www.edocr.com Open in urlscan Pro
23.22.36.110 Public Scan

Software

/ Express

Resource Hash

435d54be79181c486c58f9f0cf7b0afa18470b364f58ea30abbdc3209d026efe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

Connection: keep-alive
Content-Security-Policy: frame-ancestors 'none'
Referrer-Policy: origin-when-cross-origin
X-Content-Type-Options: nosniff
build-number: 3023
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 19 Jan 2023 10:29:35 GMT
etag: W/"13de-cm6xnzD2yAc8r6qHh08aJmpu5RQ"
strict-transport-security: max-age=31536000; includeSubDomains; preload
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: Express

Redirect headers

Connection: keep-alive
Content-Length: 146
Content-Security-Policy: frame-ancestors 'none'
Referrer-Policy: origin-when-cross-origin
X-Content-Type-Options: nosniff
build-number: 3023
content-type: text/html; charset=utf-8
date: Thu, 19 Jan 2023 10:29:34 GMT
location: /v/8qrxzgrd/gerrileebarnett/it-was-2022-at-the-time
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
x-powered-by: Express

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
49 KB 836ms
288ms Script
text/javascript 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6933461940627641

Requested by

Host: www.edocr.com
URL: https://www.edocr.com/v/8qrxzgrd/gerrileebarnett/it-was-2022-at-the-time

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

836d9d28112faf865b00c2ffe6ef7248a7503edcee7e9d54e00c131f011a38ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edocr.com/
Origin: https://www.edocr.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 10:29:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49514
x-xss-protection: 0
server: cafe
etag: 4042150458608498124
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 10:29:35 GMT

GET
H/1.1 200
OK main.00f291007fc7948c83c0.css
www.edocr.com/v/static/ 2 KB
2 KB 357ms
356ms Stylesheet
text/css 23.22.36.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edocr.com/v/static/main.00f291007fc7948c83c0.css

Requested by

Host: www.edocr.com
URL: https://www.edocr.com/v/8qrxzgrd/gerrileebarnett/it-was-2022-at-the-time

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.22.36.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

/ Express

Resource Hash

65e4e63638e9c69fe634cc25b595b20afe3e704f5eb8adf36a551e3c23a12ecf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.edocr.com/v/8qrxzgrd/gerrileebarnett/it-was-2022-at-the-time
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'none'
content-encoding: gzip
X-Content-Type-Options: nosniff
date: Thu, 19 Jan 2023 10:29:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-powered-by: Express
transfer-encoding: chunked
Connection: keep-alive
Referrer-Policy: origin-when-cross-origin
last-modified: Wed, 11 Jan 2023 18:41:17 GMT
etag: W/"814-185a222f0c8"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
build-number: 3023

GET
H/1.1 200
OK bundle.js Show response
www.edocr.com/v/static/ 5 MB
1 MB 720ms
720ms Script
application/javascript 23.22.36.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edocr.com/v/static/bundle.js

Requested by

Host: www.edocr.com
URL: https://www.edocr.com/v/8qrxzgrd/gerrileebarnett/it-was-2022-at-the-time

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.22.36.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

/ Express

Resource Hash

1deba4e06535548af4406e6a31869999f469ac0370d9519371c7b3c3719ba8b3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.edocr.com/v/8qrxzgrd/gerrileebarnett/it-was-2022-at-the-time
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'none'
content-encoding: gzip
X-Content-Type-Options: nosniff
date: Thu, 19 Jan 2023 10:29:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-powered-by: Express
transfer-encoding: chunked
Connection: keep-alive
Referrer-Policy: origin-when-cross-origin
last-modified: Wed, 11 Jan 2023 19:50:53 GMT
etag: W/"5652f1-185a262acaf"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
build-number: 3023

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 521ms
142ms Script
text/javascript 216.239.32.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.edocr.com
URL: https://www.edocr.com/v/8qrxzgrd/gerrileebarnett/it-was-2022-at-the-time

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.32.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.edocr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 19 Jan 2023 09:15:25 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4450
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20085
expires: Thu, 19 Jan 2023 11:15:25 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
206 B 238ms
237ms XHR
text/plain 216.239.32.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=210294767&t=pageview&_s=1&dl=https%3A%2F%2Fwww.edocr.com%2Fv%2F8qrxzgrd%2Fgerrileebarnett%2Fit-was-2022-at-the-time&ul=en-us&de=UTF-8&dt=It%20was%202022%2C%20at%20the%20Time%20%7C%20edocr&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=408955694&gjid=503609622&cid=1947020207.1674124176&tid=UA-160144-46&_gid=268211194.1674124176&_r=1&_slc=1&z=749312272

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.32.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.edocr.com/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 10:29:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.edocr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301040101/ 358 KB
118 KB 860ms
312ms Script
text/javascript 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301040101/show_ads_impl_fy2021.js?bust=31071641

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6933461940627641

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14bef40958ca9b98d93fa718fcd021565805f6f6e41ffdf919866d387b3387be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.edocr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 10:29:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120417
x-xss-protection: 0
server: cafe
etag: 2525554179294800679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 10:29:37 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230117/r20190131/ Frame BC2E 10 KB
5 KB 823ms
274ms Document
text/html 74.125.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230117/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6933461940627641

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edocr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

age: 41783
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 22:53:14 GMT
etag: 10353107486223812946
expires: Wed, 01 Feb 2023 22:53:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK 8qrxzgrd Show response
www.edocr.com/api-user/viewingSession/ 2 KB
2 KB 528ms
528ms XHR
application/json 23.22.36.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edocr.com/api-user/viewingSession/8qrxzgrd?isEmbed=undefined

Requested by

Host: www.edocr.com
URL: https://www.edocr.com/v/static/bundle.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.22.36.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a54247134b43242713e017c8bfc3191b6b229d4a087dc2e22f306a0661fe2e3a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.edocr.com/v/8qrxzgrd/gerrileebarnett/it-was-2022-at-the-time
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'none'
content-encoding: gzip
Referrer-Policy: origin-when-cross-origin
date: Thu, 19 Jan 2023 10:29:38 GMT
X-Content-Type-Options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: W/"8df-jD9BX/zI+pqeG3VYQQYkGFULigI"
vary: Accept-Encoding
transfer-encoding: chunked
content-type: application/json; charset=utf-8
access-control-allow-origin: *
Connection: keep-alive
build-number: 3023

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
693 B 825ms
276ms Script
text/javascript 172.217.194.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.edocr.com&callback=_gfp_s_&client=ca-pub-6933461940627641

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301040101/show_ads_impl_fy2021.js?bust=31071641

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f156.1e100.net

Software

cafe /

Resource Hash

bbbec502fac7770d4eacef4898336811190d4aa472380ab6915582f92d753243

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.edocr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 10:29:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 248
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.nz/adsid/ 107 B
792 B 822ms
275ms Script
application/javascript 142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.nz/adsid/integrator.js?domain=www.edocr.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301040101/show_ads_impl_fy2021.js?bust=31071641

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f155.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.edocr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 10:29:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 825ms
276ms Script
application/javascript 142.250.4.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.edocr.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301040101/show_ads_impl_fy2021.js?bust=31071641

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f156.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.edocr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 10:29:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 274ms
274ms Image
image/gif 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.edocr.com
URL: https://www.edocr.com/v/8qrxzgrd/gerrileebarnett/it-was-2022-at-the-time

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.edocr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 10:29:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 274ms
274ms Image
image/gif 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.edocr.com%2Fv%2F8qrxzgrd%2Fgerrileebarnett%2Fit-was-2022-at-the-time&tn=HEADER&cls=MuiPaper-root%20MuiAppBar-root%20MuiAppBar-positionFixed%20MuiAppBar-colorPrimary%20jss2%20mui-fixed%20MuiPaper-elevation4&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.edocr.com
URL: https://www.edocr.com/v/8qrxzgrd/gerrileebarnett/it-was-2022-at-the-time

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.edocr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 10:29:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DB57 0
188 B 388ms
387ms Document
text/html 74.125.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&adk=1812271804&adf=3025194257&lmt=1674124178&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.edocr.com%2Fv%2F8qrxzgrd%2Fgerrileebarnett%2Fit-was-2022-at-the-time&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674124176422&bpp=3&bdt=1245&idt=1860&shv=r20230117&mjsv=m202301040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3399320060279&frm=20&pv=2&ga_vid=1947020207.1674124176&ga_sid=1674124178&ga_hid=210294767&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071259%2C31071641%2C44779793&oid=2&pvsid=1530274202853281&tmod=913298073&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1881

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301040101/show_ads_impl_fy2021.js?bust=31071641

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edocr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 10:29:38 GMT
expires: Thu, 19 Jan 2023 10:29:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A88D 436 B
405 B 479ms
478ms Document
text/html 74.125.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&h=250&slotname=8628223775&adk=2306401753&adf=101418385&pi=t.ma~as.8628223775&w=350&lmt=1674124178&format=350x250&url=https%3A%2F%2Fwww.edocr.com%2Fv%2F8qrxzgrd%2Fgerrileebarnett%2Fit-was-2022-at-the-time&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674124178655&bpp=3&bdt=3479&idt=-M&shv=r20230117&mjsv=m202301040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3399320060279&frm=20&pv=1&ga_vid=1947020207.1674124176&ga_sid=1674124178&ga_hid=210294767&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-975&ady=474&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071259%2C31071641%2C44779793&oid=2&pvsid=1530274202853281&tmod=913298073&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PSjK6DOHJx&p=https%3A//www.edocr.com&dtd=28

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301040101/show_ads_impl_fy2021.js?bust=31071641

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4919a465b453bbdb6722404c9ff854b4c05be327b0bb8933165c6929f8db1e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edocr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 10:29:39 GMT
expires: Thu, 19 Jan 2023 10:29:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FF21 436 B
379 B 483ms
482ms Document
text/html 74.125.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&h=600&slotname=3952982610&adk=937441900&adf=725549100&pi=t.ma~as.3952982610&w=120&lmt=1674124178&format=120x600&url=https%3A%2F%2Fwww.edocr.com%2Fv%2F8qrxzgrd%2Fgerrileebarnett%2Fit-was-2022-at-the-time&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674124178655&bpp=1&bdt=3479&idt=-M&shv=r20230117&mjsv=m202301040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x250&nras=1&correlator=3399320060279&frm=20&pv=1&ga_vid=1947020207.1674124176&ga_sid=1674124178&ga_hid=210294767&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=25&ady=295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071259%2C31071641%2C44779793&oid=2&pvsid=1530274202853281&tmod=913298073&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Hh0gjZNx1m&p=https%3A//www.edocr.com&dtd=34

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301040101/show_ads_impl_fy2021.js?bust=31071641

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

967ae34985804f7c8d2a2ee3dbd83ad3989347398e2db2a2547955eacabe5a1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edocr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 10:29:39 GMT
expires: Thu, 19 Jan 2023 10:29:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0C0A 34 KB
15 KB 585ms
583ms Document
text/html 74.125.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&h=250&slotname=4103433139&adk=402904232&adf=1415591335&pi=t.ma~as.4103433139&w=300&lmt=1674124178&format=300x250&url=https%3A%2F%2Fwww.edocr.com%2Fv%2F8qrxzgrd%2Fgerrileebarnett%2Fit-was-2022-at-the-time&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674124178655&bpp=1&bdt=3479&idt=0&shv=r20230117&mjsv=m202301040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x250%2C120x600&nras=1&correlator=3399320060279&frm=20&pv=1&ga_vid=1947020207.1674124176&ga_sid=1674124178&ga_hid=210294767&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1270&ady=185&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071259%2C31071641%2C44779793&oid=2&pvsid=1530274202853281&tmod=913298073&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=ECS289zLrt&p=https%3A//www.edocr.com&dtd=38

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301040101/show_ads_impl_fy2021.js?bust=31071641

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c88f6ab6dff0303cc5da1c53e004f43bb16d806707c7165019e14cbd55863ea4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edocr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 15124
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 10:29:39 GMT
expires: Thu, 19 Jan 2023 10:29:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK restrictions Show response
www.edocr.com/pas/v2/ViewingSessions/oudKS0JPSlr59g8I3Xr8-aoHOhegvUlNoygE6muc96qJb3lZKKVJSSSDHRrJFt2XrHjaGNF6QzHetmhc2olphE3bI6PMhy8ZMgrCGgo05dv-WlsFOC9AEnM6YyqqiX8va7J9tHIJOp-PMVNZVSHaj2Goa6uY3eHv... 226 B
848 B 402ms
402ms XHR
application/json 23.22.36.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edocr.com/pas/v2/ViewingSessions/oudKS0JPSlr59g8I3Xr8-aoHOhegvUlNoygE6muc96qJb3lZKKVJSSSDHRrJFt2XrHjaGNF6QzHetmhc2olphE3bI6PMhy8ZMgrCGgo05dv-WlsFOC9AEnM6YyqqiX8va7J9tHIJOp-PMVNZVSHaj2Goa6uY3eHvMkwgIlXbUi8/restrictions

Requested by

Host: www.edocr.com
URL: https://www.edocr.com/v/static/bundle.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.22.36.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx /

Resource Hash

b1ba9fa4ad8fdf667f000a62ef0aebcd3b169d9e70a0e7079072471016139c68

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accusoft-Gid: oMr7GK7oaIzcl0v8FFPkZg
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Accusoft-Parent-Name: ViewerControl
Referer: https://www.edocr.com/v/8qrxzgrd/gerrileebarnett/it-was-2022-at-the-time
Accusoft-Parent-Pid: 0
Accusoft-Parent-Taskid: 0

Response headers

Content-Security-Policy: frame-ancestors 'none'
date: Thu, 19 Jan 2023 10:29:38 GMT
X-Content-Type-Options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
Connection: keep-alive
Content-Length: 226
pragma: no-cache
Referrer-Policy: origin-when-cross-origin
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: *
build-number: 3023
expires: -1

GET
H/1.1 200
OK clientFile Show response
www.edocr.com/pas/v2/viewingSessions/oudKS0JPSlr59g8I3Xr8-aoHOhegvUlNoygE6muc96qJb3lZKKVJSSSDHRrJFt2XrHjaGNF6QzHetmhc2olphE3bI6PMhy8ZMgrCGgo05dv-WlsFOC9AEnM6YyqqiX8va7J9tHIJOp-PMVNZVSHaj2Goa6uY3eHv... 3 KB
4 KB 396ms
396ms XHR
application/pdf 23.22.36.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edocr.com/pas/v2/viewingSessions/oudKS0JPSlr59g8I3Xr8-aoHOhegvUlNoygE6muc96qJb3lZKKVJSSSDHRrJFt2XrHjaGNF6QzHetmhc2olphE3bI6PMhy8ZMgrCGgo05dv-WlsFOC9AEnM6YyqqiX8va7J9tHIJOp-PMVNZVSHaj2Goa6uY3eHvMkwgIlXbUi8/clientFile?accept=pdf

Requested by

Host: www.edocr.com
URL: https://www.edocr.com/v/static/bundle.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.22.36.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx /

Resource Hash

23675e5582543a9821e91909c063bcfb4d16f4e2ec5aee42ca54417d4c209a4b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accusoft-Parent-Name: ViewerControl
Referer: https://www.edocr.com/v/8qrxzgrd/gerrileebarnett/it-was-2022-at-the-time
Accusoft-Gid: DNEPGeaBzxQAvWBp8vm2tQ
Accusoft-Parent-Pid: 0
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accusoft-Parent-Taskid: 0

Response headers

Content-Security-Policy: frame-ancestors 'none'
date: Thu, 19 Jan 2023 10:29:38 GMT
X-Content-Type-Options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
transfer-encoding: chunked
Connection: keep-alive
Referrer-Policy: origin-when-cross-origin
server: nginx
access-control-allow-methods: GET
content-type: application/pdf
access-control-allow-origin: *
cache-control: public, max-age=18000
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: *
build-number: 3023

GET
DATA 200
OK truncated
/ 1 KB
1 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b8657baaa6b95a17c934001c3338f3cdff05bf8ce67ffe25c3b7ab53cd580241

Request headers

Referer
Origin: https://www.edocr.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
BLOB 200
OK c4f072b9-362f-470f-b266-7ea9b53234e9
https://www.edocr.com/ 1 MB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.edocr.com/c4f072b9-362f-470f-b266-7ea9b53234e9
Requested by: Host: www.edocr.com
URL: https://www.edocr.com/v/8qrxzgrd/gerrileebarnett/it-was-2022-at-the-time
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 382bc641ce5c628902c7b373806537d7b93fa7fff3ae5774e3ed9241ceb614cc

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 1408036
Content-Type

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0C0A 0
0 285ms
285ms Fetch
text/html 74.125.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C77N_khvJY_-8NNnmgQPzqr-QCazX_fBktPaok-ILwI23ARABIABgq-yxheAYggEXY2EtcHViLTY5MzM0NjE5NDA2Mjc2NDHIAQmoAwGqBNkBT9AEB9BY9QWOvdN6CsclehjxSTjrrVFUoMWKVwtxEzV7AeQXVcGvrSnarwuTfqyzVKcEPJ4kPfWcY8vICyTnu-CeARp4Y2RDdBOHkDMtWelL4EU-PR3LJsdi0HZ26YY7hhRW1KERO2lzMMQmRjdJNQoeU1SXyz0_exZLVmbpgJ-pZOVMmNqyg8UhoJGkm2bcFPQzeU2YLhfLM4nBERPhu3j4-SfYgCm6aOqVEI_SOPNUTCNnzxppu2dpi2XzxinLywqBNRXaheJyLZiQoOlqOFfLcM6bTZjUYIAG2uKxnsqS9rs0oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNjkzMzQ2MTk0MDYyNzY0MRgA&sigh=NYVC1Dqfw8M&uach_m=[UACH]&cid=CAQSKQDq26N9pzenbHIkhER5QrBBRD-tpHHs3iaGZTrVZ43VUbSMOJb6KrHFGAEgEw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&h=250&slotname=4103433139&adk=402904232&adf=1415591335&pi=t.ma~as.4103433139&w=300&lmt=1674124178&format=300x250&url=https%3A%2F%2Fwww.edocr.com%2Fv%2F8qrxzgrd%2Fgerrileebarnett%2Fit-was-2022-at-the-time&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674124178655&bpp=1&bdt=3479&idt=0&shv=r20230117&mjsv=m202301040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x250%2C120x600&nras=1&correlator=3399320060279&frm=20&pv=1&ga_vid=1947020207.1674124176&ga_sid=1674124178&ga_hid=210294767&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1270&ady=185&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071259%2C31071641%2C44779793&oid=2&pvsid=1530274202853281&tmod=913298073&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=ECS289zLrt&p=https%3A//www.edocr.com&dtd=38

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&h=250&slotname=4103433139&adk=402904232&adf=1415591335&pi=t.ma~as.4103433139&w=300&lmt=1674124178&format=300x250&url=https%3A%2F%2Fwww.edocr.com%2Fv%2F8qrxzgrd%2Fgerrileebarnett%2Fit-was-2022-at-the-time&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674124178655&bpp=1&bdt=3479&idt=0&shv=r20230117&mjsv=m202301040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x250%2C120x600&nras=1&correlator=3399320060279&frm=20&pv=1&ga_vid=1947020207.1674124176&ga_sid=1674124178&ga_hid=210294767&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1270&ady=185&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071259%2C31071641%2C44779793&oid=2&pvsid=1530274202853281&tmod=913298073&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=ECS289zLrt&p=https%3A//www.edocr.com&dtd=38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 19 Jan 2023 10:29:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 log
hblg.media.net/ Frame 0C0A 35 B
0 772ms
241ms Fetch
image/gif 23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hblg.media.net/log?logid=kfk&evtid=l1log&acid=e26f2799e13048d9be6136f1d8038df0&bidrestime=1674124179027&cbdp=0.040&ogbdp=0.09&prvReqId=32976449169993_878644125_427170385191&pvid=9&scrid=1700080807683300300025000039600&size=300x250&slotVisibility=1&viewability=94&app=0&cc=NZ&cid=8CU3SX34C&csip=rtb-common-istio-6b4dc8b6d9-wm5lm.SG&device_id=4&dn=edocr.com&itype=ADX&mang=1&requrl=https%3A%2F%2Fwww.edocr.com%2Fv%2F8qrxzgrd%2Fgerrileebarnett%2Fit-was-2022-at-the-time&dtc=apac_sg&zone=b&commit_id=31198a14&ugd=4&ctr=4.742708E-4&rme=nurl

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.252.26 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-83-196-24.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 10:29:39 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Thu, 19 Jan 2023 10:29:39 GMT

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ Frame 0C0A 35 B
0 1273ms
418ms Fetch
image/gif 42.99.140.144
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=2&ss_d1=0&ogerpm=0.0000&ss_d2=0&stid=aswift_2_expand&other_prv=9&jar_err=&current_day=4.0&adtyp=0&req_id=PefjQBQXgBdZSFvmsiVYEA&bd_m3=0.0000&dmm_d36=NA&bidfp=0.0100&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=59.6682&exp=&deal_id=&fdbk_id=&second_bidder=*&search_res=56&floor_bucket=0.00&gpid_format=&seat=&rc=-1&size=300x250&url_l1=v&f_seg=&url_l2=8qrxzgrd&prdp=0.0396&ogcbdp=0.0900&dfpbd=0.0396&server=1&ogerpm_wd_bkt=0-1&model_version=202301190625_generic_adx_2-cid_2&viewability=0.9400&dmm_r=0.2220&cut=56&dmm_l=0.0400&as_cache=1&tcyerpm=&sc=NZ-AUK&send_erpm=true&dmm_m9=0.0000&sd=1&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.00&ugd_ver=&requrl=edocr.com%2Fv%2F8qrxzgrd%2Fgerrileebarnett%2Fit-was-2022-at-the-time%2F&bidrestime=1674124179027&cc=NZ&strg=harmony&ss=&current_hour=10&time_stamp=2023-01-19+10%3A29%3A39&model_key=generic_adx_2-cid_2&rvshhon=&mul_ratio=0.0000&bdp=0.0900&ct=Auckland&akey=&mnckfl=0&asn=137409&bdp_bucket=0.10&algo=unison12&dc=apac_sg&splid=&dim4=exploration&erpm_mult=1.000000&dn=edocr.com&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=e26f2799e13048d9be6136f1d8038df0&zone=b&infl=&o_ver=NT+10.0&br_ver=89.0.4389.72&bdmm_m6=0.8700&bdmm_m7=0.7140&bdmm_m5=1.0240&ver=9.1.3&totalTimeBucket=3&visibility=1&totalTime=3096040&dmm_m1=2023-01-19+10%3A29%3A39.029356104&e_rpm=0.0880&dmm_m22=0.0000&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.6360&cid=8CU3SX34C&bcrid=1700080807683300300025000039600&rawbid=0.0900&sub_bidder=0&pst=EMS&pbshr=100.0000&dmm_d10=0.0000&o_id=101&clisp=rtb-common-istio-6b4dc8b6d9-wm5lm.SG&dfp_bucket=0.0&adblk=402904232&itype=adx&pvid_seat=9&cliIP=1952074240&advurl=topics.businessfocus.online%2F&level_base=0&crid=427170385&sat=1&br_id=265&cut_bkt=55&gpid=&iwb=1&dmm_d22=0.03&second_bid=0.000000&sc_pvid=9&capd=0&other_bids=0.09
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&h=250&slotname=4103433139&adk=402904232&adf=1415591335&pi=t.ma~as.4103433139&w=300&lmt=1674124178&format=300x250&url=https%3A%2F%2Fwww.edocr.com%2Fv%2F8qrxzgrd%2Fgerrileebarnett%2Fit-was-2022-at-the-time&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674124178655&bpp=1&bdt=3479&idt=0&shv=r20230117&mjsv=m202301040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x250%2C120x600&nras=1&correlator=3399320060279&frm=20&pv=1&ga_vid=1947020207.1674124176&ga_sid=1674124178&ga_hid=210294767&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1270&ady=185&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071259%2C31071641%2C44779793&oid=2&pvsid=1530274202853281&tmod=913298073&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=ECS289zLrt&p=https%3A//www.edocr.com&dtd=38
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS: ip-42-99-140-144.pacnet.net
Software: /
Resource Hash

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Jan 2023 10:29:40 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Thu, 19 Jan 2023 10:29:40 GMT

GET
H2 200 nmedianet.js Show response
contextual.media.net/ Frame 0C0A 165 KB
57 KB 761ms
273ms Script
text/javascript 104.83.196.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nmedianet.js?cid=8CUABW64L

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.83.196.24 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

b564edfe3c2a4e3d8806e68141242897d1623b47215846bb335218cf7163601d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-mnt-h: 8-33
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 19 Jan 2023 10:29:40 GMT
server: Apache
etag: "24440668f7da2bdc866b399649696f84"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
x-mnt-w: 8-8
timing-allow-origin: *
expires: Thu, 19 Jan 2023 10:34:40 GMT

GET
H2 200 adperformance.js Show response
warp.media.net/rtb/resource/ Frame 0C0A 61 KB
62 KB 916ms
243ms Script
application/javascript 23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.252.26 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

nginx /

Resource Hash

3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=604800
date: Thu, 19 Jan 2023 10:29:40 GMT
server: nginx
content-type: application/javascript;charset=ISO-8859-1
cache-control: max-age=58555
access-control-allow-credentials: true
content-length: 62892
expires: Fri, 20 Jan 2023 02:45:35 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/ Frame 0C0A 3 KB
1 KB 277ms
276ms Script
text/javascript 172.253.118.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:54:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66892
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 15:54:48 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/ Frame 0C0A 18 KB
8 KB 821ms
273ms Script
text/javascript 172.253.118.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

a104-83-196-24.deploy.static.akamaitechnologies.com

Software

cafe /

Resource Hash

5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 20:30:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50328
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7515
x-xss-protection: 0
server: cafe
etag: 5914713042212191929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 20:30:52 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0C0A 0
0 864ms
315ms Image
text/html 74.125.68.105
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS-ICzckzhpLH7fkYnjwTbQ4Y9lcsqmWftU5meEUiYBcyV7w0awtY1Nd3aFn3TKNRWeazmuTgBzSg57R-juVQbDoAszzQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&h=250&slotname=4103433139&adk=402904232&adf=1415591335&pi=t.ma~as.4103433139&w=300&lmt=1674124178&format=300x250&url=https%3A%2F%2Fwww.edocr.com%2Fv%2F8qrxzgrd%2Fgerrileebarnett%2Fit-was-2022-at-the-time&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674124178655&bpp=1&bdt=3479&idt=0&shv=r20230117&mjsv=m202301040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x250%2C120x600&nras=1&correlator=3399320060279&frm=20&pv=1&ga_vid=1947020207.1674124176&ga_sid=1674124178&ga_hid=210294767&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1270&ady=185&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071259%2C31071641%2C44779793&oid=2&pvsid=1530274202853281&tmod=913298073&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=ECS289zLrt&p=https%3A//www.edocr.com&dtd=38
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.68.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sc-in-f105.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0C0A 157 KB
49 KB 1943ms
1388ms Script
text/javascript 142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f155.1e100.net

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 10:29:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 Jan 2023 10:29:42 GMT

GET
H2 200 smtr Show response
contextual.media.net/ Frame 0C0A 82 KB
30 KB 696ms
695ms Script
text/javascript 104.83.196.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CUABW64L&cpcd=ZNUXWKgjxAVr8bMpeLkZyA%3D%3D&crid=866743147&size=300x250&cc=NZ&chnm=HARMONY&pid=8POHZR87R&tpid=T1E3668&https=1&vif=2&requrl=https%3A%2F%2Fwww.edocr.com%2Fv%2F8qrxzgrd%2Fgerrileebarnett%2Fit-was-2022-at-the-time&nse=5&vi=1674124180218102467&lw=1&ugd=4&adt1=8CU3SX34C&adt2=427170385&itid=17&bae=B4xNBgNxxa&bcpf=B4xNBgN8fOnRrolnfOur8xxa&bdrId=9&ntv=0&sff=0&katpre=1&katbid=-103&pgid=p02125601074t202301191029&nb=1&cadomain=tzR-hLcl-L81q0bo4F7GnA3mMwDIDjC2d77KxBXphR-tzTzq2cANvQ%3D%3D

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUABW64L

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.83.196.24 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

da000ddf7bd2d7a0d57fcf3ff68830983c192fd7bff53c7afe33b0ed36ca8e8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 10:29:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, no-cache, no-store
x-sc-h: 21-6zfl
timing-allow-origin: *
content-length: 30167
expires: Thu, 19 Jan 2023 10:29:41 GMT

GET
H2 200 bping.php
lg3.media.net/ Frame 0C0A 15 B
15 B 248ms
243ms Image
text/html 23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=592&&vgd_cdv=852&vgd_cage=0&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=866743147&vi=1674124180218102467&ugd=4&lf=6&cc=NZ&lper=100&wsip=2886781036&r=1674124180608&requrl=https%3A%2F%2Fwww.edocr.com%2Fv%2F8qrxzgrd%2Fgerrileebarnett%2Fit-was-2022-at-the-time&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=137409&vgd_rakh=1674124179193670291&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=427170385&vgd_pgid=p02125601074t202301191029&vgd_pgids=1&vgd_uspa=0&hvsid=00001674124180605019520744367492&gdpr=0&vgd_l2type=scs_newfl&vgd_end=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.252.26 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-83-196-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=21600
date: Thu, 19 Jan 2023 10:29:40 GMT
server: Apache
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=58555
content-length: 15

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 3DCE 26 KB
10 KB 666ms
665ms Document
text/html 104.83.196.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.83.196.24 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

ba26847182ce506449affd38ee7ecc18fdeeae64b16067f8b2c0866ee7f854b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 9546
content-type: text/html; charset=UTF-8
date: Thu, 19 Jan 2023 10:29:41 GMT
expires: Sat, 21 Jan 2023 10:29:41 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 clog
hblg.media.net/ Frame 0C0A 35 B
199 B 243ms
242ms Image
image/gif 23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=5362&lper=1&itypeid=17&itype=ADX&cc=NZ&cid=8CU3SX34C&reqid=PefjQBQXgBdZSFvmsiVYEA&vid=PefjQBQXgBdZSFvmsiVYEA&dn=edocr.com&rawDn=edocr.com&pid=8PR113JGC&ugd=4&fleet=common-istio&requrl=https%3A%2F%2Fwww.edocr.com%2Fv%2F8qrxzgrd%2Fgerrileebarnett%2Fit-was-2022-at-the-time&cliIPType=v4&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=2&sc=NZ-AUK&ct=Auckland&pubid=pub-ADX-101418826937&tgtval=pub-ADX-101418826937&csip=rtb-common-istio-6b4dc8b6d9-wm5lm.SG&dtc=apac_sg&zone=b&sd=1&ptype=23&tmax=300&xtmax=290&gdpr=0&app=0&sat=1&device_id=4&asn=137409&sckfl=1&suid=CAESEJJjy3UUqYVrwAuT8cf0txE&smbrid=adx-1&usp_status=0&usp_enf=1&gqid=AGJvddcOasd421yRZIoLOyoNLpziBylKVNNNuIcGlJDzsO3K7EBe2PX1HAB5KPNhBBB6BuZr&pexid=ADX-pub-6933461940627641&geoll=false&is_ortb=false&s_ip=173.194.93.8&s_city=taipei&commit_id=31198a14&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-01-18+00%3A00%3A00&schain_cmpl=1&dummy_vsid=false&amptype=1&second_call=false&supply_cc=NZ&ipcc=NZ&rtttime=66&pvid=9&prvAccId=866743147&prvApiId=8CUABW64L&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=427170385&prspt=headerBid&prvReqId=32976449169993_878644125_427170385191&reqsize=300x250&size=300x250&chnl=HARMONY&bdp=0.090&cbdp=0.040&og_cbdp=0.090&ogbdp=0.09&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&cat=IAB-3&advUrl=https%3A%2F%2Ftopics.businessfocus.online%2F&dfpBd=0.040&dt=O&dbf=1&epc=866743147&s=1&snm=SUCCESS&pcrid=8CUABW64L-866743147-3-6&tpbTkn=false&exid=31&bidflr=0.010&pbidflr=0.010&opbidflr=0.010&spbf=0&viewability=94&slotVisibility=1&adpos=1&iframingState=0&sbdrid=99&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&mnrf=0&brsrclk=0&bidrestime=1674124179027&fpuReq=1&bfs=103&acsn=1&dmm_erpm=true&dmm_ogerpm=false&bcrid=1700080807683300300025000039600&strg=HARMONY&stagid=aswift_2_expand&vls=0&scrid=1700080807683300300025000039600&mang=1&pvdTmax=254&fpusp=false&ae=false&epcexp=false&moau=true&incentive_type=0&ucrid_ver=2&omid=0&apTags%3C%3E=75&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_epbc=8CUABW64L&mx_SPRIG=0&mx_bsBucket=0&mx_ssProfile=0&mx_int_dsp_id=32&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_SC=1&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=1&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_tgs=300x250&mx_bsProfileRa=0&mx_IAB2=0&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=0&mx_UCC=5&mx_isLossNtf=false&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=false&mx_commit_id=0ba9489b10&acid=e26f2799e13048d9be6136f1d8038df0&rtime=12.0&wsip=mowx-istio-556f588569-fg4jb&ltime=60.0&act=headerBid&abs=0%7C0%7Cxtmax%3D290%7Cbrr%3D0&adtypes=0&adblk=402904232&impId=1&reftime=0&reftype=0&psrc=cid_abk_div&mowxReqId=e26f2799e13048d9be6136f1d8038df0_1&policy_enf=2&pub_blk_enf=1&renderer=0&ifst=0&ifdp=0&media=0&native_asset=0&req_mtype%3C%3E=0&vcmplrt=-1.0&ctr=4.742708E-4&ctr_vendor=EXCHANGE&rfc=-1&dfpDiv=aswift_2_expand&feedback_id=PefjQBQXgBdZSFvmsiVYEA&supplyTagId=402904232&mnrfc=-1&viewability_vendor=EXCHANGE&actltime=61&debug_ts=2023-01-19+10%3A29%3A39&__expireat=1674124779281&mview=1&rme=adm&bdata=~bx_len%3D1411~seller_tag_id%3Daswift_2_expand~std%3Daswift_2_expand~itype%3DADX~visibility%3D1~city%3DAUCKLAND~ref_cnt%3D0~r_ip%3D116.90.74.0~r_sc%3DNZ-AUK~rbo%3D5_3~bx_rh%3D47DEQpj8HB~bx_asn%3D137409~dmm_d1%3D0~dmm_d2%3DT~dmm_d3%3D0~dmm_d4%3D10~dmm_d5%3D0~dmm_d6%3D0~dmm_d7%3D0~dmm_d8%3D0~dmm_d9%3D0~dmm_d10%3D0~dmm_d11%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D1~dmm_d18%3D85~dmm_d19%3D0000~dmm_d21%3D-1~dmm_d22%3D0.03~dmm_d24%3D5~dmm_d25%3Ddef_new_mt~dmm_d26%3D0~dmm_d27%3D0~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~hc%3D0%20%2B%200~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d53%3D0000~dmm_d56%3D0~sgmt%3Dempty~bx_rpc%3D0010011~bx_intmd%3D0~bx_ginsu%3D0~bx_cs%3D0~bx_size%3D300x250~bx_agl2a_l%3D0~bx_l2as%3D0~bx_t_enabled%3D0~bx_t_exp%3D0~bx_exp%3D0~bx_ref_url%3D%40Lhz6grA1wm%2F~bx_tml_suffix%3D%2F~bx_epl%3D1~bx_dcl%3D0.001~dmm_m52%3D0.940~iha%3D0~dmm_l%3D0.040~dmm_r%3D0.222~e_rpm%3D0.088~dmm_m1%3D0.088~dmm_m2%3D0.063~dmm_m3%3D1.000~dmm_m5%3D1.024~dmm_m6%3D0.870~dmm_m7%3D0.714~dmm_m9%3D1.000~dmm_m10%3D1.000~dmm_m11%3D0.922~dmm_m12%3D0.636~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D1.014~dmm_m16%3D0.222~dmm_m17%3D1.000~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m28%3D1.000~dmm_m29%3D1.000~dmm_m30%3D1.000~dmm_m32%3D0.010~dmm_m33%3D0.047~dmm_m34%3D1.000~dmm_m39%3D246.000~dmm_m40%3D246.000~dmm_m44%3D1.004~dmm_m45%3D36.000~dmm_m46%3D6139.000~dmm_m47%3D133.000~dmm_m48%3D19989.000~dc%3Dgcp-apac-se1-b~ck_fl%3D2~bhp%3D0~erpm%3D0.088~vbr%3D0~bid%3D0.090~dmm_d39%3D%2Fbid%2FgetExchangeResponse~supply_tag_id%3D%7Eviewability%3D0.94%7Eamp%3D1%7Ecbdp%3D0.040%7Edmm%3Dharmony%7Esuid%3DCAESEJJjy3UUqYVrwAuT8cf0txE%7Esd%3D1%7Edtc%3Dapac_sg%7Exid%3DADX-pub-6933461940627641%7Edalg%3Dunison12%7Ehtml%3D1%7Eadblk%3D402904232%7Esobp%3D%7Ectr%3D4.742708E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.010%7Eogbid%3D0.090%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3Daswift_2_expand%7Edetected_tag_id%3Daswift_2_expand%7Edcut%3D55%7Edogb%3D0-1~ibc%3D1~&utime=1566&sf=0&cpr=0.7965042680207925

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.252.26 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: max-age=3600
date: Thu, 19 Jan 2023 10:29:40 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
server: Apache
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=21600
content-length: 35
expires: Thu, 19 Jan 2023 16:29:40 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BFF8 1 KB
643 B 274ms
273ms Document
text/html 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

age: 78184
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 12:46:36 GMT
etag: 48472445140208031
expires: Thu, 19 Jan 2023 12:46:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0C0A 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8cb02bb89e9c01d6e9a463705bbda54319da5809b89eb35dbe98f2f2ceb0501c

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BFF8
Redirect Chain

https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESEFnPIQPDgXsFHj9WjujzFVs&google_cver=1&google_push=AavPq0MInlvWSOS0_v5d5zhhJcxNjJjImHdhs74Beht8VmPbobCsPWjg88wPG9zQ9JGjZRs6hFluI6fqq8cQzlw...
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTAzMDY5NjYxMzY&google_push=AavPq0MInlvWSOS0_v5d5zhhJcxNjJjImHdhs74Beht8VmPbobCsPWjg88wPG9zQ9JGjZRs6hFluI6fqq8cQzlwPJezhM...

170 B
232 B

277ms
277ms

Image
image/png

172.253.118.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTAzMDY5NjYxMzY&google_push=AavPq0MInlvWSOS0_v5d5zhhJcxNjJjImHdhs74Beht8VmPbobCsPWjg88wPG9zQ9JGjZRs6hFluI6fqq8cQzlwPJezhMqVZbpMsTQ8

Requested by

Protocol

Server

172.253.118.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 10:29:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTAzMDY5NjYxMzY&google_push=AavPq0MInlvWSOS0_v5d5zhhJcxNjJjImHdhs74Beht8VmPbobCsPWjg88wPG9zQ9JGjZRs6hFluI6fqq8cQzlwPJezhMqVZbpMsTQ8
Date: Thu, 19 Jan 2023 10:29:42 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BFF8
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEPWch4_Mdr0V5EJQKAtzQHY&google_cver=1&google_push=AavPq0N8xlsFqKZG7CFZOE_enDRxFagV0lwotFJfgQJNxsTjd0ukCfkxwxhYvaD1DPBwyuMrrJLiGxRmM8mZHNh...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=I38kEgqGTvt2c6GGbnWZmHRaSsQ&google_push=AavPq0N8xlsFqKZG7CFZOE_enDRxFagV0lwotFJfgQJNxsTjd0ukCfkxwxhYvaD1DPBwyuMrrJLiGxRmM8mZHN...

170 B
232 B

276ms
276ms

Image
image/png

172.253.118.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=I38kEgqGTvt2c6GGbnWZmHRaSsQ&google_push=AavPq0N8xlsFqKZG7CFZOE_enDRxFagV0lwotFJfgQJNxsTjd0ukCfkxwxhYvaD1DPBwyuMrrJLiGxRmM8mZHNhhbHwaPRWt0AYelw

Requested by

Protocol

Server

172.253.118.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 10:29:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=I38kEgqGTvt2c6GGbnWZmHRaSsQ&google_push=AavPq0N8xlsFqKZG7CFZOE_enDRxFagV0lwotFJfgQJNxsTjd0ukCfkxwxhYvaD1DPBwyuMrrJLiGxRmM8mZHNhhbHwaPRWt0AYelw
Date: Thu, 19 Jan 2023 10:29:42 GMT
Connection: keep-alive
Content-Length: 244
Content-Type: text/html; charset=utf-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BFF8
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEODA7-MOjNLv7UlwHsmyXtI&google_cver=1&google_push=AavPq0PTJXkua8kcwbCp81Ygp46Mvh7raQ64FQHUQtzNHnP8fAdba-YXtozH0GyzmK8QuTRCjwOrJwW3oFPx8sBG...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=36a898f5&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AavPq0PTJXkua8kcwbCp81Ygp46Mvh7raQ64FQHUQtzNHnP8...

170 B
243 B

279ms
279ms

Image
image/png

172.253.118.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=36a898f5&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AavPq0PTJXkua8kcwbCp81Ygp46Mvh7raQ64FQHUQtzNHnP8fAdba-YXtozH0GyzmK8QuTRCjwOrJwW3oFPx8sBGFYb8yUmS5KVvFXU

Requested by

Protocol

Server

172.253.118.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 10:29:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 19 Jan 2023 10:29:41 GMT
via: 1.1 26d217ae6e701acdff710e730b58288a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: SIN2-P2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=36a898f5&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AavPq0PTJXkua8kcwbCp81Ygp46Mvh7raQ64FQHUQtzNHnP8fAdba-YXtozH0GyzmK8QuTRCjwOrJwW3oFPx8sBGFYb8yUmS5KVvFXU
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: HHpQ_iuZkRzhzT1g8MhUY_Yfondhrtdt46xS1xV490XX7LUdYSz12A==

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BFF8
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEN6WP0BvsjCQK5UFJ7tdomg&google_cver=1&google_push=AavPq0NXfGTqIQaXybajmL1NqjNX6-_QrWTYuoJfBRl8q69d7uklDGMyxtD5FnVPwrtbdu9U9JCJgiTyi4NVHz0tJsQvjoeNFLS...
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AavPq0NXfGTqIQaXybajmL1NqjNX6-_QrWTYuoJfBRl8q69d7uklDGMyxtD5FnVPwrtbdu9U9JCJgiTyi4NVHz0tJsQvjoeNFLSw-Po&google_hm=ZzFlNWEzNzFjNjI4N...

170 B
232 B

276ms
276ms

Image
image/png

172.253.118.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AavPq0NXfGTqIQaXybajmL1NqjNX6-_QrWTYuoJfBRl8q69d7uklDGMyxtD5FnVPwrtbdu9U9JCJgiTyi4NVHz0tJsQvjoeNFLSw-Po&google_hm=ZzFlNWEzNzFjNjI4NjllMjFlNzM=

Requested by

Protocol

Server

172.253.118.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 10:29:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Jan 2023 10:29:41 GMT
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AavPq0NXfGTqIQaXybajmL1NqjNX6-_QrWTYuoJfBRl8q69d7uklDGMyxtD5FnVPwrtbdu9U9JCJgiTyi4NVHz0tJsQvjoeNFLSw-Po&google_hm=ZzFlNWEzNzFjNjI4NjllMjFlNzM=
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET pub
cs.chocolateplatform.com/ Frame BFF8 0
0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BFF8
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEDhYD_pex2AbvnOEsGMqw7s&google_cver=1&google_push=AavPq0P3JmkV-gdTKYjkU1_GbPHYLjfS6T_qDds5IUsoglAuTAZXrrIEoF96j_FUn6WmX61qN5UwB...
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AavPq0P3JmkV-gdTKYjkU1_GbPHYLjfS6T_qDds5IUsoglAuTAZXrrIEoF96j_FUn6WmX61qN5UwBRg3-Stsl18-V3inaR_i6I3VOt8&google_hm=WThrYmxj...

170 B
232 B

277ms
277ms

Image
image/png

172.253.118.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AavPq0P3JmkV-gdTKYjkU1_GbPHYLjfS6T_qDds5IUsoglAuTAZXrrIEoF96j_FUn6WmX61qN5UwBRg3-Stsl18-V3inaR_i6I3VOt8&google_hm=WThrYmxjQ281c0VBQUdxUkhNa0FBQUFB

Requested by

Protocol

Server

172.253.118.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 10:29:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 0
Date: Thu, 19 Jan 2023 10:29:41 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESEDhYD_pex2AbvnOEsGMqw7s&google_cver=1&google_push=AavPq0P3JmkV-gdTKYjkU1_GbPHYLjfS6T_qDds5IUsoglAuTAZXrrIEoF96j_FUn6WmX61qN5UwBRg3-Stsl18-V3inaR_i6I3VOt8","cluster_id":0,"gdpr":false,"ipv4":"116.90.74.196","key":"Y8kblcCo5sEAAGqRHMkAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad418"}
X-SO-Key: Y8kblcCo5sEAAGqRHMkAAAAA
Server: nginx
X-SO-Upstream-ID: m-ad418
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AavPq0P3JmkV-gdTKYjkU1_GbPHYLjfS6T_qDds5IUsoglAuTAZXrrIEoF96j_FUn6WmX61qN5UwBRg3-Stsl18-V3inaR_i6I3VOt8&google_hm=WThrYmxjQ281c0VBQUdxUkhNa0FBQUFB
Cache-Control: private
X-SO-HostName: m-ad418.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 1
Content-Length: 0
X-SO-LB-Hostname: a-tgng40003.dc2p.scaleout.jp
X-SO-IP: 116.90.74.196

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BFF8
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESEDt513KxqUyqILoD7u_J0fE&google_cver=1&google_push=AavPq0Mxm9WD2iPrLpCZUwoHu3y9U1vFDOmlGrX_524OQzhy6grXK9VWWYDRzS3ypQjpHdqsMB8g6JRoFjJ89OJ5-cWUn7DTdEHv6Qw
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AavPq0Mxm9WD2iPrLpCZUwoHu3y9U1vFDOmlGrX_524OQzhy6grXK9VWWYDRzS3ypQjpHdqsMB8g6JRoFjJ89OJ5-cWUn7DTdEHv6Qw&google_hm=3d21bc972a730ba7...

170 B
232 B

278ms
277ms

Image
image/png

172.253.118.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AavPq0Mxm9WD2iPrLpCZUwoHu3y9U1vFDOmlGrX_524OQzhy6grXK9VWWYDRzS3ypQjpHdqsMB8g6JRoFjJ89OJ5-cWUn7DTdEHv6Qw&google_hm=3d21bc972a730ba7dcf9382e1e3af46c

Requested by

Protocol

Server

172.253.118.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 10:29:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AavPq0Mxm9WD2iPrLpCZUwoHu3y9U1vFDOmlGrX_524OQzhy6grXK9VWWYDRzS3ypQjpHdqsMB8g6JRoFjJ89OJ5-cWUn7DTdEHv6Qw&google_hm=3d21bc972a730ba7dcf9382e1e3af46c
date: Thu, 19 Jan 2023 10:29:41 GMT
content-type: text/html; charset=UTF-8
server: nginx
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame BFF8 0
232 B 823ms
274ms Image
text/html 172.253.118.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13La8L90xIkfrYeM9tupcUpXF2l0EQWVMPHCY6FyVnXI7s2aSQwakh9e81Ivt8df6EvIoRgz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

a104-83-196-24.deploy.static.akamaitechnologies.com

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 10:29:41 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

cksync
cs.media.net/ Frame 3DCE
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzE3MTI1NzgxNzQ0MzYyMjAwMFYxMA%3D%3D&google_sc=1
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEIY6zTZmoC0OBYpfkmwsCoQ&google_cver=1

45 B
446 B

266ms
265ms

Image
image/gif

23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEIY6zTZmoC0OBYpfkmwsCoQ&google_cver=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol: H2
Server: 23.36.252.26 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-252-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 10:29:42 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 45
x-mnet-hl2: E
expires: Thu, 19 Jan 2023 10:29:42 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Jan 2023 10:29:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEIY6zTZmoC0OBYpfkmwsCoQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cksync
cs.media.net/ Frame 3DCE
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=90e6a50c-0497-4205-918c-61977a6dfe2e

45 B
450 B

271ms
265ms

Image
image/gif

23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?cs=1&type=ttd&ovsid=90e6a50c-0497-4205-918c-61977a6dfe2e
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol: H2
Server: 23.36.252.26 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-252-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 10:29:42 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 45
x-mnet-hl2: E
expires: Thu, 19 Jan 2023 10:29:42 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Jan 2023 10:29:41 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cs.media.net/cksync?cs=1&type=ttd&ovsid=90e6a50c-0497-4205-918c-61977a6dfe2e
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 199

GET
H2

200

cksync.php
contextual.media.net/ Frame 3DCE
Redirect Chain

https://csync.loopme.me/?pubid=11498&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26ovsid%3D%7Bviewer_token%7D%26type%3Dloop
https://contextual.media.net/cksync.php?cs=1&ovsid=bffef011-1289-4e61-a641-6413348ed62f&type=loop&gdpr_consent=null&gdpr=0

45 B
465 B

281ms
281ms

Image
image/gif

104.83.196.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&ovsid=bffef011-1289-4e61-a641-6413348ed62f&type=loop&gdpr_consent=null&gdpr=0

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1

Protocol

Server

104.83.196.24 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 19 Jan 2023 10:29:42 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 45
x-mnet-hl2: E
expires: Thu, 19 Jan 2023 10:29:42 GMT

Redirect headers

location: https://contextual.media.net/cksync.php?cs=1&ovsid=bffef011-1289-4e61-a641-6413348ed62f&type=loop&gdpr_consent=null&gdpr=0
date: Thu, 19 Jan 2023 10:29:42 GMT
server: _
content-length: 0

GET
DATA 200
OK truncated
/ Frame A97A 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A97A 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A97A 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bql.php Show response
lg3.media.net/ Frame A97A 15 B
159 B 247ms
246ms Script
text/html 23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?vgd_len=5861&&&vgd_l2type=scs_newfl&fp=iqfz-5ChLfNJ3PKwIQCxzZdn59TmR6FBuYDOaZkWw_YYT7CwHBqQ4Gxhx9GPpCL2pyqlK6jaF8MXD6IzcD1SiKKLshq-qerYWDVfHi4qlG_vN00amp2JMjdVZ4rnbLG-&cme=ZwqthxoAZkMgw1VvV6cWm-MzKyjvGHebjPGL0rZUpXjZm5DkxjUrzdA2bgoOQoTN9xR4wcR74c_ACcHnJQnTZYsfPWmGlyE25ETtyA2vyizIm0FS2Q-UtenlPWpZMg82mNqOfTRt0rOA4RLdaXn9zKMfZ-IqdZkLRxPer9DFa9C_eFkWnB5XsOgvhDdjfYiShYg0dhvqWszLye0pHSeDI7NwaRTVZiKv%7C%7Cu8A6SM53vAdJjhazCSusZAnIl_9HqKRb%7CJP1ouW2o_8ClpnCa3I7g21lZjI8-DfCb%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7CvqpJFuMUfjkSbiUbtxUmIoY_pMixcOK8Wk0OzJLqcBFSO2sYY_Kg6wqCIDef7SCFZz5FfN9LIBG6jnxefjHbx6r09emCtUoxAtdkLFyjhig%3D%7CseddMFiEghig_o8cMFUpBBiE5ifI4IJ-3E06NMpSfE-O0ME4cLdlsyQEuBfWHI9ZsthVLGfbgkECkXOpXFX6-luNIfs9ALn_klhFmzu5PmzTu23fkFwRnPeHuGbdBBGxihi5_OSYhk6WhUETkipGDMBxYc3o7EFEhgQltx2QQNTd_Dm6kgQsGGUtnGH2-kiYWFWG0ScboTJyE3NnQk02aAp4SIcYrW8Gc5D__j5sjplM4krbu2TIjWrYFFRdH6G0Jr22-7xbXtc%3D%7C&subBdr=99&bdrid=9&ksu=224&fdkt=240&vgde_kbbh=fuoyxQBuG&kwd[]=Cheap+Online+Advertising&kwt[]=240&kbc[]=68cd06cea3805a30171fed7650087e02.d2s&kwp[]=1&kid[]=5673642&kbc2[]=101%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D0.21%7C10%3D3.84%7C66%3D0.63%7C63%3D0.11%7C60%3D1.01%7C12%3D0.45%7C1%3D0.77%7C2%3D1.78%7Cps%3D0.540&ktd[]=274911854848&ktrkt[]=Cheap+Online+Advertising&kwd[]=Advertising+on+The+Web&kwt[]=240&kbc[]=68cd06cea3805a30171fed7650087e02.d2s&kwp[]=2&kid[]=1046260&kbc2[]=101%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D0.38%7C10%3D3.84%7C66%3D0.67%7C63%3D0.11%7C60%3D4.21%7C12%3D1.23%7C1%3D2.96%7C2%3D10.03%7Cps%3D0.540&ktd[]=274911854848&ktrkt[]=Advertising+on+The+Web&kwd[]=Network+Security+Tools&kwt[]=240&kbc[]=68cd06cea3805a30171fed7650087e02.d2s&kwp[]=3&kid[]=20331279&kbc2[]=101%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D0.62%7C10%3D3.84%7C66%3D0.67%7C63%3D0.11%7C60%3D1.06%7C12%3D0.51%7C1%3D0.84%7C2%3D3.37%7Cps%3D0.540%7C3%3D1.97%7C4%3D1.00&ktd[]=274911854848&ktrkt[]=Network+Security+Tools&kwd[]=Internet+Marketing+SEO&kwt[]=240&kbc[]=68cd06cea3805a30171fed7650087e02.d2s&kwp[]=4&kid[]=15275131&kbc2[]=101%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D0.38%7C10%3D3.84%7C66%3D0.67%7C63%3D0.11%7C60%3D2.38%7C12%3D1.74%7C1%3D2.06%7C2%3D9.24%7Cps%3D0.540&ktd[]=274895077632&ktrkt[]=Internet+Marketing+SEO&kwd[]=Online+Advertising+Trends&kwt[]=240&kbc[]=68cd06cea3805a30171fed7650087e02.d2s&kwp[]=5&kid[]=21217912&kbc2[]=101%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D0.38%7C10%3D3.84%7C66%3D0.67%7C63%3D0.11%7C60%3D2.38%7C12%3D1.74%7C1%3D2.06%7C2%3D9.24%7Cps%3D0.540%7C3%3D0.06%7C4%3D1.00&ktd[]=274911854848&ktrkt[]=Online+Advertising+Trends&v=1&geo=-36.85%7C174.77&dlper=20&lper=100&lpid=&tsid=1&hint=&cc=NZ&wsip=170762594&bca=0&ugd=4&vgde_setid=Nfu&cid=8CUABW64L&vi=1674124180218102467&vsid=3171257807443608&tdAdd[]=asnum%3D137409&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_implt=3&vgd_cage=0&vgd_l3_sc=AUK&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=427170385&vgd_katbid=-103&vgd_pdtid=1&vgd_nrrv=79568&vgd_nrrmf=1000c80a&vgd_nrrsf=scrr&vgd_cty=auckland&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=11&vgd_l1rakh=1674124179193670291&tsrc=entity&sttm=1674124180605&upk=1674124181.8327&hvsid=00001674124180605019520744367492&verid=3111299&sbdrId=99&vgd_ecrid=1700080807683300300025000039600&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8POHZR87R&&abpl=2&&kbbq=%26asn%3D137409&&vgd_vstrid=3171257807443608&vgde_bdata=~G-MjJzvuHuu~QJjjJLM71yM8Ov1QB8k7MfMJ-E1zO~Q7Ov1QB8k7MfMJ-E1zO~875EJvKrt~e8Q8G8j875vu~N875vKP%3DCTKIr~LJkMNz7v9~LM8EvuuF.i9.hH.9~LMQNvI2oKPC~LGmvXMA~G-MLwvHhr4gEdWqR~G-M1QzvuAhH9i~OYYMOuv9~OYYMOfv_~OYYMOAv9~OYYMOHvu9~OYYMOXv9~OYYMOFv9~OYYMOhv9~OYYMOWv9~OYYMOiv9~OYYMOu9v9~OYYMOuuv9~OYYMOufvu~OYYMOuAv9~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhvu~OYYMOuWvWX~OYYMOuiv9999~OYYMOfuvou~OYYMOffv9.9A~OYYMOfHvX~OYYMOfXvOJkMzJBMY7~OYYMOfFv9~OYYMOfhv9~OYYMOfWvX~OYYMOfiv9.99~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~wNv9n%2Bn9~OYYMOXuv9~OYYMOXfv9.99~OYYMOXAv9999~OYYMOXFv9~QyY7vJYE75~G-MLENv99u99uu~G-M8z7YOv9~G-My8zQxv9~G-MNQv9~G-MQ8lJvA99-fX9~G-M1yjf1Mjv9~G-Mjf1Qv9~G-M7MJz1GjJOv9~G-M7MJ-Ev9~G-MJ-Ev9~G-MLJkMxLjv%40TwlFyLKuBYS~G-M7YjMQxkk8-vS~G-MJEjvu~G-MONjv9.99u~OYYMYXfv9.iH9~8w1v9~OYYMjv9.9H9~OYYMLv9.fff~JMLEYv9.9WW~OYYMYuv9.9WW~OYYMYfv9.9FA~OYYMYAvu.999~OYYMYXvu.9fH~OYYMYFv9.Wh9~OYYMYhv9.huH~OYYMYivu.999~OYYMYu9vu.999~OYYMYuuv9.iff~OYYMYufv9.FAF~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9uH~OYYMYuFv9.fff~OYYMYuhvu.999~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfWvu.999~OYYMYfivu.999~OYYMYA9vu.999~OYYMYAfv9.9u9~OYYMYAAv9.9Hh~OYYMYAHvu.999~OYYMYAivfHF.999~OYYMYH9vfHF.999~OYYMYHHvu.99H~OYYMYHXvAF.999~OYYMYHFvFuAi.999~OYYMYHhvuAA.999~OYYMYHWvuiiWi.999~ONvyNEo1E1NoQJuoG~NUMkjvf~GwEv9~JLEYv9.9WW~eGLv9~G8Ov9.9i9~OYYMOAivSG8OSyJ74-Nw1zyJDJQEmzQJ~QxEEj5M71yM8Ov~e8JB1G8j875v9.iH~1YEvu~NGOEv9.9H9~OYYvw1LYmz5~Qx8Ov%3DK4b466d5APP%203%2FLBKx_WNk97-4~QOvu~O7Nv1E1NMQy~-8OvKrtoExGoFiAAHFuiH9FfhFHu~O1jyvxz8Qmzuf~w7Yjvu~1OGjUvH9fi9HfAf~QmGEv~N7LvH.hHfh9W4oH~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9u9~myG8Ov9.9i9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov1QB8k7MfMJ-E1zO~OJ7JN7JOM71yM8Ov1QB8k7MfMJ-E1zO~ONx7vXX~OmyGv9ou~8GNvu~&vgd_bhv_kbb=-1&vgd_cfud=220926&vgd_scsver=385&vgd_optout=0&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=apac_sg&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A250&&vgd_uspa=0&vgd_l1rhst=contextual.media.net&hvsid=00001674124180605019520744367492&rc=0&rand=1674124181386&acid=e26f2799e13048d9be6136f1d8038df0&matm=1674124181386&requrl=https://www.edocr.com/v/8qrxzgrd/gerrileebarnett/it-was-2022-at-the-time&vgd_ltimesrc=1&vgd_ltime=2040&vgd_rtime=2032&vgd_etm=22&vgd_l1hcsd=A33%7C371&vgd_l1ch=1&vgd_lhl=3494&vgd_pgid=p02125601074t202301191029&vgd_adprefflag=11&vgd_csip=rtb-common-istio-6b4dc8b6d9-wm5lm.SG&vgd_sbSup=1&vgd_nrrs=79568&vgd_cntrdt=SF%7Cgoogleads.g.doubleclick.net&vgd_eadm=1&vgd_end=1

Requested by

Host: www.edocr.com
URL: https://www.edocr.com/v/8qrxzgrd/gerrileebarnett/it-was-2022-at-the-time

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.252.26 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=21600
date: Thu, 19 Jan 2023 10:29:41 GMT
server: Apache
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=14979
content-length: 15

GET
H2 200 log
hblg.media.net/ Frame 0C0A 35 B
200 B 242ms
242ms Image
image/gif 23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/log?log=kfk&evtid=adplog&&lper=1&itypeid=17&itype=ADX&cc=NZ&cid=8CU3SX34C&reqid=PefjQBQXgBdZSFvmsiVYEA&vid=PefjQBQXgBdZSFvmsiVYEA&dn=edocr.com&rawDn=edocr.com&pid=8PR113JGC&ugd=4&fleet=common-istio&requrl=https%3A%2F%2Fwww.edocr.com%2Fv%2F8qrxzgrd%2Fgerrileebarnett%2Fit-was-2022-at-the-time&cliIPType=v4&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=2&sc=NZ-AUK&ct=Auckland&pubid=pub-ADX-101418826937&tgtval=pub-ADX-101418826937&csip=rtb-common-istio-6b4dc8b6d9-wm5lm.SG&dtc=apac_sg&zone=b&sd=1&ptype=23&tmax=300&xtmax=290&gdpr=0&app=0&sat=1&device_id=4&asn=137409&sckfl=1&suid=CAESEJJjy3UUqYVrwAuT8cf0txE&smbrid=adx-1&usp_status=0&usp_enf=1&gqid=AGJvddcOasd421yRZIoLOyoNLpziBylKVNNNuIcGlJDzsO3K7EBe2PX1HAB5KPNhBBB6BuZr&pexid=ADX-pub-6933461940627641&geoll=false&is_ortb=false&s_ip=173.194.93.8&s_city=taipei&commit_id=31198a14&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-01-18+00%3A00%3A00&schain_cmpl=1&dummy_vsid=false&amptype=1&second_call=false&supply_cc=NZ&ipcc=NZ&rtttime=66&pvid=9&prvAccId=866743147&prvApiId=8CUABW64L&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=427170385&prspt=headerBid&prvReqId=32976449169993_878644125_427170385191&reqsize=300x250&size=300x250&chnl=HARMONY&bdp=0.090&cbdp=0.040&og_cbdp=0.090&ogbdp=0.09&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&cat=IAB-3&advUrl=https%3A%2F%2Ftopics.businessfocus.online%2F&dfpBd=0.040&dt=O&dbf=1&epc=866743147&s=1&snm=SUCCESS&pcrid=8CUABW64L-866743147-3-6&tpbTkn=false&exid=31&bidflr=0.010&pbidflr=0.010&opbidflr=0.010&spbf=0&viewability=94&slotVisibility=1&adpos=1&iframingState=0&sbdrid=99&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&mnrf=0&brsrclk=0&bidrestime=1674124179027&fpuReq=1&bfs=103&acsn=1&dmm_erpm=true&dmm_ogerpm=false&bcrid=1700080807683300300025000039600&strg=HARMONY&stagid=aswift_2_expand&vls=0&scrid=1700080807683300300025000039600&mang=1&pvdTmax=254&fpusp=false&ae=false&epcexp=false&moau=true&incentive_type=0&ucrid_ver=2&omid=0&apTags%3C%3E=75&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_epbc=8CUABW64L&mx_SPRIG=0&mx_bsBucket=0&mx_ssProfile=0&mx_int_dsp_id=32&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_SC=1&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=1&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_tgs=300x250&mx_bsProfileRa=0&mx_IAB2=0&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=0&mx_UCC=5&mx_isLossNtf=false&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=false&mx_commit_id=0ba9489b10&acid=e26f2799e13048d9be6136f1d8038df0&rtime=12.0&wsip=mowx-istio-556f588569-fg4jb&ltime=60.0&act=headerBid&abs=0%7C0%7Cxtmax%3D290%7Cbrr%3D0&adtypes=0&adblk=402904232&impId=1&reftime=0&reftype=0&psrc=cid_abk_div&mowxReqId=e26f2799e13048d9be6136f1d8038df0_1&policy_enf=2&pub_blk_enf=1&renderer=0&ifst=0&ifdp=0&media=0&native_asset=0&req_mtype%3C%3E=0&vcmplrt=-1.0&ctr=4.742708E-4&ctr_vendor=EXCHANGE&rfc=-1&dfpDiv=aswift_2_expand&feedback_id=PefjQBQXgBdZSFvmsiVYEA&supplyTagId=402904232&mnrfc=-1&viewability_vendor=EXCHANGE&actltime=61&debug_ts=2023-01-19+10%3A29%3A39&__expireat=1674124779281&mview=1&rme=adm&bdata=~bx_len%3D1411~seller_tag_id%3Daswift_2_expand~std%3Daswift_2_expand~itype%3DADX~visibility%3D1~city%3DAUCKLAND~ref_cnt%3D0~r_ip%3D116.90.74.0~r_sc%3DNZ-AUK~rbo%3D5_3~bx_rh%3D47DEQpj8HB~bx_asn%3D137409~dmm_d1%3D0~dmm_d2%3DT~dmm_d3%3D0~dmm_d4%3D10~dmm_d5%3D0~dmm_d6%3D0~dmm_d7%3D0~dmm_d8%3D0~dmm_d9%3D0~dmm_d10%3D0~dmm_d11%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D1~dmm_d18%3D85~dmm_d19%3D0000~dmm_d21%3D-1~dmm_d22%3D0.03~dmm_d24%3D5~dmm_d25%3Ddef_new_mt~dmm_d26%3D0~dmm_d27%3D0~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~hc%3D0%20%2B%200~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d53%3D0000~dmm_d56%3D0~sgmt%3Dempty~bx_rpc%3D0010011~bx_intmd%3D0~bx_ginsu%3D0~bx_cs%3D0~bx_size%3D300x250~bx_agl2a_l%3D0~bx_l2as%3D0~bx_t_enabled%3D0~bx_t_exp%3D0~bx_exp%3D0~bx_ref_url%3D%40Lhz6grA1wm%2F~bx_tml_suffix%3D%2F~bx_epl%3D1~bx_dcl%3D0.001~dmm_m52%3D0.940~iha%3D0~dmm_l%3D0.040~dmm_r%3D0.222~e_rpm%3D0.088~dmm_m1%3D0.088~dmm_m2%3D0.063~dmm_m3%3D1.000~dmm_m5%3D1.024~dmm_m6%3D0.870~dmm_m7%3D0.714~dmm_m9%3D1.000~dmm_m10%3D1.000~dmm_m11%3D0.922~dmm_m12%3D0.636~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D1.014~dmm_m16%3D0.222~dmm_m17%3D1.000~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m28%3D1.000~dmm_m29%3D1.000~dmm_m30%3D1.000~dmm_m32%3D0.010~dmm_m33%3D0.047~dmm_m34%3D1.000~dmm_m39%3D246.000~dmm_m40%3D246.000~dmm_m44%3D1.004~dmm_m45%3D36.000~dmm_m46%3D6139.000~dmm_m47%3D133.000~dmm_m48%3D19989.000~dc%3Dgcp-apac-se1-b~ck_fl%3D2~bhp%3D0~erpm%3D0.088~vbr%3D0~bid%3D0.090~dmm_d39%3D%2Fbid%2FgetExchangeResponse~supply_tag_id%3D%7Eviewability%3D0.94%7Eamp%3D1%7Ecbdp%3D0.040%7Edmm%3Dharmony%7Esuid%3DCAESEJJjy3UUqYVrwAuT8cf0txE%7Esd%3D1%7Edtc%3Dapac_sg%7Exid%3DADX-pub-6933461940627641%7Edalg%3Dunison12%7Ehtml%3D1%7Eadblk%3D402904232%7Esobp%3D%7Ectr%3D4.742708E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.010%7Eogbid%3D0.090%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3Daswift_2_expand%7Edetected_tag_id%3Daswift_2_expand%7Edcut%3D55%7Edogb%3D0-1~ibc%3D1~&utime=1566&sf=0&cpr=0.7965042680207925&evttyp=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.252.26 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 10:29:41 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Thu, 19 Jan 2023 10:29:41 GMT

GET
H2 200 bqi.php
lg3.media.net/ Frame 0C0A 15 B
15 B 245ms
245ms Image
text/html 23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bqi.php?vgd_len=3703&lf=3&&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=427170385&vgd_l2type=scs_newfl&pid=8POHZR87R&katen=1&katbid=-103&cme=ZwqthxoAZkMgw1VvV6cWm-MzKyjvGHebjPGL0rZUpXjZm5DkxjUrzdA2bgoOQoTN9xR4wcR74c_ACcHnJQnTZYsfPWmGlyE25ETtyA2vyizIm0FS2Q-UtenlPWpZMg82mNqOfTRt0rOA4RLdaXn9zKMfZ-IqdZkLRxPer9DFa9C_eFkWnB5XsOgvhDdjfYiShYg0dhvqWszLye0pHSeDI7NwaRTVZiKv||u8A6SM53vAdJjhazCSusZAnIl_9HqKRb|JP1ouW2o_8ClpnCa3I7g21lZjI8-DfCb|dsA6EMpZ47R6ljdz__nQtthZoUpm2bb5|vqpJFuMUfjkSbiUbtxUmIoY_pMixcOK8Wk0OzJLqcBFSO2sYY_Kg6wqCIDef7SCFZz5FfN9LIBG6jnxefjHbx6r09emCtUoxAtdkLFyjhig=|seddMFiEghig_o8cMFUpBBiE5ifI4IJ-3E06NMpSfE-O0ME4cLdlsyQEuBfWHI9ZsthVLGfbgkECkXOpXFX6-luNIfs9ALn_klhFmzu5PmzTu23fkFwRnPeHuGbdBBGxihi5_OSYhk6WhUETkipGDMBxYc3o7EFEhgQltx2QQNTd_Dm6kgQsGGUtnGH2-kiYWFWG0ScboTJyE3NnQk02aAp4SIcYrW8Gc5D__j5sjplM4krbu2TIjWrYFFRdH6G0Jr22-7xbXtc=|&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=866743147&requrl=https%3A%2F%2Fwww.edocr.com%2Fv%2F8qrxzgrd%2Fgerrileebarnett%2Fit-was-2022-at-the-time&vi=1674124180218102467&ugd=4&cc=NZ&bdrid=9&subBdr=99&startTime=1674124180598&vgd_l1rakh=1674124179193670291&l1ch=1&tsrc=entity&sttm=1674124180605&upk=1674124181.8327&hvsid=00001674124180605019520744367492&acid=e26f2799e13048d9be6136f1d8038df0&verid=3111299&vgd_bdata=~bx_len%3D1411~seller_tag_id%3Daswift_2_expand~std%3Daswift_2_expand~itype%3DADX~visibility%3D1~city%3DAUCKLAND~ref_cnt%3D0~r_ip%3D116.90.74.0~r_sc%3DNZ-AUK~rbo%3D5_3~bx_rh%3D47DEQpj8HB~bx_asn%3D137409~dmm_d1%3D0~dmm_d2%3DT~dmm_d3%3D0~dmm_d4%3D10~dmm_d5%3D0~dmm_d6%3D0~dmm_d7%3D0~dmm_d8%3D0~dmm_d9%3D0~dmm_d10%3D0~dmm_d11%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D1~dmm_d18%3D85~dmm_d19%3D0000~dmm_d21%3D-1~dmm_d22%3D0.03~dmm_d24%3D5~dmm_d25%3Ddef_new_mt~dmm_d26%3D0~dmm_d27%3D0~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~hc%3D0%20%2B%200~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d53%3D0000~dmm_d56%3D0~sgmt%3Dempty~bx_rpc%3D0010011~bx_intmd%3D0~bx_ginsu%3D0~bx_cs%3D0~bx_size%3D300x250~bx_agl2a_l%3D0~bx_l2as%3D0~bx_t_enabled%3D0~bx_t_exp%3D0~bx_exp%3D0~bx_ref_url%3D%40Lhz6grA1wm%2F~bx_tml_suffix%3D%2F~bx_epl%3D1~bx_dcl%3D0.001~dmm_m52%3D0.940~iha%3D0~dmm_l%3D0.040~dmm_r%3D0.222~e_rpm%3D0.088~dmm_m1%3D0.088~dmm_m2%3D0.063~dmm_m3%3D1.000~dmm_m5%3D1.024~dmm_m6%3D0.870~dmm_m7%3D0.714~dmm_m9%3D1.000~dmm_m10%3D1.000~dmm_m11%3D0.922~dmm_m12%3D0.636~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D1.014~dmm_m16%3D0.222~dmm_m17%3D1.000~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m28%3D1.000~dmm_m29%3D1.000~dmm_m30%3D1.000~dmm_m32%3D0.010~dmm_m33%3D0.047~dmm_m34%3D1.000~dmm_m39%3D246.000~dmm_m40%3D246.000~dmm_m44%3D1.004~dmm_m45%3D36.000~dmm_m46%3D6139.000~dmm_m47%3D133.000~dmm_m48%3D19989.000~dc%3Dgcp-apac-se1-b~ck_fl%3D2~bhp%3D0~erpm%3D0.088~vbr%3D0~bid%3D0.090~dmm_d39%3D%2Fbid%2FgetExchangeResponse~supply_tag_id%3D%7Eviewability%3D0.94%7Eamp%3D1%7Ecbdp%3D0.040%7Edmm%3Dharmony%7Esuid%3DCAESEJJjy3UUqYVrwAuT8cf0txE%7Esd%3D1%7Edtc%3Dapac_sg%7Exid%3DADX-pub-6933461940627641%7Edalg%3Dunison12%7Ehtml%3D1%7Eadblk%3D402904232%7Esobp%3D%7Ectr%3D4.742708E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.010%7Eogbid%3D0.090%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3Daswift_2_expand%7Edetected_tag_id%3Daswift_2_expand%7Edcut%3D55%7Edogb%3D0-1~ibc%3D1~&infr=1&twna=1&stime=1674124179380&vgd_ecrid=1700080807683300300025000039600&l1hcsd=l1!A33|371&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&pvl=%7B%22dtc%22%3A%22apac_sg%22%2C%22mbr%22%3A1%2C%22l1rpth%22%3A%22%2Fnmedianet.js%22%2C%22pgids%22%3A1%7D&vgd_fcm_enc_mis=1&vgd_pgid=p02125601074t202301191029&vgd_pgids=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.252.26 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=21600
date: Thu, 19 Jan 2023 10:29:42 GMT
server: Apache
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=58578
content-length: 15

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 283ms
282ms XHR
application/json 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230117&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301040101/show_ads_impl_fy2021.js?bust=31071641

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d91d9d7d412be6e639ec0cb0a3b588cd57bc69b55b8d26d6d77d297275d9b4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.edocr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 10:29:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12430
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 275ms
275ms Script
text/javascript 172.253.118.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301040101/show_ads_impl_fy2021.js?bust=31071641

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.edocr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 10:29:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 Jan 2023 10:29:43 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DF43 13 KB
5 KB 275ms
274ms Document
text/html 172.253.118.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edocr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

accept-ranges: bytes
age: 338541
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 15 Jan 2023 12:27:22 GMT
expires: Mon, 15 Jan 2024 12:27:22 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5F06 783 B
998 B 284ms
283ms Document
text/html 74.125.68.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f105.1e100.net

Software

GSE /

Resource Hash

112637bf89ef21d55fe99c6949e33eda72988f9a48f8af5229a054a2dda99c61

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mbx4J4sRuqmou_UsDrw8HA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.edocr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-mbx4J4sRuqmou_UsDrw8HA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 10:29:43 GMT
expires: Thu, 19 Jan 2023 10:29:43 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5F06 0
0 274ms
274ms Image
text/html 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230117&jk=1530274202853281&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sf-in-f154.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
pagead2.googlesyndication.com/bg/ Frame DF43 36 KB
16 KB 274ms
274ms Script
text/javascript 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS