml%3D1%7Eadblk%3D402904232%7Esobp%3D%7Ectr%3D3.3236394E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.260%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3Daswift_2_expand%7Edetected_tag_id%3Daswift_2_expand%7Edcut%3D55%7Edogb%3D0-1~ibc%3D1~&utime=1553&sf=0&cpr=0.2271058207531771

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

125.56.225.45 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a125-56-225-45.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: max-age=3600
date: Mon, 23 Jan 2023 01:56:52 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
server: Apache
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=21600
content-length: 35
expires: Mon, 23 Jan 2023 07:56:52 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AD30 1 KB
643 B 273ms
272ms Document
text/html 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

a23-213-140-31.deploy.static.akamaitechnologies.com

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

age: 51700
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 11:35:12 GMT
etag: 48472445140208031
expires: Mon, 23 Jan 2023 11:35:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame ABBE 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad341b31ad1c7839c4c188680da1d81ae09141c8451cdc33e2b01c73396acd84

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

cksync
cs.media.net/ Frame 2D9C
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzE3NDQwNjEyNzQ0NDgzOTAwMFYxMA%3D%3D&google_sc=1
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESELUH_dFWhV6D9LI9k-KlYW8&google_cver=1

45 B
446 B

270ms
264ms

Image
image/gif

125.56.225.45
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESELUH_dFWhV6D9LI9k-KlYW8&google_cver=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol: H2
Server: 125.56.225.45 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a125-56-225-45.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 01:56:53 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 45
x-mnet-hl2: E
expires: Mon, 23 Jan 2023 01:56:53 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 Jan 2023 01:56:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESELUH_dFWhV6D9LI9k-KlYW8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cksync
cs.media.net/ Frame 2D9C
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=9e18fa23-91f0-4fea-a283-358a32a93a96

45 B
450 B

267ms
267ms

Image
image/gif

125.56.225.45
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?cs=1&type=ttd&ovsid=9e18fa23-91f0-4fea-a283-358a32a93a96
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol: H2
Server: 125.56.225.45 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a125-56-225-45.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 01:56:53 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 45
x-mnet-hl2: E
expires: Mon, 23 Jan 2023 01:56:53 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 Jan 2023 01:56:53 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cs.media.net/cksync?cs=1&type=ttd&ovsid=9e18fa23-91f0-4fea-a283-358a32a93a96
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 199

GET
H2

200

cksync.php
contextual.media.net/ Frame 2D9C
Redirect Chain

https://csync.loopme.me/?pubid=11498&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26ovsid%3D%7Bviewer_token%7D%26type%3Dloop
https://contextual.media.net/cksync.php?cs=1&ovsid=7f1bead9-895f-49e9-aee7-91218567dc39&type=loop&gdpr_consent=null&gdpr=0

45 B
466 B

258ms
257ms

Image
image/gif

23.213.140.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&ovsid=7f1bead9-895f-49e9-aee7-91218567dc39&type=loop&gdpr_consent=null&gdpr=0

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1

Protocol

Server

23.213.140.31 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 23 Jan 2023 01:56:54 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 45
x-mnet-hl2: E
expires: Mon, 23 Jan 2023 01:56:54 GMT

Redirect headers

location: https://contextual.media.net/cksync.php?cs=1&ovsid=7f1bead9-895f-49e9-aee7-91218567dc39&type=loop&gdpr_consent=null&gdpr=0
date: Mon, 23 Jan 2023 01:56:53 GMT
server: _
content-length: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame AD30
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBpEBvYMsgvJ9lx1oat8Gmc&google_cver=1&google_push=Aa02lx_B3Nx9qwrcjdwCHBLP-oiPzb4vZ9psuG0bIAXqeOiFqLik080MXHYmVRK7W1x9adE_n3s6AjgmGwHtlBnony3XTbpU3KBk3...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzQ3Njg3MDExMjc0OTk4ODk0MA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHjhJwI9vAhBx8H3DTy2UCI&google_cver=1

43 B
398 B

756ms
264ms

Image
image/gif

50.116.239.135
TURN-US-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHjhJwI9vAhBx8H3DTy2UCI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&h=250&slotname=4103433139&adk=402904232&adf=2068165500&pi=t.ma~as.4103433139&w=300&lmt=1674439010&format=300x250&url=https%3A%2F%2Fwww.edocr.com%2Fv%2F857bqmz0%2Fannabalkerrin%2Fmojang-bans-brands-from-building-minecraft-promo-m&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674439010721&bpp=1&bdt=3465&idt=0&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D49d499d0f3ab225f-22cf164263d900bf%3AT%3D1674439010%3ART%3D1674439010%3AS%3DALNI_MYTL8LI_JLLHHp3mrCYKWv2untnBg&gpic=UID%3D00000baaf93c19c3%3AT%3D1674439010%3ART%3D1674439010%3AS%3DALNI_Mbi3ReUM29FM0lKIhWoODRT4cRHig&prev_fmts=0x0%2C350x250%2C120x600&nras=1&correlator=5835459438035&frm=20&pv=1&ga_vid=695047994.1674439008&ga_sid=1674439010&ga_hid=898922709&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1270&ady=236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44781117%2C31071663&oid=2&pvsid=188906562703787&tmod=1144356411&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=Zz4OkDFDv7&p=https%3A//www.edocr.com&dtd=43
Protocol: H2
Server: 50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 23 Jan 2023 01:56:54 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 23 Jan 2023 01:56:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHjhJwI9vAhBx8H3DTy2UCI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD30
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHMTSn0O-2fG-D_nJm3HbBA&google_cver=1&google_push=Aa02lx9oQ-VLk5K85sUGBzUdTO8N4CWVJ_PTiF8LyBU2Cr4IwgSb1mb42oC2StJDBZCrN1gBT56rxigmSuoGvT4SNXyi...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEHMTSn0O-2fG-D_nJm3HbBA&google_cver=1&google_push=Aa02lx9oQ-VLk5K85sUGBzUdTO8N4CWVJ_PTiF8LyBU2Cr4IwgSb1mb42oC2StJDBZCrN1gBT56rxigmSuoGvT...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9oQ-VLk5K85sUGBzUdTO8N4CWVJ_PTiF8LyBU2Cr4IwgSb1mb42oC2StJDBZCrN1gBT56rxigmSuoGvT4SNXyiZKA8EXQUqFgvLm_f0oLHAjf97Q_6_PlJv12XelCwc_...

170 B
188 B

277ms
276ms

Image
image/png

142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9oQ-VLk5K85sUGBzUdTO8N4CWVJ_PTiF8LyBU2Cr4IwgSb1mb42oC2StJDBZCrN1gBT56rxigmSuoGvT4SNXyiZKA8EXQUqFgvLm_f0oLHAjf97Q_6_PlJv12XelCwc_2v2D4lTbEmvA&google_hm=3Yd-Oa-AQwWJaKQaZBXGqA==

Requested by

Protocol

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 01:56:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9oQ-VLk5K85sUGBzUdTO8N4CWVJ_PTiF8LyBU2Cr4IwgSb1mb42oC2StJDBZCrN1gBT56rxigmSuoGvT4SNXyiZKA8EXQUqFgvLm_f0oLHAjf97Q_6_PlJv12XelCwc_2v2D4lTbEmvA&google_hm=3Yd-Oa-AQwWJaKQaZBXGqA==
Date: Mon, 23 Jan 2023 01:56:53 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD30
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMJP1tNfnK2pi7iMCZluYWs&google_cver=1&google_push=Aa02lx-NtRANudYIlIkq03pIOKCd455pwdChJdUsBxpSS2Hv6UXFyMbHhjoHHb2avokwImiXi_3fNtuNT1XIEH6aXXRHNon...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx-NtRANudYIlIkq03pIOKCd455pwdChJdUsBxpSS2Hv6UXFyMbHhjoHHb2avokwImiXi_3fNtuNT1XIEH6aXXRHNonEcWlshkkFkdF5ZKZ4-zUkP0ebBcxbINz-zPVVU...

170 B
188 B

277ms
276ms

Image
image/png

142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx-NtRANudYIlIkq03pIOKCd455pwdChJdUsBxpSS2Hv6UXFyMbHhjoHHb2avokwImiXi_3fNtuNT1XIEH6aXXRHNonEcWlshkkFkdF5ZKZ4-zUkP0ebBcxbINz-zPVVUL-88QH2bnVJ&google_hm=eS1MeVRVaTRKRTJwRTZQU0tHbGtyM0xaV1NrLmFRSXpVa35B

Requested by

Protocol

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 01:56:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 23 Jan 2023 01:56:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx-NtRANudYIlIkq03pIOKCd455pwdChJdUsBxpSS2Hv6UXFyMbHhjoHHb2avokwImiXi_3fNtuNT1XIEH6aXXRHNonEcWlshkkFkdF5ZKZ4-zUkP0ebBcxbINz-zPVVUL-88QH2bnVJ&google_hm=eS1MeVRVaTRKRTJwRTZQU0tHbGtyM0xaV1NrLmFRSXpVa35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD30
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=uPAKnHPsRJynWwn10FWZ0Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

278ms
277ms

Image
image/png

142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=uPAKnHPsRJynWwn10FWZ0Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx9cVb9HtC3Jd9hjzH6G8CqCSxl3B-Xwjb_EgYxd89KycAL6T6OLzWy-uHN0kmJAdUL2fk8awb_rfpYD0iIqEJOwqOvCTnTyWtuTRXKzDVsIR21JLBTR0FFmuD5ZvtTOtgtjclyfyoy1

Requested by

Protocol

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 01:56:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=uPAKnHPsRJynWwn10FWZ0Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx9cVb9HtC3Jd9hjzH6G8CqCSxl3B-Xwjb_EgYxd89KycAL6T6OLzWy-uHN0kmJAdUL2fk8awb_rfpYD0iIqEJOwqOvCTnTyWtuTRXKzDVsIR21JLBTR0FFmuD5ZvtTOtgtjclyfyoy1
date: Mon, 23 Jan 2023 01:56:53 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD30
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAC6fBhunNd4m2rjafUfvaE&google_cver=1&google_push=Aa02lx8W6obvSwznTzPF_Knu7s7zD1GHVKlKyBmnzu4v6NQxAddQZerjZLzNS7BxFUo4rcgtZA4...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQ4NVI4MTctRy02U09F&google_push=Aa02lx8W6obvSwznTzPF_Knu7s7zD1GHVKlKyBmnzu4v6NQxAddQZerjZLzNS7BxFUo4rcgtZA4YrRP6Lc1K0CJ3-ZxAs4YTi6PFH9TM2...

170 B
188 B

276ms
276ms

Image
image/png

142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQ4NVI4MTctRy02U09F&google_push=Aa02lx8W6obvSwznTzPF_Knu7s7zD1GHVKlKyBmnzu4v6NQxAddQZerjZLzNS7BxFUo4rcgtZA4YrRP6Lc1K0CJ3-ZxAs4YTi6PFH9TM2B5khNqJS4v-cXpFCVj-LJcWdPiijycSRRxrO42-Cw

Requested by

Protocol

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 01:56:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQ4NVI4MTctRy02U09F&google_push=Aa02lx8W6obvSwznTzPF_Knu7s7zD1GHVKlKyBmnzu4v6NQxAddQZerjZLzNS7BxFUo4rcgtZA4YrRP6Lc1K0CJ3-ZxAs4YTi6PFH9TM2B5khNqJS4v-cXpFCVj-LJcWdPiijycSRRxrO42-Cw
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: dedf7fc216a5bbc739a54325e875a79f
Expires: 0

GET pub
cs.chocolateplatform.com/ Frame AD30 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD30
Redirect Chain

https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEM7bvrWMOEfxCTIUT5v2I-o&google_cver=1&google_push=Aa02lx--F_sqotPhLN-fzDGbHH--yFcCYDbfTtnTgLRhf0sFf3n8j3Cv5FiaFgMI...
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEM7bvrWMOEfxCTIUT5v2I-o&google_cver=1&google_push=Aa02lx--F_sqotPhLN-fzDGbHH--yFcCYDbfTtnTgLRhf0sFf3n8j3Cv5FiaFgMI...
https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=Aa02lx--F_sqotPhLN-fzDGbHH--yFcCYDbfTtnTgLRhf0sFf3n8j3Cv5FiaFgMIYWwegnPdQ1lHaNQjOL_KM3tRh9ZYJyNd-56lmUPS_UPWq2YC6S_awNZbillC_T...

170 B
188 B

277ms
277ms

Image
image/png

142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=Aa02lx--F_sqotPhLN-fzDGbHH--yFcCYDbfTtnTgLRhf0sFf3n8j3Cv5FiaFgMIYWwegnPdQ1lHaNQjOL_KM3tRh9ZYJyNd-56lmUPS_UPWq2YC6S_awNZbillC_TCL33_3hK6_O5-ZprMycA&google_hm=Nkk3cVRVaDQyMEc=&suid-set=1

Protocol

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 01:56:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 23 Jan 2023 01:56:56 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=Aa02lx--F_sqotPhLN-fzDGbHH--yFcCYDbfTtnTgLRhf0sFf3n8j3Cv5FiaFgMIYWwegnPdQ1lHaNQjOL_KM3tRh9ZYJyNd-56lmUPS_UPWq2YC6S_awNZbillC_TCL33_3hK6_O5-ZprMycA&google_hm=Nkk3cVRVaDQyMEc=&suid-set=1
Cache-Control: no-store,no-cache
Connection: close
Content-Length: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame AD30 0
50 B 274ms
274ms Image
text/html 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kk17G5Mxhu-YS6-9Pg1ccjg8osfcuxS3QKcdYN1oxY5bmCfDno4HhjvJezKTQFsy7B4uarqg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

a125-56-225-45.deploy.static.akamaitechnologies.com

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 01:56:52 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 59AD 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 59AD 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 59AD 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bql.php Show response
lg3.media.net/ Frame 59AD 15 B
159 B 247ms
247ms Script
text/html 125.56.225.45
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?vgd_len=5987&&&vgd_l2type=scs_newfl&fp=iqfz-5ChLfNJ3PKwIQCxzZdn59TmR6FBuYDOaZkWw_aCpWoBDQnbnd--y54D0_oW8RDcz3BCjXDFLaIvXAH6PAz7yK72EoqgGsBK7pIYdSS-hXimDW7uZNLySLejIA5M&cme=L2Y3tudRA1JoyE84FRv6V08yy54_WOfpIEJjywDHnlWj4zj86f1EH6RWZHq-9kKvXbDqBbSahGGRJ4gGrC1-b7aOtOR363L9tKu0Kk6v3FhwsfKtUp6K9vKKZw06OXoZTR2of2bEOy34ngEbEkCRiuNSw3fcLHm_BQjR433S2zD8UYm6lXiIuOPyivPcsFzPLapCQEoT1qXit91h95d48wshnzGZkPYx%7C%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Ce4umlsIcimV2dOuPw88-2MEZRrrHaPgfQB5JK-tpOcZHdEL1LZhku6OEAq83uQQ6wkBHB-X-3Pr3MjojsANDdxDFE7XlFsRZuHWVhP1UuGzScTbtAjOp7aZafxk1NA6W%7CYneT2kY-0RcBUFHyoJZGzTcsp8TMNFsNYVFYBbjnitZz930ZekYYxznwSx6C_ZpcETntGfxRrqBer9_9YyZOPzCc1rrJ12Yuhcn4tYcHqPPnbHOLBxUZA1gJiDsNsBJ-HvwqgtQnzws9D5yLYAs0JbluvOzIdXuWndUc07MzqTy57kSjjlEGIuuVDywfoz8R3KTJPTEdKXb7ufrb0VhH0XxWhJmPTJEU9z9yUzljloTM7Jb25ENaVCz3qYRdJZif%7Cu8A6SM53vAdJjhazCSusZAnIl_9HqKRb%7CJP1ouW2o_8ClpnCa3I7g21lZjI8-DfCb%7C&subBdr=99&bdrid=319&ksu=224&fdkt=240&vgde_kbbh=ffoyxQJuO&kwd[]=Cheap+Online+Advertising&kwt[]=240&kbc[]=68cd06cea3805a30171fed7650087e02.d2s&kwp[]=1&kid[]=5673642&kbc2[]=101%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D0.20%7C10%3D2.96%7C60%3D1.30%7C63%3D0.04%7C66%3D0.72%7C12%3D0.65%7C1%3D1.01%7C2%3D2.04%7Cps%3D0.539&ktd[]=274911854848&ktrkt[]=Cheap+Online+Advertising&kwd[]=Advertising+on+The+Web&kwt[]=240&kbc[]=68cd06cea3805a30171fed7650087e02.d2s&kwp[]=2&kid[]=1046260&kbc2[]=101%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D0.24%7C10%3D2.96%7C60%3D2.09%7C63%3D0.04%7C66%3D0.63%7C12%3D0.42%7C1%3D1.39%7C2%3D6.55%7Cps%3D0.539&ktd[]=274911854848&ktrkt[]=Advertising+on+The+Web&kwd[]=Local+Classified+Ads&kwt[]=240&kbc[]=68cd06cea3805a30171fed7650087e02.d2s&kwp[]=3&kid[]=17744755&kbc2[]=101%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D0.20%7C10%3D2.96%7C60%3D1.30%7C63%3D0.04%7C66%3D0.72%7C12%3D0.65%7C1%3D1.25%7C2%3D3.20%7Cps%3D0.539%7C3%3D0.03%7C4%3D1.00&ktd[]=274911854848&ktrkt[]=Local+Classified+Ads&kwd[]=Small+Business+Marketing&kwt[]=240&kbc[]=68cd06cea3805a30171fed7650087e02.d2s&kwp[]=4&kid[]=26316523&kbc2[]=101%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D0.24%7C10%3D2.96%7C60%3D1.19%7C63%3D0.04%7C66%3D0.63%7C12%3D0.26%7C1%3D1.03%7C2%3D7.37%7Cps%3D0.539%7C3%3D0.13%7C4%3D1.00&ktd[]=274911854848&ktrkt[]=Small+Business+Marketing&kwd[]=Business+Marketing+Tips&kwt[]=240&kbc[]=68cd06cea3805a30171fed7650087e02.d2s&kwp[]=5&kid[]=4597783&kbc2[]=101%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D0.24%7C10%3D2.96%7C60%3D1.19%7C63%3D0.04%7C66%3D0.63%7C12%3D0.26%7C1%3D0.81%7C2%3D4.82%7Cps%3D0.539%7C3%3D0.00%7C4%3D1.00&ktd[]=274911854848&ktrkt[]=Business+Marketing+Tips&v=1&geo=-36.85%7C174.77&dlper=20&lper=100&lpid=&tsid=1&hint=&cc=NZ&wsip=170774754&bca=0&ugd=4&vgde_setid=Nff&cid=8CUABW64L&vi=1674439011302431873&vsid=3174406127444805&tdAdd[]=asnum%3D137409&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_implt=3&vgd_cage=4&vgd_l3_sc=AUK&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=427170385&vgd_katbid=-103&vgd_pdtid=1&vgd_nrrv=79568&vgd_nrrmf=1000c80a&vgd_nrrsf=scrr&vgd_cty=auckland&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=11&vgd_l1rakh=1674439011163342462&tsrc=entity&sttm=1674439012558&upk=1674439013.8726&hvsid=00001674439012558019520744488171&verid=3111299&sbdrId=99&vgd_ecrid=1700080807683300300025000039600&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8POHZR87R&&abpl=2&&kbbq=%26asn%3D137409&&vgd_vstrid=3174406127444805&vgde_bdata=~G-MjJzvuHiF~GwEv9~G8Ov9.fF9~G-M1yjf1Mjv9~G-M1QzvuAhH9i~G-MNQv9~G-MONjv9.99u~G-MJEjvu~G-MJ-Ev9~G-My8zQxv9~G-M8z7YOv9~G-Mjf1Qv9~G-MjeYEv99999999999999999999999999999999999999999999999999~G-MLJkMxLjv%40TwlFyLKuBYS~G-MLwvHhr4gEdWqR~G-MLENv99999uu~G-MQ8lJvA99-fX9~G-M7MJz1GjJOv9~G-M7MJ-Ev9~G-M7Y1-vfX9~G-M7YjMQxkk8-vS~N875vKP%3DCTKIr~NUMkjvf~ONvyNEo1E1NoQJuoG~OYYMOuv9~OYYMOu9v9~OYYMOuuv9~OYYMOufvu~OYYMOuAv9~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhvu~OYYMOuWvWX~OYYMOuiv9999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9H~OYYMOfHvX~OYYMOfXvOJkMzJBMY7~OYYMOfFv9~OYYMOfhv9~OYYMOfWvX~OYYMOfiv9.99~OYYMOAv9~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOAivdQmzSG8OSyJ7aL7GDJQEmzQJ~OYYMOHvu9~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXv9~OYYMOXuv9~OYYMOXfv9.99~OYYMOXAv9999~OYYMOXFv9~OYYMOFv9~OYYMOhv9~OYYMOWv9~OYYMOiv9~OYYMjv9.9Hu~OYYMYuv9.fFH~OYYMYu9vu.999~OYYMYuuv9.iff~OYYMYufv9.FhF~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9uH~OYYMYuFv9.FHh~OYYMYuhvu.999~OYYMYfv9.9F9~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfWvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9u9~OYYMYAAv9.9AA~OYYMYAHvu.999~OYYMYAivfFi.999~OYYMYH9vfFi.999~OYYMYHAv9.HHX~OYYMYHHvu.99H~OYYMYHXvAF.999~OYYMYHFvFuAi.999~OYYMYHhvuAA.999~OYYMYHWvf99Wu.999~OYYMYXvu.9Xu~OYYMYXfv9.iA9~OYYMYFv9.WFf~OYYMYhv9.hHh~OYYMYivu.999~OYYMLv9.FHh~JMLEYv9.fFH~JLEYv9.fFH~wNv9n%2Bn9~8w1v9~875EJvKrt~LM8EvuuF.i9.hH.9~LMQNvI2oKPC~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8Ov1QB8k7MfMJ-E1zO~QyY7vJYE75~Q7Ov1QB8k7MfMJ-E1zO~eGLv9~e8Q8G8j875vu~QxEEj5M71yM8Ov~e8JB1G8j875v9.iA~1YEvu~NGOEv9.uuH~OYYvw1LYmz5~Qx8Ov%3DK4b4Z72h0F0Dm1W1K6UcZbuB79~QOvu~O7Nv1E1NMQy~-8OvKrtoExGoFiAAHFuiH9FfhFHu~O1jyvxz8Qmzuf~w7Yjvu~1OGjUvH9fi9HfAf~QmGEv~N7LvA.AfAFAiH4oH~GOEN1EOv9~OYYMJLEYv7LxJ~GkjLv9.9u9~myG8Ov9.fF9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov1QB8k7MfMJ-E1zO~OJ7JN7JOM71yM8Ov1QB8k7MfMJ-E1zO~ONx7vXX~OmyGv9ou~8GNvu~&vgd_bhv_kbb=-1&vgd_cfud=220926&vgd_scsver=385&vgd_optout=0&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=apac_sg&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A250&&vgd_uspa=0&vgd_l1rhst=contextual.media.net&hvsid=00001674439012558019520744488171&rc=0&rand=1674439013402&acid=1d2c0ecf0d5a408aaf54bc1f9febc520&matm=1674439013402&requrl=https://www.edocr.com/v/857bqmz0/annabalkerrin/mojang-bans-brands-from-building-minecraft-promo-m&vgd_ltimesrc=1&vgd_ltime=2075&vgd_rtime=2070&vgd_etm=18&vgd_l1hcsd=A31%7C522&vgd_l1ch=1&vgd_lhl=3614&vgd_pgid=p087761068t202301230156&vgd_adprefflag=11&vgd_csip=rtb-common-istio-78b794d67c-6hpsc.SG&vgd_sbSup=1&vgd_nrrs=79568&vgd_cntrdt=SF%7Cgoogleads.g.doubleclick.net&vgd_eadm=1&vgd_end=1

Requested by

Host: www.edocr.com
URL: https://www.edocr.com/v/857bqmz0/annabalkerrin/mojang-bans-brands-from-building-minecraft-promo-m

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

125.56.225.45 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=21600
date: Mon, 23 Jan 2023 01:56:53 GMT
server: Apache
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=30177
content-length: 15

GET
H2 200 log
hblg.media.net/ Frame ABBE 35 B
200 B 240ms
240ms Image
image/gif 125.56.225.45
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/log?log=kfk&evtid=adplog&&lper=1&itypeid=17&itype=ADX&cc=NZ&cid=8CU3SX34C&reqid=0eSuqlDPi_2ors0uxzIy5w&vid=0eSuqlDPi_2ors0uxzIy5w&dn=edocr.com&rawDn=edocr.com&pid=8PR113JGC&ugd=4&fleet=common-istio&requrl=https%3A%2F%2Fwww.edocr.com%2Fv%2F857bqmz0%2Fannabalkerrin%2Fmojang-bans-brands-from-building-minecraft-promo-m&cliIPType=v4&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=2&sc=NZ-AUK&ct=Auckland&pubid=pub-ADX-101418826937&tgtval=pub-ADX-101418826937&csip=rtb-common-istio-78b794d67c-6hpsc.SG&dtc=apac_sg&zone=b&sd=1&ptype=23&tmax=300&xtmax=290&gdpr=0&app=0&sat=1&device_id=4&asn=137409&sckfl=1&suid=CAESEGtZ7P6PRoa8aAJkMGS1wt0&smbrid=adx-1&usp_status=0&usp_enf=1&gqid=AGJvdde_Y9qfX5iZAyxkyGioQ7dyM1y6hOn9n3k7tDddx_CsiSh8biqE4rdO7PCDpi34X3Mq&pexid=ADX-pub-6933461940627641&geoll=false&is_ortb=false&s_ip=74.125.190.29&s_city=singapore&commit_id=97440901&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-01-20+00%3A00%3A00&schain_cmpl=1&dummy_vsid=false&amptype=1&second_call=false&supply_cc=NZ&ipcc=NZ&rtttime=22&pvid=319&prvAccId=866743147&prvApiId=8CUABW64L&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=427170385&prspt=headerBid&prvReqId=9457100050250_265197581_42717038513191&reqsize=300x250&size=300x250&chnl=HARMONY&bdp=0.260&cbdp=0.114&og_cbdp=0.260&ogbdp=0.26&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&cat=IAB-3&advUrl=https%3A%2F%2Ftopics.businessfocus.online%2F&dfpBd=0.114&dt=O&dbf=1&epc=866743147&s=1&snm=SUCCESS&pcrid=8CUABW64L-866743147-4-12&tpbTkn=false&exid=31&bidflr=0.010&pbidflr=0.010&opbidflr=0.010&spbf=0&viewability=93&slotVisibility=1&adpos=1&iframingState=0&sbdrid=99&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&mnrf=0&ortbseat=319&brsrclk=0&bidrestime=1674439011011&fpuReq=1&bfs=103&acsn=1&dmm_erpm=true&dmm_ogerpm=false&bcrid=1700080807683300300025000039600&strg=HARMONY&stagid=aswift_2_expand&vls=0&scrid=1700080807683300300025000039600&mang=1&pvdTmax=251&fpusp=false&ae=false&epcexp=false&moau=true&incentive_type=0&ucrid_ver=2&omid=0&apTags%3C%3E=75&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_epbc=8CUABW64L&mx_SPRIG=0&mx_bsBucket=0&mx_ssProfile=0&mx_int_dsp_id=32&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_sid=8CUABW64L&mx_SC=1&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=1&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_tgs=300x250&mx_bsProfileRa=0&mx_IAB2=0&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=0&mx_UCC=1&mx_isLossNtf=false&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=false&mx_commit_id=0ba9489b10&acid=1d2c0ecf0d5a408aaf54bc1f9febc520&rtime=7.0&wsip=mowx-istio-556f588569-2f8m5&ltime=14.0&act=headerBid&abs=0%7C0%7Cxtmax%3D290%7Cbrr%3D0&adtypes=0&adblk=402904232&impId=1&reftime=0&reftype=0&psrc=cid_abk_div&mowxReqId=1d2c0ecf0d5a408aaf54bc1f9febc520_1&policy_enf=2&pub_blk_enf=1&renderer=0&ifst=0&ifdp=0&media=0&native_asset=0&req_mtype%3C%3E=0&vcmplrt=-1.0&ctr=3.3236394E-4&ctr_vendor=EXCHANGE&rfc=-1&dfpDiv=aswift_2_expand&feedback_id=0eSuqlDPi_2ors0uxzIy5w&supplyTagId=402904232&mnrfc=-1&viewability_vendor=EXCHANGE&actltime=14&debug_ts=2023-01-23+01%3A56%3A51&__expireat=1674439611265&mview=1&rme=adm&bdata=~bx_len%3D1496~bhp%3D0~bid%3D0.260~bx_agl2a_l%3D0~bx_asn%3D137409~bx_cs%3D0~bx_dcl%3D0.001~bx_epl%3D1~bx_exp%3D0~bx_ginsu%3D0~bx_intmd%3D0~bx_l2as%3D0~bx_lvmp%3D00000000000000000000000000000000000000000000000000~bx_ref_url%3D%40Lhz6grA1wm%2F~bx_rh%3D47DEQpj8HB~bx_rpc%3D0000011~bx_size%3D300x250~bx_t_enabled%3D0~bx_t_exp%3D0~bx_tmax%3D250~bx_tml_suffix%3D%2F~city%3DAUCKLAND~ck_fl%3D2~dc%3Dgcp-apac-se1-b~dmm_d1%3D0~dmm_d10%3D0~dmm_d11%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D1~dmm_d18%3D85~dmm_d19%3D0000~dmm_d2%3DT~dmm_d21%3D-1~dmm_d22%3D0.04~dmm_d24%3D5~dmm_d25%3Ddef_new_mt~dmm_d26%3D0~dmm_d27%3D0~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d3%3D0~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d39%3Djson%2Fbid%2FgetOrtbResponse~dmm_d4%3D10~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~dmm_d5%3D0~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d53%3D0000~dmm_d56%3D0~dmm_d6%3D0~dmm_d7%3D0~dmm_d8%3D0~dmm_d9%3D0~dmm_l%3D0.041~dmm_m1%3D0.264~dmm_m10%3D1.000~dmm_m11%3D0.922~dmm_m12%3D0.676~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D1.014~dmm_m16%3D0.647~dmm_m17%3D1.000~dmm_m2%3D0.060~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m28%3D1.000~dmm_m29%3D1.000~dmm_m3%3D1.000~dmm_m30%3D1.000~dmm_m32%3D0.010~dmm_m33%3D0.033~dmm_m34%3D1.000~dmm_m39%3D269.000~dmm_m40%3D269.000~dmm_m43%3D0.445~dmm_m44%3D1.004~dmm_m45%3D36.000~dmm_m46%3D6139.000~dmm_m47%3D133.000~dmm_m48%3D20081.000~dmm_m5%3D1.051~dmm_m52%3D0.930~dmm_m6%3D0.862~dmm_m7%3D0.747~dmm_m9%3D1.000~dmm_r%3D0.647~e_rpm%3D0.264~erpm%3D0.264~hc%3D0%20%2B%200~iha%3D0~itype%3DADX~r_ip%3D116.90.74.0~r_sc%3DNZ-AUK~rbo%3D5_3~ref_cnt%3D0~seller_tag_id%3Daswift_2_expand~sgmt%3Dempty~std%3Daswift_2_expand~vbr%3D0~visibility%3D1~supply_tag_id%3D%7Eviewability%3D0.93%7Eamp%3D1%7Ecbdp%3D0.114%7Edmm%3Dharmony%7Esuid%3DCAESEGtZ7P6PRoa8aAJkMGS1wt0%7Esd%3D1%7Edtc%3Dapac_sg%7Exid%3DADX-pub-6933461940627641%7Edalg%3Dunison12%7Ehtml%3D1%7Eadblk%3D402904232%7Esobp%3D%7Ectr%3D3.3236394E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.260%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3Daswift_2_expand%7Edetected_tag_id%3Daswift_2_expand%7Edcut%3D55%7Edogb%3D0-1~ibc%3D1~&utime=1553&sf=0&cpr=0.2271058207531771&evttyp=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

125.56.225.45 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a125-56-225-45.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 01:56:53 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Mon, 23 Jan 2023 01:56:53 GMT

GET
H2 200 bqi.php
lg3.media.net/ Frame ABBE 15 B
15 B 241ms
241ms Image
text/html 125.56.225.45
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bqi.php?vgd_len=3827&lf=3&&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=427170385&vgd_l2type=scs_newfl&pid=8POHZR87R&katen=1&katbid=-103&cme=L2Y3tudRA1JoyE84FRv6V08yy54_WOfpIEJjywDHnlWj4zj86f1EH6RWZHq-9kKvXbDqBbSahGGRJ4gGrC1-b7aOtOR363L9tKu0Kk6v3FhwsfKtUp6K9vKKZw06OXoZTR2of2bEOy34ngEbEkCRiuNSw3fcLHm_BQjR433S2zD8UYm6lXiIuOPyivPcsFzPLapCQEoT1qXit91h95d48wshnzGZkPYx||dsA6EMpZ47R6ljdz__nQtthZoUpm2bb5|e4umlsIcimV2dOuPw88-2MEZRrrHaPgfQB5JK-tpOcZHdEL1LZhku6OEAq83uQQ6wkBHB-X-3Pr3MjojsANDdxDFE7XlFsRZuHWVhP1UuGzScTbtAjOp7aZafxk1NA6W|YneT2kY-0RcBUFHyoJZGzTcsp8TMNFsNYVFYBbjnitZz930ZekYYxznwSx6C_ZpcETntGfxRrqBer9_9YyZOPzCc1rrJ12Yuhcn4tYcHqPPnbHOLBxUZA1gJiDsNsBJ-HvwqgtQnzws9D5yLYAs0JbluvOzIdXuWndUc07MzqTy57kSjjlEGIuuVDywfoz8R3KTJPTEdKXb7ufrb0VhH0XxWhJmPTJEU9z9yUzljloTM7Jb25ENaVCz3qYRdJZif|u8A6SM53vAdJjhazCSusZAnIl_9HqKRb|JP1ouW2o_8ClpnCa3I7g21lZjI8-DfCb|&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=866743147&requrl=https%3A%2F%2Fwww.edocr.com%2Fv%2F857bqmz0%2Fannabalkerrin%2Fmojang-bans-brands-from-building-minecraft-promo-m&vi=1674439011302431873&ugd=4&cc=NZ&bdrid=319&subBdr=99&startTime=1674439012551&vgd_l1rakh=1674439011163342462&l1ch=1&tsrc=entity&sttm=1674439012558&upk=1674439013.8726&hvsid=00001674439012558019520744488171&acid=1d2c0ecf0d5a408aaf54bc1f9febc520&verid=3111299&vgd_bdata=~bx_len%3D1496~bhp%3D0~bid%3D0.260~bx_agl2a_l%3D0~bx_asn%3D137409~bx_cs%3D0~bx_dcl%3D0.001~bx_epl%3D1~bx_exp%3D0~bx_ginsu%3D0~bx_intmd%3D0~bx_l2as%3D0~bx_lvmp%3D00000000000000000000000000000000000000000000000000~bx_ref_url%3D%40Lhz6grA1wm%2F~bx_rh%3D47DEQpj8HB~bx_rpc%3D0000011~bx_size%3D300x250~bx_t_enabled%3D0~bx_t_exp%3D0~bx_tmax%3D250~bx_tml_suffix%3D%2F~city%3DAUCKLAND~ck_fl%3D2~dc%3Dgcp-apac-se1-b~dmm_d1%3D0~dmm_d10%3D0~dmm_d11%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D1~dmm_d18%3D85~dmm_d19%3D0000~dmm_d2%3DT~dmm_d21%3D-1~dmm_d22%3D0.04~dmm_d24%3D5~dmm_d25%3Ddef_new_mt~dmm_d26%3D0~dmm_d27%3D0~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d3%3D0~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d39%3Djson%2Fbid%2FgetOrtbResponse~dmm_d4%3D10~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~dmm_d5%3D0~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d53%3D0000~dmm_d56%3D0~dmm_d6%3D0~dmm_d7%3D0~dmm_d8%3D0~dmm_d9%3D0~dmm_l%3D0.041~dmm_m1%3D0.264~dmm_m10%3D1.000~dmm_m11%3D0.922~dmm_m12%3D0.676~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D1.014~dmm_m16%3D0.647~dmm_m17%3D1.000~dmm_m2%3D0.060~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m28%3D1.000~dmm_m29%3D1.000~dmm_m3%3D1.000~dmm_m30%3D1.000~dmm_m32%3D0.010~dmm_m33%3D0.033~dmm_m34%3D1.000~dmm_m39%3D269.000~dmm_m40%3D269.000~dmm_m43%3D0.445~dmm_m44%3D1.004~dmm_m45%3D36.000~dmm_m46%3D6139.000~dmm_m47%3D133.000~dmm_m48%3D20081.000~dmm_m5%3D1.051~dmm_m52%3D0.930~dmm_m6%3D0.862~dmm_m7%3D0.747~dmm_m9%3D1.000~dmm_r%3D0.647~e_rpm%3D0.264~erpm%3D0.264~hc%3D0%20%2B%200~iha%3D0~itype%3DADX~r_ip%3D116.90.74.0~r_sc%3DNZ-AUK~rbo%3D5_3~ref_cnt%3D0~seller_tag_id%3Daswift_2_expand~sgmt%3Dempty~std%3Daswift_2_expand~vbr%3D0~visibility%3D1~supply_tag_id%3D%7Eviewability%3D0.93%7Eamp%3D1%7Ecbdp%3D0.114%7Edmm%3Dharmony%7Esuid%3DCAESEGtZ7P6PRoa8aAJkMGS1wt0%7Esd%3D1%7Edtc%3Dapac_sg%7Exid%3DADX-pub-6933461940627641%7Edalg%3Dunison12%7Ehtml%3D1%7Eadblk%3D402904232%7Esobp%3D%7Ectr%3D3.3236394E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.260%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3Daswift_2_expand%7Edetected_tag_id%3Daswift_2_expand%7Edcut%3D55%7Edogb%3D0-1~ibc%3D1~&infr=1&twna=1&stime=1674439011351&vgd_ecrid=1700080807683300300025000039600&l1hcsd=l1!A31|522&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&pvl=%7B%22dtc%22%3A%22apac_sg%22%2C%22mbr%22%3A1%2C%22l1rpth%22%3A%22%2Fnmedianet.js%22%2C%22pgids%22%3A1%7D&vgd_fcm_enc_mis=1&vgd_pgid=p087761068t202301230156&vgd_pgids=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

125.56.225.45 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a125-56-225-45.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=21600
date: Mon, 23 Jan 2023 01:56:54 GMT
server: Apache
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=78587
content-length: 15

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 280ms
279ms XHR
application/json 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230118&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d8dcea5bfa07777da930857cf8454f5b89630c783ce3b61bc2e1a6b4022e062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.edocr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 01:56:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12366
x-xss-protection: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame ABBE 42 B
174 B 274ms
273ms Fetch
image/gif 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuhEzpStazN-GXdPzNSJzkS2fVt7CSKlOFoBSSTAigyttnkFaGFJiL0kP-ZoqxjBaw9Y4smBdIUjn4cIhY8piU_7W9d&sig=Cg0ArKJSzLlvGmZiIyNyEAE&cid=CAASFeRo09xPogkudkPxPqRUp1zO_bx_8w&id=lidar2&mcvt=1000&p=0,0,254,300&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230118&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&vu=1&app=0&itpl=20&adk=402904232&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674439010765&rpt=3036&met=mue&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 01:56:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 1156ms
1155ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.edocr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 01:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 23 Jan 2023 01:56:55 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D325 13 KB
5 KB 275ms
273ms Document
text/html 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edocr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

accept-ranges: bytes
age: 129962
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 21 Jan 2023 13:50:54 GMT
expires: Sun, 21 Jan 2024 13:50:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 17B9 783 B
1002 B 275ms
274ms Document
text/html 142.250.4.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f104.1e100.net

Software

GSE /

Resource Hash

38585a9e5d0bd2d53c2cc1c19e51480fb611ffd87eea5e7fabccdc62187132e5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-84zKmk4SuhEPeSoMJNk4Gw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.edocr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-84zKmk4SuhEPeSoMJNk4Gw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 01:56:56 GMT
expires: Mon, 23 Jan 2023 01:56:56 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 17B9 0
0 273ms
273ms Image
text/html 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230118&jk=188906562703787&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sm-in-f154.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js Show response
pagead2.googlesyndication.com/bg/ Frame D325 36 KB
16 KB 273ms
273ms Script
text/javascript 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS