paddyofegans.com Open in urlscan Pro
15.168.174.130 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://paddyofegans.com/
Submission: On November 26 via api (November 26th 2024, 9:14:18 pm UTC) from US — Scanned from JP

Summary HTTP 462 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 89 IPs in 13 countries across 66 domains to perform 462 HTTP transactions. The main IP is 15.168.174.130, located in Osaka, Japan and belongs to AMAZON-02, US. The main domain is paddyofegans.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on November 22nd 2024. Valid for: 3 months.

This is the only time paddyofegans.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	15.168.174.130 15.168.174.130	16509 (AMAZON-02) (AMAZON-02)
43	172.67.21.210 172.67.21.210	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4004:822::200a	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:820::200e	15169 (GOOGLE) (GOOGLE)
2	151.101.1.55 151.101.1.55	54113 (FASTLY) (FASTLY)
1	23.51.131.10 23.51.131.10	16625 (AKAMAI-AS) (AKAMAI-AS)
1	46.4.218.122 46.4.218.122	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
5	133.186.12.49 133.186.12.49	10010 (TOKAI TOK...) (TOKAI TOKAI Communications Corporation)
2	2606:4700::68... 2606:4700::6810:8041	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	104.19.129.76 104.19.129.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	163.181.129.201 163.181.129.201	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
2	13.200.1.252 13.200.1.252	16509 (AMAZON-02) (AMAZON-02)
1	104.238.220.6 104.238.220.6	23470 (RELIABLESITE) (RELIABLESITE)
1	172.67.189.45 172.67.189.45	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	139.99.126.163 139.99.126.163	16276 (OVH OVH SAS) (OVH OVH SAS)
5	23.32.225.140 23.32.225.140	16625 (AKAMAI-AS) (AKAMAI-AS)
9	151.101.195.52 151.101.195.52	54113 (FASTLY) (FASTLY)
1	172.67.135.246 172.67.135.246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:26a... 2600:9000:26a9:6c00:a:e047:754:f4a1	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:bdf::46 2620:1ec:bdf::46	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2404:6800:400... 2404:6800:4004:823::2002	15169 (GOOGLE) (GOOGLE)
2	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
13	51.79.154.29 51.79.154.29	16276 (OVH OVH SAS) (OVH OVH SAS)
2	119.63.193.220 119.63.193.220	38627 (BAIDUJP B...) (BAIDUJP Baidu)
2	3.163.218.21 3.163.218.21	16509 (AMAZON-02) (AMAZON-02)
1	34.36.214.49 34.36.214.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
61	142.250.196.130 142.250.196.130	15169 (GOOGLE) (GOOGLE)
3	13.249.153.39 13.249.153.39	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:221... 2600:9000:2218:a600:4:b37b:9440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:ff40	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	23.32.224.239 23.32.224.239	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a02:6ea0:d30... 2a02:6ea0:d300::33	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
1	151.101.3.52 151.101.3.52	54113 (FASTLY) (FASTLY)
6	2406:2600:4::1 2406:2600:4::1	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2 6	2406:2600:4::b 2406:2600:4::b	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
4	182.161.74.11 182.161.74.11	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
3	185.59.208.177 185.59.208.177	43541 (VSHOSTING...) (VSHOSTING VSHosting s.r.o.)
1	18.65.100.35 18.65.100.35	16509 (AMAZON-02) (AMAZON-02)
1	18.65.154.135 18.65.154.135	16509 (AMAZON-02) (AMAZON-02)
10	64.120.110.137 64.120.110.137	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD.)
10	69.173.158.92 69.173.158.92	26667 (RUBICONPR...) (RUBICONPROJECT)
36	2406:2600:4::12 2406:2600:4::12	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
19	103.43.90.149 103.43.90.149	29990 (ASN-APPNEX) (ASN-APPNEX)
9	207.65.34.79 207.65.34.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
7	35.156.62.221 35.156.62.221	16509 (AMAZON-02) (AMAZON-02)
11	69.173.158.65 69.173.158.65	26667 (RUBICONPR...) (RUBICONPROJECT)
9	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS RTB Marketing and Tech Services Ltd)
7	131.153.206.100 131.153.206.100	59210 (PHOENIXNA...) (PHOENIXNAP-AS-SG1 PhoenixNAP)
1	188.65.124.59 188.65.124.59	41690 (DAILYMOTI...) (DAILYMOTION Dailymotion S.A.)
1	139.99.126.164 139.99.126.164	16276 (OVH OVH SAS) (OVH OVH SAS)
1	172.67.68.240 172.67.68.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	142.250.196.98 142.250.196.98	15169 (GOOGLE) (GOOGLE)
12	2404:6800:400... 2404:6800:4004:80c::2001	15169 (GOOGLE) (GOOGLE)
3	52.196.7.28 52.196.7.28	16509 (AMAZON-02) (AMAZON-02)
4	23.106.127.34 23.106.127.34	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD.)
2	35.227.252.103 35.227.252.103	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	103.43.90.179 103.43.90.179	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2406:2600:4::c 2406:2600:4::c	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	34.1.195.200 34.1.195.200	15169 (GOOGLE) (GOOGLE)
1	184.27.209.254 184.27.209.254	16625 (AKAMAI-AS) (AKAMAI-AS)
3	172.175.38.6 172.175.38.6	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:204... 2600:9000:2047:9400:1:420f:ab00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.66.132 151.101.66.132	54113 (FASTLY) (FASTLY)
1	65.0.226.243 65.0.226.243	16509 (AMAZON-02) (AMAZON-02)
2	172.179.183.128 172.179.183.128	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	182.22.16.251 182.22.16.251	23816 (YAHOO Yah...) (YAHOO Yahoo Japan Corporation)
1	2600:9000:204... 2600:9000:2047:a800:10:b8e:a980:93a1	16509 (AMAZON-02) (AMAZON-02)
1	103.253.24.61 103.253.24.61	6939 (HURRICANE) (HURRICANE)
1	23.52.168.23 23.52.168.23	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
7	2404:6800:400... 2404:6800:4004:825::2001	15169 (GOOGLE) (GOOGLE)
2	192.229.237.180 192.229.237.180	15133 (EDGECAST) (EDGECAST)
1	23.106.127.161 23.106.127.161	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD.)
1	172.67.140.193 172.67.140.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.231.230.148 52.231.230.148	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.251.42.196 142.251.42.196	15169 (GOOGLE) (GOOGLE)
1	2600:140b:400... 2600:140b:400::172d:33d9	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
2 4	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	23.2.37.82 23.2.37.82	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	185.84.60.20 185.84.60.20	198622 (ADFORM Ad...) (ADFORM Adform A/S)
8	23.106.50.39 23.106.50.39	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD.)
1 2	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
2 2	54.249.189.79 54.249.189.79	16509 (AMAZON-02) (AMAZON-02)
2 2	74.214.196.131 74.214.196.131	19189 (PULSEPOINT) (PULSEPOINT)
5	43.129.34.52 43.129.34.52	() ()
1	2600:9000:221... 2600:9000:221d:9800:f:4f64:8940:93a1	() ()
1	131.153.206.102 131.153.206.102	() ()
2	35.71.131.137 35.71.131.137	() ()
1	23.33.32.129 23.33.32.129	() ()
1	151.101.65.108 151.101.65.108	() ()
1 1	80.77.87.161 80.77.87.161	() ()
2 2	182.161.74.16 182.161.74.16	() ()
1 1	45.137.176.88 45.137.176.88	() ()
3 3	35.213.7.90 35.213.7.90	() ()
2	2406:2600:4::2c 2406:2600:4::2c	() ()
462	89

7 15.168.174.130 (Osaka, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-168-174-130.ap-northeast-3.compute.amazonaws.com

paddyofegans.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 172.67.21.210 (United States)

ASN13335 (CLOUDFLARENET, US)

www.viva.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
data-rengine.viva.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:822::200a (Australia)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:820::200e (Australia)

ASN15169 (GOOGLE, US)

i4.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.55 (San Francisco, United States)

ASN54113 (FASTLY, US)

anymind360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.51.131.10 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-131-10.deploy.static.akamaitechnologies.com

micro.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.218.122 (Bad Muenstereifel, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.122.218.4.46.clients.your-server.de

fzgrpqktmq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 133.186.12.49 (Yokohama, Japan)

ASN10010 (TOKAI TOKAI Communications Corporation, JP)
PTR: p049.net133186012.broadline.ne.jp

cpt.geniee.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:8041 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.19.129.76 (None, )

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 163.181.129.201 (Tokyo, Japan)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

scripts.jixie.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.200.1.252 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-200-1-252.ap-south-1.compute.amazonaws.com

geo.dailymotion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.238.220.6 (Los Angeles, United States)

ASN23470 (RELIABLESITE, US)

i.postimg.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.189.45 (United States)

ASN13335 (CLOUDFLARENET, US)

tokojelly.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.99.126.163 (Singapore, Singapore)

ASN16276 (OVH OVH SAS, FR)
PTR: tinong247.vn

click.advertnative.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.32.225.140 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-225-140.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.195.52 (San Francisco, United States)

ASN54113 (FASTLY, US)

delivery.r2b2.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.135.246 (United States)

ASN13335 (CLOUDFLARENET, US)

sso.thevivanetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26a9:6c00:a:e047:754:f4a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::46 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:823::2002 (Australia)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 51.79.154.29 (Singapore, Singapore)

ASN16276 (OVH OVH SAS, FR)
PTR: ip29.ip-51-79-154.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 119.63.193.220 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

api.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.163.218.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-163-218-21.kix56.r.cloudfront.net

hb.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.36.214.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.214.36.34.bc.googleusercontent.com

pa.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

61 142.250.196.130 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s36-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.249.153.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-153-39.nrt51.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2218:a600:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)

rumcdn.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:ff40 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.32.224.239 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-224-239.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:d300::33 (Tokyo, Japan)

ASN60068 (CDN77 Datacamp Limited, GB)

topics.authorizedvault.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.3.52 (San Francisco, United States)

ASN54113 (FASTLY, US)

delivery.r2b2.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2406:2600:4::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2406:2600:4::b (Japan) 2 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 182.161.74.11 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.59.208.177 (Czech Republic)

ASN43541 (VSHOSTING VSHosting s.r.o., CZ)
PTR: webgarden-track-lb-ha.vshosting.cz

track.us.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.100.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-100-35.kix50.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.154.135 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-154-135.nrt51.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 64.120.110.137 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG)
PTR: ads.us.e-planning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 69.173.158.92 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2406:2600:4::12 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 103.43.90.149 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 608.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

r2b2-apac.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 207.65.34.79 (United States)

ASN62713 (AS-PUBMATIC, US)

openbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.156.62.221 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-62-221.eu-central-1.compute.amazonaws.com

hb.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS RTB Marketing and Tech Services Ltd, CY)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 131.153.206.100 (United States)

ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.65.124.59 (Paris, France)

ASN41690 (DAILYMOTION Dailymotion S.A., FR)
PTR: ebed2.dm.gg

pebed.dm-event.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.99.126.164 (Singapore, Singapore)

ASN16276 (OVH OVH SAS, FR)
PTR: ip164.ip-139-99-126.net

advertnative.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.68.240 (United States)

ASN13335 (CLOUDFLARENET, US)

api-rengine-stg.viva.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.196.98 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s35-in-f2.1e100.net

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2404:6800:4004:80c::2001 (Australia)

ASN15169 (GOOGLE, US)

711849abfba5b159000eb2dbe19c976f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0895f0aa2c467178304330755a52a8b5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8eae539367dce3dd3a72a46447c5a1ba.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c3b1732374ca94e347ee8dc574bf7695.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a298434c674fa411777e4938d023c5f6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0149f852a20148c48665bbfb5d8cb3f1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
258900d3f0256004d783bfc403da5710.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
79c873eb841a3c001651f4050b696596.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
488e4f192ad925b4a575ad2fc52cc3d3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
523d35f3b6d84a8f23c17db7b4f92b4b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
124e66e75d2bbd3ab7884a0aaef82fd2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
022d54c880901c78833bc7e5a486d0b8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.196.7.28 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-196-7-28.ap-northeast-1.compute.amazonaws.com

mweb-hb.presage.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ms-cookie-sync.presage.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.106.127.34 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG)

prg-apac.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www18.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.43.90.179 (Singapore, Singapore) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2600:4::c (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

grid-bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.1.195.200 (United States)

ASN15169 (GOOGLE, US)
PTR: 200.195.1.34.bc.googleusercontent.com

prebid.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.27.209.254 (Seattle, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-27-209-254.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.175.38.6 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

k.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2047:9400:1:420f:ab00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.contextads.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.132 (San Francisco, United States)

ASN54113 (FASTLY, US)

mv.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.0.226.243 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-65-0-226-243.ap-south-1.compute.amazonaws.com

cengineapi.contextads.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.179.183.128 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

mcdp-wndc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.22.16.251 (Japan)

ASN23816 (YAHOO Yahoo Japan Corporation, JP)

yads.c.yimg.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2047:a800:10:b8e:a980:93a1 (United States)

ASN16509 (AMAZON-02, US)

creative-p.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.253.24.61 (Singapore)

ASN6939 (HURRICANE, US)

shb.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.52.168.23 (United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-52-168-23.deploy.static.akamaitechnologies.com

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4004:825::2001 (Australia)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.237.180 (United States)

ASN15133 (EDGECAST, US)

ced-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.106.127.161 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG)

www18.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.140.193 (United States)

ASN13335 (CLOUDFLARENET, US)

js.content-rec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.231.230.148 (Busan, Korea, Republic Of) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.42.196 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:140b:400::172d:33d9 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

sync6.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.98.64.218 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

genieeintl-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adasia-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.2.37.82 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-2-37-82.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.84.60.20 (Denmark) 2 redirects

ASN198622 (ADFORM Adform A/S, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.106.50.39 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (San Francisco, United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.249.189.79 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-249-189-79.ap-northeast-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.214.196.131 (Sunnyvale, United States) 2 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 43.129.34.52 (None, )

ASN- ()

traid.jixie.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:221d:9800:f:4f64:8940:93a1 (None, )

ASN- ()

js.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 131.153.206.102 (None, )

ASN- ()

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (None, )

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.33.32.129 (None, )

ASN- ()

accounts.tokopedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (None, )

ASN- ()

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.77.87.161 (None, ) 1 redirects

ASN- ()

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 182.161.74.16 (None, ) 2 redirects

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.137.176.88 (None, ) 1 redirects

ASN- ()

sync.adotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.213.7.90 (None, ) 3 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:4::2c (None, )

ASN- ()

ssp-sync.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	doubleclick.net td.doubleclick.net — Cisco Umbrella Rank: 182 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218	189 KB
51	criteo.com 4 redirects gum.criteo.com — Cisco Umbrella Rank: 450 mug.criteo.com — Cisco Umbrella Rank: 3746 bidder.criteo.com — Cisco Umbrella Rank: 949 grid-bidder.criteo.com — Cisco Umbrella Rank: 1731 dis.criteo.com ssp-sync.criteo.com	12 KB
43	viva.co.id www.viva.co.id — Cisco Umbrella Rank: 128129 Failed data-rengine.viva.co.id — Cisco Umbrella Rank: 397426	286 KB
25	rubiconproject.com micro.rubiconproject.com — Cisco Umbrella Rank: 3385 prebid-server.rubiconproject.com — Cisco Umbrella Rank: 913 fastlane.rubiconproject.com — Cisco Umbrella Rank: 505 eus.rubiconproject.com — Cisco Umbrella Rank: 616	128 KB
22	adnxs.com 1 redirects r2b2-apac.adnxs.com — Cisco Umbrella Rank: 61871 ib.adnxs.com — Cisco Umbrella Rank: 281 acdn.adnxs.com secure.adnxs.com	26 KB
19	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 389 ep2.adtrafficquality.google — Cisco Umbrella Rank: 403 Failed	155 KB
13	smartadserver.com prg-apac.smartadserver.com — Cisco Umbrella Rank: 8519 www18.smartadserver.com — Cisco Umbrella Rank: 33881 rtb-csync.smartadserver.com — Cisco Umbrella Rank: 739	9 KB
13	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 570 openbid.pubmatic.com — Cisco Umbrella Rank: 36024	91 KB
13	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 712	4 KB
12	googlesyndication.com 711849abfba5b159000eb2dbe19c976f.safeframe.googlesyndication.com 0895f0aa2c467178304330755a52a8b5.safeframe.googlesyndication.com 8eae539367dce3dd3a72a46447c5a1ba.safeframe.googlesyndication.com c3b1732374ca94e347ee8dc574bf7695.safeframe.googlesyndication.com a298434c674fa411777e4938d023c5f6.safeframe.googlesyndication.com 0149f852a20148c48665bbfb5d8cb3f1.safeframe.googlesyndication.com 258900d3f0256004d783bfc403da5710.safeframe.googlesyndication.com 79c873eb841a3c001651f4050b696596.safeframe.googlesyndication.com 488e4f192ad925b4a575ad2fc52cc3d3.safeframe.googlesyndication.com pagead2.googlesyndication.com Failed 523d35f3b6d84a8f23c17db7b4f92b4b.safeframe.googlesyndication.com 124e66e75d2bbd3ab7884a0aaef82fd2.safeframe.googlesyndication.com 022d54c880901c78833bc7e5a486d0b8.safeframe.googlesyndication.com
10	e-planning.net pbjs.e-planning.net — Cisco Umbrella Rank: 12961	2 KB
10	r2b2.io delivery.r2b2.io — Cisco Umbrella Rank: 37045	383 KB
9	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 8934	2 KB
8	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 788	342 B
8	adscale.de hb.adscale.de — Cisco Umbrella Rank: 21817 js.adscale.de	2 KB
7	openx.net 2 redirects pa.openx.net — Cisco Umbrella Rank: 3484 rtb.openx.net — Cisco Umbrella Rank: 552 genieeintl-d.openx.net — Cisco Umbrella Rank: 75894 adasia-d.openx.net eu-u.openx.net	1 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 625 k.clarity.ms — Cisco Umbrella Rank: 8151 c.clarity.ms — Cisco Umbrella Rank: 1269	31 KB
7	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 2478 widget-pixels.outbrain.com — Cisco Umbrella Rank: 5461 mv.outbrain.com — Cisco Umbrella Rank: 3019 mcdp-wndc1.outbrain.com — Cisco Umbrella Rank: 6971	99 KB
7	paddyofegans.com paddyofegans.com	23 KB
6	criteo.net static.criteo.net — Cisco Umbrella Rank: 793	33 KB
5	jixie.io traid.jixie.io Failed	1 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 347 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 687 aax.amazon-adsystem.com — Cisco Umbrella Rank: 468 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1199 Failed	90 KB
5	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 9340 c.mgid.com — Cisco Umbrella Rank: 7409 cdn.mgid.com — Cisco Umbrella Rank: 11787 servicer.mgid.com — Cisco Umbrella Rank: 9455	161 KB
5	geniee.jp cpt.geniee.jp — Cisco Umbrella Rank: 44059	293 KB
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
3	sascdn.com ced.sascdn.com — Cisco Umbrella Rank: 14400 ced-ns.sascdn.com — Cisco Umbrella Rank: 3127	26 KB
3	presage.io mweb-hb.presage.io — Cisco Umbrella Rank: 8569 ms-cookie-sync.presage.io	169 B
3	us.org track.us.org — Cisco Umbrella Rank: 37857	2 KB
3	izooto.com cdn.izooto.com — Cisco Umbrella Rank: 18409	93 KB
2	adsrvr.org match.adsrvr.org	698 B
2	contextweb.com 2 redirects bh.contextweb.com — Cisco Umbrella Rank: 665	2 KB
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 615	1 KB
2	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 818	694 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 611	1 KB
2	contextads.live cdn.contextads.live — Cisco Umbrella Rank: 63998 cengineapi.contextads.live — Cisco Umbrella Rank: 64581	4 KB
2	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 15075 log.outbrainimg.com — Cisco Umbrella Rank: 4661	1 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 318	2 KB
2	authorizedvault.com topics.authorizedvault.com — Cisco Umbrella Rank: 7204
2	geoedge.be rumcdn.geoedge.be — Cisco Umbrella Rank: 2080	97 KB
2	360yield.com hb.360yield.com — Cisco Umbrella Rank: 8081
2	popin.cc api.popin.cc — Cisco Umbrella Rank: 10902
2	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 934
2	advertnative.com click.advertnative.com — Cisco Umbrella Rank: 33000 advertnative.com — Cisco Umbrella Rank: 32164	6 KB
2	dailymotion.com geo.dailymotion.com — Cisco Umbrella Rank: 8348	13 KB
2	jixie.media scripts.jixie.media — Cisco Umbrella Rank: 26935	14 KB
2	anymind360.com anymind360.com — Cisco Umbrella Rank: 19412	198 KB
1	adotmob.com 1 redirects sync.adotmob.com	712 B
1	admanmedia.com 1 redirects cs.admanmedia.com	629 B
1	tokopedia.com accounts.tokopedia.com	2 KB
1	im-apps.net sync6.im-apps.net — Cisco Umbrella Rank: 42007	341 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 205	593 B
1	google.com www.google.com — Cisco Umbrella Rank: 3 Failed
1	content-rec.com js.content-rec.com — Cisco Umbrella Rank: 143666	6 KB
1	richaudience.com shb.richaudience.com — Cisco Umbrella Rank: 4166 sync.richaudience.com Failed	174 B
1	undertone.com creative-p.undertone.com — Cisco Umbrella Rank: 8209
1	yimg.jp yads.c.yimg.jp — Cisco Umbrella Rank: 35303	55 KB
1	smaato.net prebid.ad.smaato.net — Cisco Umbrella Rank: 7900	397 B
1	viva.id api-rengine-stg.viva.id — Cisco Umbrella Rank: 394077	661 B
1	dm-event.net pebed.dm-event.net — Cisco Umbrella Rank: 10199	363 B
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 4220	25 KB
1	thevivanetworks.com sso.thevivanetworks.com — Cisco Umbrella Rank: 362708	851 B
1	tokojelly.xyz tokojelly.xyz	580 KB
1	postimg.cc i.postimg.cc — Cisco Umbrella Rank: 18404	197 KB
1	fzgrpqktmq.com fzgrpqktmq.com — Cisco Umbrella Rank: 376688	36 KB
1	ytimg.com i4.ytimg.com — Cisco Umbrella Rank: 28112	27 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 415	31 KB
462	66

	Domain	Requested by
61	securepubads.g.doubleclick.net	anymind360.com delivery.r2b2.io rumcdn.geoedge.be securepubads.g.doubleclick.net
42	www.viva.co.id	paddyofegans.com www.viva.co.id
36	bidder.criteo.com	paddyofegans.com
19	r2b2-apac.adnxs.com	delivery.r2b2.io
13	onetag-sys.com	paddyofegans.com delivery.r2b2.io rumcdn.geoedge.be
12	ep1.adtrafficquality.google	securepubads.g.doubleclick.net
11	fastlane.rubiconproject.com	delivery.r2b2.io anymind360.com cpt.geniee.jp
10	prebid-server.rubiconproject.com	delivery.r2b2.io
10	pbjs.e-planning.net	delivery.r2b2.io
10	delivery.r2b2.io	paddyofegans.com delivery.r2b2.io
9	prebid-eu.creativecdn.com	delivery.r2b2.io
9	openbid.pubmatic.com	delivery.r2b2.io
8	rtb-csync.smartadserver.com
8	prebid.a-mo.net	delivery.r2b2.io rumcdn.geoedge.be
7	ep2.adtrafficquality.google	securepubads.g.doubleclick.net ep2.adtrafficquality.google rumcdn.geoedge.be
7	hb.adscale.de	delivery.r2b2.io
7	paddyofegans.com
6	gum.criteo.com	2 redirects rumcdn.geoedge.be anymind360.com
6	static.criteo.net	delivery.r2b2.io paddyofegans.com
5	traid.jixie.io	scripts.jixie.media
5	cpt.geniee.jp	paddyofegans.com rumcdn.geoedge.be
4	mug.criteo.com	paddyofegans.com
4	ads.pubmatic.com	delivery.r2b2.io rumcdn.geoedge.be
4	widgets.outbrain.com	paddyofegans.com rumcdn.geoedge.be
3	x.bidswitch.net	3 redirects
3	eus.rubiconproject.com	cpt.geniee.jp rumcdn.geoedge.be anymind360.com
3	k.clarity.ms	www.clarity.ms
3	prg-apac.smartadserver.com	anymind360.com cpt.geniee.jp
3	track.us.org	delivery.r2b2.io
3	c.amazon-adsystem.com	anymind360.com c.amazon-adsystem.com
3	cdn.izooto.com	paddyofegans.com cdn.izooto.com
2	ssp-sync.criteo.com
2	dis.criteo.com	2 redirects
2	eu-u.openx.net	2 redirects
2	match.adsrvr.org	scripts.jixie.media
2	bh.contextweb.com	2 redirects
2	match.prod.bidr.io	2 redirects
2	sync-tm.everesttech.net	1 redirects
2	c1.adform.net	2 redirects
2	c.clarity.ms	1 redirects
2	cdn.mgid.com	paddyofegans.com
2	www18.smartadserver.com	ced.sascdn.com
2	ced-ns.sascdn.com	rumcdn.geoedge.be
2	rtb.openx.net	anymind360.com cpt.geniee.jp
2	mweb-hb.presage.io	anymind360.com
2	cdn.jsdelivr.net	anymind360.com cpt.geniee.jp
2	topics.authorizedvault.com	delivery.r2b2.io rumcdn.geoedge.be
2	rumcdn.geoedge.be	paddyofegans.com rumcdn.geoedge.be
2	hb.360yield.com	paddyofegans.com
2	api.popin.cc	paddyofegans.com
2	cdn.taboola.com	paddyofegans.com rumcdn.geoedge.be
2	www.clarity.ms	paddyofegans.com www.clarity.ms
2	geo.dailymotion.com	paddyofegans.com
2	scripts.jixie.media	paddyofegans.com
2	anymind360.com	paddyofegans.com anymind360.com
1	secure.adnxs.com	1 redirects
1	sync.adotmob.com	1 redirects
1	cs.admanmedia.com	1 redirects
1	acdn.adnxs.com	anymind360.com
1	ms-cookie-sync.presage.io	anymind360.com
1	adasia-d.openx.net	anymind360.com
1	accounts.tokopedia.com	scripts.jixie.media
1	js.adscale.de	rumcdn.geoedge.be
1	genieeintl-d.openx.net	cpt.geniee.jp
1	sync6.im-apps.net	cpt.geniee.jp
1	c.bing.com	1 redirects
1	022d54c880901c78833bc7e5a486d0b8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.google.com	ep2.adtrafficquality.google rumcdn.geoedge.be
1	servicer.mgid.com	rumcdn.geoedge.be
1	js.content-rec.com	rumcdn.geoedge.be
1	124e66e75d2bbd3ab7884a0aaef82fd2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	523d35f3b6d84a8f23c17db7b4f92b4b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	c.mgid.com	paddyofegans.com
1	488e4f192ad925b4a575ad2fc52cc3d3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ced.sascdn.com	paddyofegans.com
1	shb.richaudience.com	cpt.geniee.jp
1	creative-p.undertone.com	rumcdn.geoedge.be
1	yads.c.yimg.jp	rumcdn.geoedge.be
1	79c873eb841a3c001651f4050b696596.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	258900d3f0256004d783bfc403da5710.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	0149f852a20148c48665bbfb5d8cb3f1.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	a298434c674fa411777e4938d023c5f6.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	c3b1732374ca94e347ee8dc574bf7695.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	log.outbrainimg.com	widgets.outbrain.com
1	8eae539367dce3dd3a72a46447c5a1ba.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	0895f0aa2c467178304330755a52a8b5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	mcdp-wndc1.outbrain.com	widgets.outbrain.com
1	cengineapi.contextads.live	cdn.contextads.live
1	mv.outbrain.com	rumcdn.geoedge.be
1	cdn.contextads.live	www.viva.co.id cdn.contextads.live
1	widget-pixels.outbrain.com	paddyofegans.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	prebid.ad.smaato.net	anymind360.com
1	grid-bidder.criteo.com	anymind360.com
1	ib.adnxs.com	anymind360.com
1	711849abfba5b159000eb2dbe19c976f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	api-rengine-stg.viva.id	ajax.googleapis.com
1	advertnative.com	paddyofegans.com
1	pebed.dm-event.net	geo.dailymotion.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	config.aps.amazon-adsystem.com	rumcdn.geoedge.be
1	pa.openx.net	paddyofegans.com
1	td.doubleclick.net	paddyofegans.com
1	data-rengine.viva.co.id	paddyofegans.com
1	cdn.prod.uidapi.com	paddyofegans.com
1	sso.thevivanetworks.com	paddyofegans.com
1	click.advertnative.com	paddyofegans.com
1	tokojelly.xyz	paddyofegans.com
1	i.postimg.cc	paddyofegans.com
1	jsc.mgid.com	paddyofegans.com
1	fzgrpqktmq.com	paddyofegans.com
1	micro.rubiconproject.com	paddyofegans.com
1	i4.ytimg.com	paddyofegans.com
1	ajax.googleapis.com	paddyofegans.com
0	aax-eu.amazon-adsystem.com Failed
0	sync.richaudience.com Failed	cpt.geniee.jp
0	pagead2.googlesyndication.com Failed	securepubads.g.doubleclick.net
462	117

This site contains links to these domains. Also see Links.

Domain
adomselfrecigency.com
adirabet61.com
sso.thevivanetworks.com
www.viva.co.id
halisatinal.com
advertnative.com

Subject Issuer	Validity	Valid
paddyofegans.com ZeroSSL RSA Domain Secure Site CA	`2024-11-22` - `2025-02-20`	3 months	crt.sh
*.viva.co.id Sectigo RSA Domain Validation Secure Server CA	`2024-08-01` - `2025-08-23`	a year	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
anymind360.com R10	`2024-10-19` - `2025-01-17`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-04-03`	8 months	crt.sh
zyjbvnxiig.com R11	`2024-11-11` - `2025-02-09`	3 months	crt.sh
*.geniee.jp GeoTrust TLS RSA CA G1	`2024-07-30` - `2025-08-30`	a year	crt.sh
izooto.com WE1	`2024-10-07` - `2025-01-05`	3 months	crt.sh
mgid.com WE1	`2024-11-02` - `2025-01-31`	3 months	crt.sh
*.jixie.media Sectigo RSA Organization Validation Secure Server CA	`2024-08-15` - `2025-08-15`	a year	crt.sh
geo.dailymotion.com ZeroSSL ECC Domain Secure Site CA	`2024-09-30` - `2024-12-29`	3 months	crt.sh
postimg.cc E5	`2024-10-20` - `2025-01-18`	3 months	crt.sh
tokojelly.xyz WE1	`2024-10-14` - `2025-01-12`	3 months	crt.sh
click.advertnative.com R10	`2024-10-11` - `2025-01-09`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
delivery.r2b2.io R10	`2024-10-07` - `2025-01-05`	3 months	crt.sh
thevivanetworks.com WE1	`2024-09-30` - `2024-12-29`	3 months	crt.sh
cdn.prod.uidapi.com Amazon RSA 2048 M03	`2024-11-20` - `2025-12-20`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
*.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2024-12-31`	5 months	crt.sh
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-23` - `2025-01-29`	a year	crt.sh
*.popin.cc Secure Site Pro CA G2	`2024-09-23` - `2025-10-24`	a year	crt.sh
improvedigital.com Amazon RSA 2048 M02	`2024-02-04` - `2025-03-04`	a year	crt.sh
pa.openx.net WR3	`2024-11-13` - `2025-02-11`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M03	`2024-11-19` - `2025-12-18`	a year	crt.sh
gw.geoedge.be Amazon RSA 2048 M03	`2024-07-12` - `2025-08-09`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh
1657490710.rsc.cdn77.org E6	`2024-10-29` - `2025-01-27`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-24` - `2024-12-21`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-24` - `2024-12-25`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
track.us.org E5	`2024-10-13` - `2025-01-11`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
alt1-3ps.amazon-adsystem.com Amazon RSA 2048 M03	`2024-03-29` - `2025-04-28`	a year	crt.sh
*.e-planning.net R10	`2024-11-20` - `2025-02-18`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
*.adscale.de Amazon RSA 2048 M03	`2024-06-17` - `2025-07-17`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2024-04-05` - `2025-04-30`	a year	crt.sh
*.a-mo.net R11	`2024-10-11` - `2025-01-09`	3 months	crt.sh
*.dm-event.net ZeroSSL RSA Domain Secure Site CA	`2024-10-18` - `2025-01-16`	3 months	crt.sh
advertnative.com R11	`2024-10-27` - `2025-01-25`	3 months	crt.sh
viva.id WE1	`2024-11-20` - `2025-02-18`	3 months	crt.sh
adtrafficquality.google WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.prod.cloud.ogury.io E6	`2024-10-03` - `2025-01-01`	3 months	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2024-08-14` - `2025-08-18`	a year	crt.sh
smaato.net Sectigo ECC Domain Validation Secure Server CA	`2024-08-13` - `2025-09-11`	a year	crt.sh
*.outbrainimg.com DigiCert TLS RSA SHA256 2020 CA1	`2024-11-14` - `2025-11-14`	a year	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
delivery.contextads.live Amazon RSA 2048 M03	`2024-03-13` - `2025-04-10`	a year	crt.sh
contextads.live Amazon RSA 2048 M02	`2023-12-27` - `2025-01-25`	a year	crt.sh
edge01.yahoo.co.jp Cybertrust Japan SureServer CA G4	`2024-09-20` - `2025-10-19`	a year	crt.sh
*.undertone.com Amazon RSA 2048 M02	`2024-07-02` - `2025-07-29`	a year	crt.sh
*.richaudience.com RapidSSL TLS RSA CA G1	`2024-02-14` - `2025-02-25`	a year	crt.sh
*.sascdn.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-16` - `2025-07-16`	a year	crt.sh
content-rec.com WE1	`2024-10-19` - `2025-01-17`	3 months	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2024-03-11` - `2025-03-11`	a year	crt.sh
*.jixie.io Sectigo RSA Organization Validation Secure Server CA	`2024-05-25` - `2025-04-30`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
*.tokopedia.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-27` - `2025-07-20`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2024-04-08` - `2025-05-09`	a year	crt.sh

This page contains 78 frames:

Primary Page: https://paddyofegans.com/
Frame ID: C2384791F4B17495FD698E3AD340F9ED
Requests: 316 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-YFFX5TN9EH&gacid=765266272.1730230449&gtm=45je4bk0v883879034za200zb72652391&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=2014715549
Frame ID: 3454090B84F347675FF714D6EFAEB7EE
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/static/topics/taboola-prebid-browsing-topics.html?bidder=taboola
Frame ID: C9E4CE923110EA30CC94F5DBEE6F739A
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/static/topicsapi.html?bidder=onetag
Frame ID: F441A402D936EDDA05E7C9020AB67A7F
Requests: 1 HTTP requests in this frame

Frame: https://api.popin.cc/topic/prebid-topics-frame.html?bidder=discovery
Frame ID: BA46E154959FCBE376AA933512BFF6E3
Requests: 1 HTTP requests in this frame

Frame: https://hb.360yield.com/privacy-sandbox/topics.html?bidder=improvedigital
Frame ID: 0C8CE29E200F5BAA31D62434CD734D1D
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/static/topicsapi.html?bidder=onetag
Frame ID: A229AA714CB0CCD52C773D01D23C19F7
Requests: 1 HTTP requests in this frame

Frame: https://hb.360yield.com/privacy-sandbox/topics.html?bidder=improvedigital
Frame ID: A8BF5EA699808E91C28426558F74D6FD
Requests: 1 HTTP requests in this frame

Frame: https://pa.openx.net/topics_frame.html?bidder=openx
Frame ID: A271C21584021B23220E56E1E3BB7B76
Requests: 1 HTTP requests in this frame

Frame: https://api.popin.cc/topic/prebid-topics-frame.html?bidder=discovery
Frame ID: DBEF9AA4E57D6A1A35F25EB47629A034
Requests: 1 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Frame ID: 4871E2E7698940A84D22BB80AD8080A6
Requests: 1 HTTP requests in this frame

Frame: https://topics.authorizedvault.com/topicsapi.html?bidder=rtbhouse
Frame ID: B8F64B2CE7CF449733C61458473DE30E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Frame ID: 303D39EBFCF9A48A7A9E8A9AA2FFE85E
Requests: 1 HTTP requests in this frame

Frame: https://delivery.r2b2.io/static/topics/topics_frame.html?bidder=r2b2
Frame ID: 637B92CD02B73979FA07B6907631BBC7
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 44480105E1E372923A58B7BDB29F7292
Requests: 6 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/grumi.js
Frame ID: B457155D017388B841AF9311C619F3C5
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 704174930B6B9274F85EE9FA635CFAAB
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 37A1035550FF19A3ECB860DB29415A2C
Requests: 1 HTTP requests in this frame

Frame: https://711849abfba5b159000eb2dbe19c976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 604B01412684088B96F5ED596AFB9527
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/topics/topics.html?r=https%3A%2F%2Fpaddyofegans.com
Frame ID: 98687BDC9D949002D3810A02004CB9D1
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 5378A6FD64A694FAD0713F4CAB7A7C97
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 4AD5B82EA29D53B79855F4AEC4C3BDC7
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 4846962E3D8ABB02F7DE798B71D3C4E3
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: CED92A6D57DF39A9ED8FA0446FF233DD
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: C82B2678151AC9B70E85865FF8CF79F7
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 36355AC69B6210C956C6FE32C3B0D418
Requests: 6 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Frame ID: 45E15164227F700A05505B280C7BECBC
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: E922B82DC9143C8C8B5B9CF3149EDAB3
Requests: 1 HTTP requests in this frame

Frame: https://0895f0aa2c467178304330755a52a8b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0F63009A564FEF5CC94635E488EE0ADD
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: DA9C5F6184221274FDB44464ADEE80E8
Requests: 1 HTTP requests in this frame

Frame: https://8eae539367dce3dd3a72a46447c5a1ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 47E45AB25D3B78C81A3A9BFFF8D05B21
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 0195D9D9962512BDE44236F102074682
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: AF9F32FC525F61207451FD1E0CAA8BC2
Requests: 1 HTTP requests in this frame

Frame: https://c3b1732374ca94e347ee8dc574bf7695.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: B0D689FAA84B43DEDE38F60D7E375F2A
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 64D16AF9CFCE515A195D111623F46906
Requests: 1 HTTP requests in this frame

Frame: https://a298434c674fa411777e4938d023c5f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 20EEAA073C180DCBBE7A6A1CEF5239D3
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 4CA98260D768AE9CF70B2FC18F6FF76A
Requests: 1 HTTP requests in this frame

Frame: https://0149f852a20148c48665bbfb5d8cb3f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 4F0AE711815E81B748F4B9C436049369
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: D3EF5BDDFA076B053E71095622908EC8
Requests: 1 HTTP requests in this frame

Frame: https://258900d3f0256004d783bfc403da5710.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 5CE64EADC3092DD232BF250929CA908F
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 3070512DB26A1E3A943A76FD21671938
Requests: 1 HTTP requests in this frame

Frame: https://79c873eb841a3c001651f4050b696596.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 47BC4F27DC216B4D64D8D2A3E5D9E21D
Requests: 1 HTTP requests in this frame

Frame: https://topics.authorizedvault.com/topicsapi.html?bidder=rtbhouse
Frame ID: 65D426209D9472F3C7BBF9067FEEE2F8
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Frame ID: 7FE6A91B6C5F8A2C747AD30C0E89ADD1
Requests: 1 HTTP requests in this frame

Frame: https://creative-p.undertone.com/spk-public/topics_frame.html?bidder=undertone
Frame ID: F0816885160A8A6413E4EDA074755CBF
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/static/topics/taboola-prebid-browsing-topics.html?bidder=taboola
Frame ID: 4638684D0CEBE3ADB87083FC385A6888
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=paddyofegans.com
Frame ID: 645A5FFBFF413402279C1D2C2FA8D97F
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: C2099A033E1BB241339CDFC4EA6B9B61
Requests: 1 HTTP requests in this frame

Frame: https://488e4f192ad925b4a575ad2fc52cc3d3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: B8A7F9938640F11FDBD9A084750A2578
Requests: 1 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/js/assets/topics_frame.html
Frame ID: 1537B3066CBE7DA8AEC155C78CFBFABD
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 50BE3B717C319EC087464C1D36EF692F
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: A8F48C17071610BC9CA1F42586AD0B30
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 6AD7DCB80F6826E956B2A7B6D719858E
Requests: 1 HTTP requests in this frame

Frame: https://523d35f3b6d84a8f23c17db7b4f92b4b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 088D701AEBF93E60D250D81E3ABD1A33
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: A942C3C211D617E688DAF0CDD7CFFAFA
Requests: 1 HTTP requests in this frame

Frame: https://124e66e75d2bbd3ab7884a0aaef82fd2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: CF496A98D348D1EFAEC8F6B8C4F52C6E
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 4BF41A758FA5926BFAC184A357BC1634
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E363FF51DF59C41B821BF35CB36D9DBB
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 7FDD6476992D2E5861C4749A142CAE34
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 7B8E217FA37B502D39507A85B4477DC7
Requests: 1 HTTP requests in this frame

Frame: https://022d54c880901c78833bc7e5a486d0b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 22F3B680EEEE25ED8D8F2D450698DD5F
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 48C1086E71C452441347D18941428BD5
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7541F370C98BADBE9C8CAA3AA576BEC4
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 654825DFCB9AA694E401DD74D9F8E49E
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BEFF40EE3E41DB858186D0E956A1398C
Requests: 1 HTTP requests in this frame

Frame: https://genieeintl-d.openx.net/w/1.0/pd
Frame ID: 9887DF002BFFA87E0043D6568CB9A3BA
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=5475310752
Frame ID: F6D803BCBC7D9CA2E2DB10F8CE3898A3
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C2B0BDA018AAB845B68EE8C19DCA7C49
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 761F244FFA7213E89F81816810B2FDEC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158361
Frame ID: AF5708DAB03EEF754FDB6BCA2E68EDE7
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html
Frame ID: 0B8583C44BBD05422DA13940DB89D129
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1732655648336
Frame ID: A6D65E321D320EDCC1B7550EE584589B
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?&gpp=&gpp_sid=
Frame ID: 22E5B21BCF0936E5FD515F2480136D03
Requests: 1 HTTP requests in this frame

Frame: https://adasia-d.openx.net/w/1.0/pd
Frame ID: 8B4866D08796735292DCF2D1E6BB9C86
Requests: 1 HTTP requests in this frame

Frame: https://ms-cookie-sync.presage.io/user-sync.html?gdpr_consent=&source=prebid&gpp=&gpp_sid=
Frame ID: E86E77B30F25D238C82C0B4EAFB42E80
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4EA7F633040609F80999F75AC8019CE6
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: BA594F44AADEE84DBFC7465010E8C82D
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=criteoPrebidAdapter&topUrl=paddyofegans.com&gpp=
Frame ID: 306EA688C1677726E13E94DE20E27CCE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ADIRABET Login Pusat Raja Slot Gampang Maxwin Pragmatic Play

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Izooto (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.izooto\.\w+

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

462
Requests

88 %
HTTPS

23 %
IPv6

66
Domains

117
Subdomains

89
IPs

13
Countries

3431 kB
Transfer

15933 kB
Size

121
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://adomselfrecigency.com/7ac79d79-c33e-488f-a13b-7eb94bd6fe9a
Title:  Halaman Utama

Search URL Search Domain Scan URL

URL: https://adirabet61.com/
Title: trend

Search URL Search Domain Scan URL

URL: https://sso.thevivanetworks.com/
Title: Profil

Search URL Search Domain Scan URL

URL: https://sso.thevivanetworks.com/edit/profile
Title: Edit Profil

Search URL Search Domain Scan URL

URL: https://sso.thevivanetworks.com/logout?ref=https%3A%2F%2Fwww.viva.co.id%2Fvideo%2F1774001-sah-komisi-iii-dpr-pilih-setyo-budiyanto-jadi-ketua-kpk
Title: Logout

Search URL Search Domain Scan URL

URL: https://www.viva.co.id/

Search URL Search Domain Scan URL

URL: https://www.viva.co.id/portal-pilkada

Search URL Search Domain Scan URL

URL: https://www.viva.co.id/indonesia-maju-berkelanjutan

Search URL Search Domain Scan URL

URL: https://www.viva.co.id/kemnaker

Search URL Search Domain Scan URL

URL: https://www.viva.co.id/pupr

Search URL Search Domain Scan URL

URL: https://www.viva.co.id/viu

Search URL Search Domain Scan URL

URL: https://www.viva.co.id/siapa

Search URL Search Domain Scan URL

URL: https://www.viva.co.id/video
Title: ADIRABET

Search URL Search Domain Scan URL

URL: https://halisatinal.com/ampadirabet69/
Title: ADIRABET SLOT

Search URL Search Domain Scan URL

URL: https://advertnative.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 102

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpaddyofegans.com%2F&domain=paddyofegans.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=wRZIzHxqTGltL2ZGUXMxR0R0aGhGZE1VZFRteWhmZit1enVRQ2RXWG4yWFdyekFGN2JoZnRWUWdOVGQyUENDVXR2T3hKdGNhamlpdEo0UVlsSnNwNkk1VHBDTkFFWjROdEIzU0hZMlhkL1hGdXovS2tnMkZJdDJtRXd5VDNQMkplL1BDb2R0UHVJc1VBbUxQcXU5N3hnM2lSZHRORCtLQ2oxZUpRWlNFSG1YbGlhQWtYdmJBYWZSVThMUzdMSElucUJocWRESXI0UHdJY09YNGFmOHBGUUtSam1qK0JGdzE5cWZUOVh3TUYwdk9pUDQrNjNIbVFFY08vazZRb0ZGbjFkbGpRfA&cppv=2

Request Chain 407

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=B18EE06566924C3CB13E6AB8E81F2917&RedC=c.clarity.ms&MXFR=3E01E4087F426ABA19D4F14B7B4264CC HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B18EE06566924C3CB13E6AB8E81F2917&MUID=24B3639FCC3A6B7722A776DCCD406AD8

Request Chain 422

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpaddyofegans.com%2F&domain=paddyofegans.com&bundle=rpwXo19SdlVVTTIxQ3E2RDdZNUVYMVU1UTdGZGZFVThmTjNUZHFZczd6clpyYmlXN0U5TE5DbXhmcHdIZSUyRjBWRkhrJTJCbnZFOFdaJTJCakNraWRrMWZnbUpwRko2dGp3QzJoQmZkVnpMMk9HSFlKRHFVeXFyVFRRRVlzT2JIY01qYlc2U20yNw&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=asHnD3xCQXRzeDgyZXhXaFVIOTdtQjI0L3R2NHZQak9DK0hFTTJEMU1DVG5qMnlXZVpGNk5SaE8xMkN3NHdBS2hPV3dzNXhKRWVGZ1QxSVYyWW9Ia051WXVPRE1TRHVwOEQ3akg3djlJSnpCTGVUd0hSNXZ2TzduVXVHZFJJTE41dEdGbnhZNGZvNE1XT0YwaFBtY0VVTmphVTlvamsrS1NEeFp3Y1UrYzFNNzFxOFhqb1FXU0hBZVRCQUwrS012cFp3ZDJ4VFFVc0xVSk9acXJSd1crRzFCeE5GZnpFZFZHeW50cXJ2Qi9iSzFNM3VZV2QzMHowRzY5RWI2L2Fza2s4Q2swOWVBSVNUTzE1NHROWExyRUV5dFZEVERPWFl4RVN2M2w0U0Z2RlJiMFltb01JZkx3a2JCc21JWXJkTGZGbUhiYXViWisvN0NYR1E4R216SHduejRaZXc9PXw&cppv=2

Request Chain 427

https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=1272385036004987266&gdpr=0&gdpr_consent=

Request Chain 428

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fdcm%3Fpid%3Df7a5db36-1d5c-4c26-81b6-b4d0807faffb%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=4594752745451248294&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=4594752745451248294&gdpr=0&gdpr_consent=&dcc=t

Request Chain 429

https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Z0Y6HwAHseRzEAAX

Request Chain 430

https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://rtb-csync.smartadserver.com/redir?partneruserid=AAJaFE7OjHQAABYCouWpiA&partnerid=127&gdpr=0

Request Chain 431

https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=jk93B9FwyALU&ev=1&pid=560288&gdpr_consent=&gdpr=0

Request Chain 452

https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=jk93B9FwyALU&ev=1&pid=560288&gdpr_consent=&gdpr=0

Request Chain 453

https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://eu-u.openx.net/w/1.0/cm?cc=1&id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=97be54d9-0d8c-0447-399e-97cb727bd704&gdpr=0&gdpr_consent=

Request Chain 454

https://cs.admanmedia.com/e09bad714a425a93d6dea503dcf9c528.gif?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D130%26partneruserid%3D%5BUID%5D%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BGDPR_CONSENT%5D&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=81039b2f-f3a5-4084-b5da-baf089a56c6f&gdpr=0&gdpr_consent=[GDPR_CONSENT]

Request Chain 455

https://s.ad.smaato.net/c/?adExInit=p HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156177&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1001750%26dspCookie%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D

Request Chain 456

https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=8d80cec9-4bea-4703-af87-5385ec5d496e&gdpr=0&gdpr_consent=

Request Chain 457

https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=0b462005004f9ea021cb5cfb&gdpr=0&gdpr_consent=

Request Chain 458

https://x.bidswitch.net/sync?ssp=criteo&custom_data=6zAl-F9QdDVRWEp5eTVqNllNWkFGRUlxUFpKMkdVQ09SNUdMTDlWOHM0akVWbzM0JTNE&gpp=&gpp_sid=&gdpr=0&gdpr_consent=&us_privacy=&cr_user_id=k-vpfdiYOja_z7CT1pgUmlhEG6eBDSAn7oJjDngA HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=criteo&custom_data=6zAl-F9QdDVRWEp5eTVqNllNWkFGRUlxUFpKMkdVQ09SNUdMTDlWOHM0akVWbzM0JTNE&gpp=&gpp_sid=&gdpr=0&gdpr_consent=&us_privacy=&cr_user_id=k-vpfdiYOja_z7CT1pgUmlhEG6eBDSAn7oJjDngA HTTP 302
https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dcriteo%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://x.bidswitch.net/sync?dsp_id=462&ssp=criteo&user_id=k-vpfdiYOja_z7CT1pgUmlhEG6eBDSAn7oJjDngA&gdpr=0&gdpr_consent= HTTP 302
https://ssp-sync.criteo.com/user-sync/match?p=6zAl-F9QdDVRWEp5eTVqNllNWkFGRUlxUFpKMkdVQ09SNUdMTDlWOHM0akVWbzM0JTNE&u=a791fe51-a8fb-4aaf-9d63-d64f446f2c91

Request Chain 459

https://secure.adnxs.com/getuid?https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dEB-L-F84Z1NCSkpaTGpENk5kQVJUZnNtYlljWW1LbTFyT0xmczdkTDZUVGhlS0NzJTNE%26u%3d%24UID&gdpr=0&gdpr_consent= HTTP 302
https://ssp-sync.criteo.com/user-sync/match?p=EB-L-F84Z1NCSkpaTGpENk5kQVJUZnNtYlljWW1LbTFyT0xmczdkTDZUVGhlS0NzJTNE&u=2885398955105823811&gdpr=0&gdpr_consent=

462 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
paddyofegans.com/ 95 KB
21 KB 65ms
19ms Document
text/html 15.168.174.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://paddyofegans.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 15.168.174.130 Osaka, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-15-168-174-130.ap-northeast-3.compute.amazonaws.com
Software: Apache /
Resource Hash: 8f8c21b41a2752e07384e694c93706a81775d53ba0033fcb35545f396cc37add

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 21340
content-type: text/html
date: Tue, 26 Nov 2024 21:14:01 GMT
etag: "17d7d-6279094e67583-gzip"
last-modified: Sat, 23 Nov 2024 08:49:47 GMT
server: Apache
vary: Accept-Encoding

GET 7cHqv4kjgoGqM7E3_-gs51os.woff2
www.viva.co.id/asset-viva/responsive-web/fonts/barlow/ 0
0

GET 7cHqv4kjgoGqM7E3t-4s51os.woff2
www.viva.co.id/asset-viva/responsive-web/fonts/barlow/ 0
0

GET 7cHqv4kjgoGqM7E3j-ws51os.woff2
www.viva.co.id/asset-viva/responsive-web/fonts/barlow/ 0
0

GET
H3 200 logo.webp
www.viva.co.id/asset-viva/responsive-web/img/ 5 KB
5 KB 31ms
31ms Image
image/webp 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.viva.co.id/asset-viva/responsive-web/img/logo.webp?v=2.85

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8d673259d0bfc678aacef4e63f8ea06ec4b8694faa22927ec51e4a79ee5976c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cf-cache-status: HIT
etag: "670ca722-12c4"
age: 1524048
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:01 GMT
content-type: image/webp
last-modified: Mon, 14 Oct 2024 05:07:46 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8e8ce2c25df4afd5-NRT
accept-ranges: bytes
content-length: 4804
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 rancak.css
www.viva.co.id/asset-viva/responsive-web/css/ 12 KB
4 KB 88ms
18ms Stylesheet
text/css 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/rancak.css?v=2.85

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bd7e38fa131eefd39c6cde5d57033885ea634641cac32ee964fb56eeb3fc636

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"670ca722-30cb"
age: 1523854
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:01 GMT
content-type: text/css
last-modified: Mon, 14 Oct 2024 05:07:46 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8e8ce2c04c5fafd5-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 42ms
2ms Script
text/javascript 2404:6800:4004:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
age: 60199
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Wed, 26 Nov 2025 04:30:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 04:30:42 GMT
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31017
x-xss-protection: 0
server: sffe

GET
H3 200 detail.css
www.viva.co.id/asset-viva/responsive-web/css/ 9 KB
2 KB 91ms
22ms Stylesheet
text/css 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/detail.css?v=2.85

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8600f274e0ea725ea9cd1b51edc978fff752395a800a00138cc4eb1eed295164

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"670ca722-2214"
age: 1523854
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:01 GMT
content-type: text/css
last-modified: Mon, 14 Oct 2024 05:07:46 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8e8ce2c04c61afd5-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 hqdefault.jpg
i4.ytimg.com/vi/3DOGTFjTGFg/ 27 KB
27 KB 139ms
50ms Image
image/jpeg 2404:6800:4004:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i4.ytimg.com/vi/3DOGTFjTGFg/hqdefault.jpg

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62991453b120bf813af5fb5480859bd77cf3c8b5a3aa1b69b94c45bf418954b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

etag: "1732175525"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 23:14:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: image/jpeg
vary: Origin
cache-control: public, max-age=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 27523
x-xss-protection: 0
server: sffe

GET
H2 200 ats.js Show response
anymind360.com/js/1326/ 270 KB
69 KB 27ms
2ms Script
application/javascript 151.101.1.55
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anymind360.com/js/1326/ats.js

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.55 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

1ed30a08f678fc876f1768744378a70ffa5d63100a3177428a1c6d5c9ef172f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type
content-encoding: gzip
x-goog-hash: crc32c=g5x5wA==, md5=GhvJyi5p7y/0zeysSuKVeA==
etag: "1a1bc9ca2e69ef2ff4cdecac4ae29578"
age: 95477
x-goog-stored-content-encoding: gzip
expires: Mon, 25 Nov 2024 18:42:44 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-goog-stored-content-length: 69423
x-cache: HIT, HIT
date: Tue, 26 Nov 2024 21:14:02 GMT
last-modified: Mon, 25 Nov 2024 07:25:35 GMT
content-type: application/javascript; charset=UTF-8
x-served-by: cache-tyo11953-TYO, cache-nrt-rjtf7700049-NRT
x-cache-hits: 201, 18
x-guploader-uploadid: AFiumC4YyVq4RsuDa_K1_hqDvsToL97C3OXlyAk3duQXl9BI1lECbcKX1bBuRQWT0UhTeC5YQ7oP8kXhlQ
strict-transport-security: max-age=31557600
vary: Accept-Encoding
cache-control: max-age=1200
x-goog-storage-class: STANDARD
x-timer: S1732655642.016930,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1732519535067541
content-length: 69423
server: UploadServer

GET
H2 200 25756.js Show response
micro.rubiconproject.com/prebid/dynamic/ 375 KB
120 KB 740ms
713ms Script
text/javascript 23.51.131.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://micro.rubiconproject.com/prebid/dynamic/25756.js
Requested by: Host: paddyofegans.com
URL: https://paddyofegans.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.131.10 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-131-10.deploy.static.akamaitechnologies.com
Software: Apache/2.4.59 (Debian) PHP/8.3.8 OpenSSL/3.0.11 /
Resource Hash: 36fbee1e12169a5af2b7d16da2cd8af67339ba34f7e6db358e2328b13e2ce102

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

edge-cache-tag: prod-prebid-25756_catch_all.js
cache-control: public, must-revalidate, max-age=14400
content-encoding: gzip
expires: Wed, 27 Nov 2024 21:14:02 GMT
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: text/javascript;charset=UTF-8
vary: accept-encoding, referer
server: Apache/2.4.59 (Debian) PHP/8.3.8 OpenSSL/3.0.11

GET
H3 200 forkmedia.js Show response
www.viva.co.id/asset-viva/responsive-web/ads/ 470 B
488 B 21ms
15ms Script
application/javascript 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/ads/forkmedia.js?v=2.85

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e6f61b601048c47236663abddd0117acc51b91b7796e8de4dc0e6cc423418bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"670ca722-1d6"
age: 1523854
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: application/javascript
last-modified: Mon, 14 Oct 2024 05:07:46 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8e8ce2c27e0dafd5-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 script.js Show response
fzgrpqktmq.com/ 103 KB
36 KB 1399ms
509ms Script
application/javascript 46.4.218.122
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://fzgrpqktmq.com/script.js
Requested by: Host: paddyofegans.com
URL: https://paddyofegans.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.4.218.122 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.122.218.4.46.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 52f5eba066acb06ee1fcc174c92f6b0e0e2fbf04fcfc6272c8d50ade7e92e8ec

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: public, max-age=1800
content-encoding: gzip
x-adsbid-request: daw4fkjqzlut
access-control-allow-origin: *
date: Tue, 26 Nov 2024 21:14:03 GMT
content-type: application/javascript
vary: Accept-Encoding
server: nginx/1.18.0

GET
H2 200 wrapper.min.js Show response
cpt.geniee.jp/hb/v1/220835/2064/ 14 KB
5 KB 61ms
35ms Script
application/javascript 133.186.12.49
TOKAI TOKAI Commu...

General

Check archive.org

Show headers Download Go to

Full URL: https://cpt.geniee.jp/hb/v1/220835/2064/wrapper.min.js
Requested by: Host: paddyofegans.com
URL: https://paddyofegans.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 133.186.12.49 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS: p049.net133186012.broadline.ne.jp
Software: nginx /
Resource Hash: bed8d5f6ff0c7dd595b50e0d158e24b9920ca10b1744d15bdcf28688a8b00646

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: max-age=3600, private
content-encoding: gzip
etag: W/"6745b963-3810"
cross-origin-resource-policy: cross-origin
expires: Tue, 26 Nov 2024 22:14:02 GMT
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: application/javascript
last-modified: Tue, 26 Nov 2024 12:04:51 GMT
server: nginx

GET
H2 200 8c8e12aa600a1d6a06ebd1d766597fa36eb01526.js Show response
cdn.izooto.com/scripts/ 2 KB
1 KB 34ms
17ms Script
application/javascript 2606:4700::6810:8041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/8c8e12aa600a1d6a06ebd1d766597fa36eb01526.js

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8041 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2af13d01e84f02dbf639ade1e6fe16464763b30660aadb5d89525cd3066c8546

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: public, max-age=86400
content-encoding: br
cf-bgj: minify
etag: W/"66436e56-775"
age: 1106494
cf-cache-status: HIT
cf-ray: 8e8ce2c28e3a3c15-NRT
expires: Wed, 27 Nov 2024 21:14:02 GMT
access-control-allow-origin: *
date: Tue, 26 Nov 2024 21:14:02 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript
last-modified: Tue, 14 May 2024 13:59:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 524861.js Show response
jsc.mgid.com/site/ 1 MB
158 KB 39ms
22ms Script
text/javascript 104.19.129.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/site/524861.js

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3635f7f326b9ba59aa28a435a0845e6e2a2e93578aae6c2abf454e0096004b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

x-robots-tag: noindex
access-control-expose-headers: X-cntry
content-encoding: gzip
cf-cache-status: HIT
etag: "53745afeeb34ae99b0de78ef22bb0df9"
x-amz-version-id: P.QQMDRmSRj25xNJ_skU1sZLkBNkVHLj
age: 1326
expires: Wed, 27 Nov 2024 00:14:02 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: text/javascript
last-modified: Tue, 19 Nov 2024 03:30:29 GMT
vary: Accept-Encoding
x-amz-id-2: vYqnKtRimis/o5OMOTjngLpNO6L/YvrsbrrxpbuuzTjj1hYYn2AQ5yS6GYDTISDlG5xKmxy9AKG5583CH4T/iQ==
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=10800
x-cntry: JP
x-amz-request-id: PNJP3NZM70A44K40
cf-ray: 8e8ce2c29c54d78b-NRT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 160829
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 jx-Vi266245UOhdV.min.js Show response
scripts.jixie.media/onescript/Vi245MSErQ/ 1 KB
1 KB 33ms
6ms Script
application/javascript 163.181.129.201
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.jixie.media/onescript/Vi245MSErQ/jx-Vi266245UOhdV.min.js
Requested by: Host: paddyofegans.com
URL: https://paddyofegans.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 163.181.129.201 Tokyo, Japan, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: cc572e35bf38de1f32a49b3c7037db837c19a9f8649fb9de3fe9c96a5a76009e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
x-amz-version-id: u4g19cPKTAOv2abGDRkuomx8hJT_7hTC
etag: W/"aff8e35d39c07b030ed203ecc466bc53"
age: 2444648
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
date: Tue, 29 Oct 2024 14:09:53 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 12 Oct 2024 02:58:39 GMT
x-amz-id-2: 53hoCMvZkX8sq+ZHuogJOUE93yosynsHEHbGniHC072CXDg2GgUtV9/rCO7LZ4FW8ocxslhnVSuhbqp7KtAPoCc0JivWIbsU0nOhMWVyvaU=
x-swift-cachetime: 1505594
timing-allow-origin: *
x-amz-meta-x-amz-meta-createdat: 2024-07-12T05:03:10Z
via: cache27.l2sg5[0,0,304-0,H], cache33.l2sg5[0,0], cache33.l2sg5[1,0], ens-cache8.jp8[0,0,200-0,H], ens-cache11.jp8[1,0]
x-amz-request-id: Z4T22SW0Y2ZZGB97
x-amz-meta-x-amz-meta-updatedat: 2024-10-12T02:58:37Z
x-swift-savetime: Mon, 11 Nov 2024 03:56:39 GMT
ali-swift-global-savetime: 1730210993
eagleid: a3b5819f17326556419993828e
server: Tengine
x-amz-server-side-encryption: AES256

GET
H2 200 prebid-v8.52.1.js Show response
cpt.geniee.jp/hb/v1/lib/ 447 KB
177 KB 30ms
7ms Script
application/javascript 133.186.12.49
TOKAI TOKAI Commu...

General

Check archive.org

Show headers Download Go to

Full URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v8.52.1.js
Requested by: Host: paddyofegans.com
URL: https://paddyofegans.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 133.186.12.49 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS: p049.net133186012.broadline.ne.jp
Software: nginx /
Resource Hash: 197e9bb0f9f3a4ffd839cd317a7069237f2063571dc5555a169683422b04f25d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: max-age=86400, private
content-encoding: gzip
etag: W/"66fb92f7-6fc46"
cross-origin-resource-policy: cross-origin
expires: Wed, 27 Nov 2024 21:14:02 GMT
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: application/javascript
last-modified: Tue, 01 Oct 2024 06:13:11 GMT
server: nginx

GET
H2 200 gnshbrequest-v4.6.10.js Show response
cpt.geniee.jp/hb/v1/lib/ 153 KB
56 KB 48ms
24ms Script
application/javascript 133.186.12.49
TOKAI TOKAI Commu...

General

Check archive.org

Show headers Download Go to

Full URL: https://cpt.geniee.jp/hb/v1/lib/gnshbrequest-v4.6.10.js
Requested by: Host: paddyofegans.com
URL: https://paddyofegans.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 133.186.12.49 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS: p049.net133186012.broadline.ne.jp
Software: nginx /
Resource Hash: d489b05b1b921c5843ee5c59ca5e49cf9e9a4a551f3b89db68e5c3e80437b878

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: max-age=86400, private
content-encoding: gzip
etag: W/"67248d07-264ae"
cross-origin-resource-policy: cross-origin
expires: Wed, 27 Nov 2024 21:14:02 GMT
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: application/javascript
last-modified: Fri, 01 Nov 2024 08:10:47 GMT
server: nginx

GET
H2 200 jxpublisher_3_1.nb.min.js Show response
scripts.jixie.media/ 35 KB
13 KB 39ms
13ms Script
application/javascript 163.181.129.201
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.jixie.media/jxpublisher_3_1.nb.min.js
Requested by: Host: paddyofegans.com
URL: https://paddyofegans.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 163.181.129.201 Tokyo, Japan, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 30116cde2669653a67274caf3afa4717fa7074aa6c8b9db7f4048723f98f2b38

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
etag: W/"208c0ac544a4016f812d8e59885335c1"
x-amz-version-id: XkLoLRVZuw94llsLDRBcL0dh9FTp86P6
age: 770231
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
date: Sun, 17 Nov 2024 23:16:49 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sun, 17 Nov 2024 23:14:50 GMT
x-amz-id-2: RwnRBVEyviO6l5bNeE12M6SqzXy0R58pYrLxfxrKfDmAJ2RjQcE2Lc0wk2g+9PU3f4nGleL12sxAqNKaRS2nIPsMwCIkwJyyafm1p/x9EOw=
x-swift-cachetime: 2591992
timing-allow-origin: *
via: cache3.l2sg5[0,0,200-0,H], cache15.l2sg5[0,0], cache15.l2sg5[0,0], ens-cache2.jp8[0,0,200-0,H], ens-cache11.jp8[2,0]
x-amz-request-id: 43MPPNKF41ZG37KB
ali-swift-global-savetime: 1731885410
x-swift-savetime: Sun, 17 Nov 2024 23:16:58 GMT
eagleid: a3b5819f17326556419993829e
server: Tengine
x-amz-server-side-encryption: AES256

GET
H2 200 cookie.js Show response
geo.dailymotion.com/ 39 B
306 B 400ms
130ms Script
application/javascript 13.200.1.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.dailymotion.com/cookie.js

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.200.1.252 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-200-1-252.ap-south-1.compute.amazonaws.com

Software

Resource Hash

1cd9396d5168a107731760e10db796f6a7aa3d24ca386e6895cbdac7abf052cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
link: <https://static-origin.dmcdn.net>; rel="preconnect"; crossorigin, <https://www.dailymotion.com>; rel="preconnect"; crossorigin
cache-control: no-cache, no-store
content-encoding: br
content-length: 28
date: Tue, 26 Nov 2024 21:14:01 GMT
content-type: application/javascript; charset=utf-8

GET
H2 200 izooto.js Show response
cdn.izooto.com/scripts/sdk/ 367 KB
91 KB 46ms
29ms Script
application/javascript 2606:4700::6810:8041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sdk/izooto.js

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8041 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b51348dd72cd443ce9226af2878a89ded9ccef65b28e0221a8e26af937ef2724

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: public, max-age=1382400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6736f3cb-5bb34"
age: 1001018
cf-ray: 8e8ce2bffca63c15-NRT
expires: Thu, 12 Dec 2024 21:14:01 GMT
access-control-allow-origin: *
date: Tue, 26 Nov 2024 21:14:01 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript
last-modified: Fri, 15 Nov 2024 07:10:03 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 rancak-desktop.css
www.viva.co.id/asset-viva/responsive-web/css/ 4 KB
2 KB 85ms
17ms Stylesheet
text/css 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/rancak-desktop.css?v=2.85

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

579d84eefe1448dd6eb43d22fd3a8ee54aa21867c1f7604d08bef1251e4a568f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"670ca722-1184"
age: 1523854
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:01 GMT
content-type: text/css
last-modified: Mon, 14 Oct 2024 05:07:46 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8e8ce2c04c5cafd5-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 icon-profile-small.jpg
www.viva.co.id/asset-viva/responsive-web/img/ 558 B
844 B 15ms
15ms Image
image/jpeg 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.viva.co.id/asset-viva/responsive-web/img/icon-profile-small.jpg?v=2.85

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

679200d4f85b43c2bb416009d7af328f911bf6f55ec077baea8c2a5e7fb166bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "670ca722-254"
age: 1523853
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
cf-polished: origSize=596
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:01 GMT
content-type: image/jpeg
last-modified: Mon, 14 Oct 2024 05:07:46 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8e8ce2c06c7dafd5-NRT
accept-ranges: bytes
content-length: 558
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 giantbanner.css
www.viva.co.id/asset-viva/responsive-web/iklan/css/ 2 KB
905 B 15ms
15ms Stylesheet
text/css 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/iklan/css/giantbanner.css?v=2.85

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

997b4c667a087650b5d478cced3909e5ff2447d46e8a1c44cb41d6cb95c7502e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6736f8ef-7ab"
age: 488049
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:01 GMT
content-type: text/css
last-modified: Fri, 15 Nov 2024 07:31:59 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8e8ce2c06c7eafd5-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 giantbanner.js Show response
www.viva.co.id/asset-viva/responsive-web/iklan/js/ 718 B
549 B 23ms
14ms Script
application/javascript 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/iklan/js/giantbanner.js?v=2.85

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3899e9e56c442324cd90be0bb8db62ec0ef2e8e853de8518e63186a3822ff28d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6736f8ef-2ce"
age: 673060
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: application/javascript
last-modified: Fri, 15 Nov 2024 07:31:59 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8e8ce2c28e16afd5-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 portalpilkada-logo.png
www.viva.co.id/asset-viva/responsive-web/img/ 14 KB
15 KB 29ms
20ms Image
image/webp 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.viva.co.id/asset-viva/responsive-web/img/portalpilkada-logo.png?v=2.85

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57791b16a202f661684de6f2653dcdbc564caa178d9bfcc3d8555118b6269760

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "670ca722-9755"
age: 1524049
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
cf-polished: origFmt=png, origSize=38741
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: image/webp
content-disposition: inline; filename="portalpilkada-logo.webp"
vary: Accept
last-modified: Mon, 14 Oct 2024 05:07:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8e8ce2c28e18afd5-NRT
accept-ranges: bytes
content-length: 14552
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 indonesia-maju.svg
www.viva.co.id/asset-viva/responsive-web/img/ 158 KB
119 KB 26ms
18ms Image
image/svg+xml 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.viva.co.id/asset-viva/responsive-web/img/indonesia-maju.svg?v=2.85

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e3242e4d38c7e2679cb0b2c107a03be5bcaefbc6a12df662d9cda1e182600dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"67249db5-277e3"
age: 1523854
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: image/svg+xml
last-modified: Fri, 01 Nov 2024 09:21:57 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8e8ce2c28e19afd5-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 logo-kemnaker.png
www.viva.co.id/asset-viva/responsive-web/img/ 9 KB
9 KB 24ms
16ms Image
image/webp 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.viva.co.id/asset-viva/responsive-web/img/logo-kemnaker.png?v=2.85

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d50241eb01f1a558d4291b0a3b576a2904fe8f6add1599a4c9172ab8897c1033

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "670ca722-440b"
age: 1524049
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
cf-polished: origFmt=png, origSize=17419
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: image/webp
content-disposition: inline; filename="logo-kemnaker.webp"
vary: Accept
last-modified: Mon, 14 Oct 2024 05:07:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8e8ce2c28e1aafd5-NRT
accept-ranges: bytes
content-length: 9138
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 logo-pupr.png
www.viva.co.id/asset-viva/responsive-web/img/ 5 KB
5 KB 35ms
27ms Image
image/webp 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.viva.co.id/asset-viva/responsive-web/img/logo-pupr.png?v=2.85

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c42526f8a9ad1fd7555b693e73b0e257d10244f41fa34303b47db3c5d8ef8d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "670ca722-1d76"
age: 1524049
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
cf-polished: origFmt=png, origSize=7542
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: image/webp
content-disposition: inline; filename="logo-pupr.webp"
vary: Accept
last-modified: Mon, 14 Oct 2024 05:07:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8e8ce2c28e1dafd5-NRT
accept-ranges: bytes
content-length: 5254
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 logo-viu.png
www.viva.co.id/asset-viva/responsive-web/img/ 2 KB
2 KB 24ms
16ms Image
image/webp 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.viva.co.id/asset-viva/responsive-web/img/logo-viu.png?v=2.85

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5fdf55811d35f693f9b36cb154943ebed52a607dba3e47b7841092d3c2ac92a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "670ca722-af0"
age: 1523854
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
cf-polished: origFmt=png, origSize=2800
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: image/webp
content-disposition: inline; filename="logo-viu.webp"
vary: Accept
last-modified: Mon, 14 Oct 2024 05:07:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8e8ce2c28e1fafd5-NRT
accept-ranges: bytes
content-length: 1634
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 logo-siapa.svg
www.viva.co.id/asset-viva/responsive-web/img/ 5 KB
2 KB 35ms
27ms Image
image/svg+xml 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.viva.co.id/asset-viva/responsive-web/img/logo-siapa.svg?v=2.85

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4dd9a4397ee301f4bf6edf04482a581c583536b2d1fa82dc70600598b4755f10

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"670ca722-1220"
age: 1523854
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: image/svg+xml
last-modified: Mon, 14 Oct 2024 05:07:46 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8e8ce2c28e20afd5-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 adirabetj.jpg
i.postimg.cc/85tP8Lr9/ 197 KB
197 KB 638ms
104ms Image
image/jpeg 104.238.220.6
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/85tP8Lr9/adirabetj.jpg
Requested by: Host: paddyofegans.com
URL: https://paddyofegans.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.238.220.6 Los Angeles, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: b5243d74b256db276e67b1c4b152af430f1f235c248c71a9c781858676174712

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: max-age=315360000, public
access-control-allow-methods: GET, OPTIONS
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 201220
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: image/jpeg
last-modified: Sat, 23 Nov 2024 08:33:23 GMT
server: nginx

GET
H3 200 klik.gif
tokojelly.xyz/ 579 KB
580 KB 42ms
16ms Image
image/gif 172.67.189.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tokojelly.xyz/klik.gif
Requested by: Host: paddyofegans.com
URL: https://paddyofegans.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.189.45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a05260a66955e8bf718069b2618e4c533932f99f42360140bb785d1c8dfaa2f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cf-cache-status: HIT
age: 491930
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=10zTVF9MieDCV0MRHRxfR7Ju0q4udXJYmCWMSU4GB0IKjQZRXbHrmq6GX0Kh68Hnp7LE6QU7%2Fwh7a5kcXq5a2KyY%2B3TghBbXlM1hihGRr8zo%2FquSLZARFL0ncMBNbfzv"}],"group":"cf-nel","max_age":604800}
expires: Thu, 28 Nov 2024 04:35:12 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1613&min_rtt=1302&rtt_var=535&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4251&recv_bytes=5700&delivery_rate=446769&cwnd=12000&unsent_bytes=0&cid=39d53252e9c95d4f&ts=22&x=1", cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: image/gif
last-modified: Thu, 22 Aug 2024 08:06:35 GMT
vary: Accept-Encoding
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8ce2c2eecfb005-NRT
accept-ranges: bytes
content-length: 592780
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H2 200 / Show response
click.advertnative.com/loading/ 3 KB
3 KB 264ms
116ms Script
application/javascript 139.99.126.163
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://click.advertnative.com/loading/?handle=15767

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.99.126.163 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

tinong247.vn

Software

nginx/1.18.0 / PHP/7.2.24

Resource Hash

89b4a8e04bfd713dbc1390064d3c144b049aa454d8263481d05651e4951ca25b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=15768000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

strict-transport-security: max-age=15768000, max-age=15768000
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: application/javascript; charset=utf-8
x-powered-by: PHP/7.2.24
server: nginx/1.18.0

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 263 KB
96 KB 356ms
345ms Script
application/x-javascript 23.32.225.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.outbrain.com/outbrain.js

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.32.225.140 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-32-225-140.deploy.static.akamaitechnologies.com

Software

Resource Hash

579735b18b6f2fb2876b8504462522781b75dc81473c46dc58a6d469efbaca0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
etag: "17-aEhcujQjQ22EitcpZPAPSAq5MS4"
access-control-allow-methods: GET,POST
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: application/x-javascript
last-modified: Tue, 26 Nov 2024 12:37:43 GMT
vary: Accept-Encoding
x-traceid: ceed42e4a77ba17a3cfb1d8d50a1ba17
strict-transport-security: max-age=31536000; includeSubDomains; preload
edge-cache-tag: widget-cheetah
cache-control: max-age=14500
timing-allow-origin: *, *
access-control-request-headers: X-OB-STG,X-OB-PRD
access-control-allow-credentials: false
access-control-allow-origin: *
content-length: 97969

GET
H3 200 portalpilkada-widget-left.svg
www.viva.co.id/asset-viva/responsive-web/img/ 3 KB
2 KB 34ms
27ms Image
image/svg+xml 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.viva.co.id/asset-viva/responsive-web/img/portalpilkada-widget-left.svg?v=2.85

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd0c6bfc24e3ae1b4757c1d7b1cdaaef4e185f771279983524fa5d5a65579cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"670ca722-ce3"
age: 1524049
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: image/svg+xml
last-modified: Mon, 14 Oct 2024 05:07:46 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8e8ce2c28e21afd5-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 mobile Show response
delivery.r2b2.io/get/viva.co.id/generic/sticky/ 164 KB
46 KB 69ms
50ms Script
text/javascript 151.101.195.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.r2b2.io/get/viva.co.id/generic/sticky/mobile
Requested by: Host: paddyofegans.com
URL: https://paddyofegans.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 26ba9e82aa0e5f921153ece4fdb4ac3dda4d14e5583af7d694b35c7fef5d5c9d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

x-execution-time: 4
content-encoding: br
accept-ranges: none
x-cache: HIT
date: Tue, 26 Nov 2024 21:14:01 GMT
content-type: text/javascript
x-served-by: cache-nrt-rjtf7700057-NRT
vary: accept-encoding

GET
H2 200 mobile Show response
delivery.r2b2.io/get/viva.co.id/generic/300x250/ 24 KB
8 KB 28ms
10ms Script
text/javascript 151.101.195.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.r2b2.io/get/viva.co.id/generic/300x250/mobile
Requested by: Host: paddyofegans.com
URL: https://paddyofegans.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6a055f0efa5fff6c762484d52fe1774db8b5a963c750220a233d3a6c75f84224

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

x-execution-time: 4
content-encoding: br
accept-ranges: none
x-cache: HIT
date: Tue, 26 Nov 2024 21:14:01 GMT
content-type: text/javascript
x-served-by: cache-nrt-rjtf7700067-NRT
vary: accept-encoding

GET
H2 200 mobile Show response
delivery.r2b2.io/get/viva.co.id/generic/320x50/ 25 KB
7 KB 15ms
15ms Script
text/javascript 151.101.195.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.r2b2.io/get/viva.co.id/generic/320x50/mobile
Requested by: Host: paddyofegans.com
URL: https://paddyofegans.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c2cc8efbcd5a3597dde376a162b5cfed0d3fe5b35d36c0b004289245872bdf61

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

x-execution-time: 3
content-encoding: br
accept-ranges: none
x-cache: HIT
date: Tue, 26 Nov 2024 21:14:01 GMT
content-type: text/javascript
x-served-by: cache-nrt-rjtf7700034-NRT
vary: accept-encoding

GET
H2 200 sticky Show response
delivery.r2b2.io/get/viva.co.id/generic/ 154 KB
44 KB 11ms
11ms Script
text/javascript 151.101.195.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.r2b2.io/get/viva.co.id/generic/sticky
Requested by: Host: paddyofegans.com
URL: https://paddyofegans.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0e139380dd2c09212a6030d38c32a2fb679c3203181052241e25fa34513d1899

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

x-execution-time: 4
content-encoding: br
accept-ranges: none
x-cache: HIT
date: Tue, 26 Nov 2024 21:14:01 GMT
content-type: text/javascript
x-served-by: cache-nrt-rjtf7700090-NRT
vary: accept-encoding

GET
H2 200 300x600 Show response
delivery.r2b2.io/get/viva.co.id/generic/ 25 KB
8 KB 51ms
50ms Script
text/javascript 151.101.195.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.r2b2.io/get/viva.co.id/generic/300x600
Requested by: Host: paddyofegans.com
URL: https://paddyofegans.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e662e79fe56f239788e49aee2a9804b11f57cace615943dc6953edeee1d2f2d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

x-execution-time: 4
content-encoding: br
accept-ranges: none
x-cache: HIT
date: Tue, 26 Nov 2024 21:14:01 GMT
content-type: text/javascript
x-served-by: cache-nrt-rjtf7700063-NRT
vary: accept-encoding

GET
H2 200 300x250 Show response
delivery.r2b2.io/get/viva.co.id/generic/ 24 KB
8 KB 9ms
9ms Script
text/javascript 151.101.195.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.r2b2.io/get/viva.co.id/generic/300x250
Requested by: Host: paddyofegans.com
URL: https://paddyofegans.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7b2452d9d547bc1cd220699aff6b3e050e5b9d3b6e4d3e28ce9f020c8098ee82

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

x-execution-time: 3
content-encoding: br
accept-ranges: none
x-cache: HIT
date: Tue, 26 Nov 2024 21:14:01 GMT
content-type: text/javascript
x-served-by: cache-nrt-rjtf7700097-NRT
vary: accept-encoding

GET
H2 200 320x50 Show response
delivery.r2b2.io/get/viva.co.id/generic/ 39 KB
10 KB 10ms
10ms Script
text/javascript 151.101.195.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.r2b2.io/get/viva.co.id/generic/320x50
Requested by: Host: paddyofegans.com
URL: https://paddyofegans.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5e26deda781c7f90d076ae7dd7224f198fbaa638a8558351d16998cf8d19c026

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

x-execution-time: 4
content-encoding: br
accept-ranges: none
x-cache: HIT
date: Tue, 26 Nov 2024 21:14:01 GMT
content-type: text/javascript
x-served-by: cache-nrt-rjtf7700100-NRT
vary: accept-encoding

GET
H2 200 160x600 Show response
delivery.r2b2.io/get/viva.co.id/generic/ 40 KB
10 KB 14ms
14ms Script
text/javascript 151.101.195.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.r2b2.io/get/viva.co.id/generic/160x600
Requested by: Host: paddyofegans.com
URL: https://paddyofegans.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 94ded7db412385b9e12b1943ce44b491961c6594db3e77e484f52ae8e040a44d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

x-execution-time: 4
content-encoding: br
accept-ranges: none
x-cache: HIT
date: Tue, 26 Nov 2024 21:14:01 GMT
content-type: text/javascript
x-served-by: cache-nrt-rjtf7700103-NRT
vary: accept-encoding

GET
H3 200 r2b2.js Show response
www.viva.co.id/asset-viva/responsive-web/iklan/js/ 1 KB
820 B 39ms
32ms Script
application/javascript 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/iklan/js/r2b2.js?v=2.85

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d2606c09d798d3b7a1582e079804e4e5488fbb14d4e312664a1adcfebd112e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"670ca722-520"
age: 1159249
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: application/javascript
last-modified: Mon, 14 Oct 2024 05:07:46 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8e8ce2c28e22afd5-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 logo-vivacoid.png
www.viva.co.id/asset-viva/responsive-web/img/ 3 KB
4 KB 34ms
27ms Image
image/webp 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.viva.co.id/asset-viva/responsive-web/img/logo-vivacoid.png?v=2.85

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3723dbd5db50ef5b2304a07b2012f7af1259d813f30c29714ef6fe4781e7a531

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "670ca722-10fc"
age: 1523632
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
cf-polished: origFmt=png, origSize=4348
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: image/webp
content-disposition: inline; filename="logo-vivacoid.webp"
vary: Accept
last-modified: Mon, 14 Oct 2024 05:07:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8e8ce2c28e25afd5-NRT
accept-ranges: bytes
content-length: 3518
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 logo-vlix.png
www.viva.co.id/asset-viva/responsive-web/img/ 15 KB
15 KB 34ms
27ms Image
image/webp 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.viva.co.id/asset-viva/responsive-web/img/logo-vlix.png?v=2.85

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52aba0a0ae3870e9dfb83eb4017c1b2eaa853dea094e9961cb99d0e1a188bc2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "670ca722-99c9"
age: 1523632
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
cf-polished: origFmt=png, origSize=39369
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: image/webp
content-disposition: inline; filename="logo-vlix.webp"
vary: Accept
last-modified: Mon, 14 Oct 2024 05:07:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8e8ce2c28e26afd5-NRT
accept-ranges: bytes
content-length: 15234
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 tvone.png
www.viva.co.id/asset-viva/responsive-web/img/ 2 KB
3 KB 39ms
32ms Image
image/webp 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.viva.co.id/asset-viva/responsive-web/img/tvone.png?v=2.85

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b8e6dbb3d4656f18c5b50c7da8f863ce8677bcf66ef7e4032178e4f90c603a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "670ca722-b3f"
age: 1523632
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
cf-polished: origFmt=png, origSize=2879
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: image/webp
content-disposition: inline; filename="tvone.webp"
vary: Accept
last-modified: Mon, 14 Oct 2024 05:07:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8e8ce2c28e27afd5-NRT
accept-ranges: bytes
content-length: 2450
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 logo-antvklik.png
www.viva.co.id/asset-viva/responsive-web/img/ 2 KB
3 KB 36ms
29ms Image
image/webp 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.viva.co.id/asset-viva/responsive-web/img/logo-antvklik.png?v=2.85

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7762cdba021a747f751b3e765df1828eebbaa96b5c7fd6b950bd39ee582c363

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "670ca722-eb6"
age: 1523632
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
cf-polished: origFmt=png, origSize=3766
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: image/webp
content-disposition: inline; filename="logo-antvklik.webp"
vary: Accept
last-modified: Mon, 14 Oct 2024 05:07:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8e8ce2c28e28afd5-NRT
accept-ranges: bytes
content-length: 2298
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 logo-intipseleb.png
www.viva.co.id/asset-viva/responsive-web/img/ 3 KB
3 KB 36ms
29ms Image
image/webp 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.viva.co.id/asset-viva/responsive-web/img/logo-intipseleb.png?v=2.85

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d86937a158a8feae1eb3e3a71f66e16c245f74467b765464b1b782a290687f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "670ca722-bb9"
age: 1523632
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
cf-polished: origFmt=png, origSize=3001
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: image/webp
content-disposition: inline; filename="logo-intipseleb.webp"
vary: Accept
last-modified: Mon, 14 Oct 2024 05:07:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8e8ce2c28e29afd5-NRT
accept-ranges: bytes
content-length: 2636
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 logo-jagodangdut.png
www.viva.co.id/asset-viva/responsive-web/img/ 2 KB
3 KB 37ms
31ms Image
image/webp 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.viva.co.id/asset-viva/responsive-web/img/logo-jagodangdut.png?v=2.85

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8cd0945166d683e390b543c8c5c8ecce33f7119ff5835bc2446b36bd10b74a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "670ca722-bd9"
age: 1523632
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
cf-polished: origFmt=png, origSize=3033
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: image/webp
content-disposition: inline; filename="logo-jagodangdut.webp"
vary: Accept
last-modified: Mon, 14 Oct 2024 05:07:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8e8ce2c28e2aafd5-NRT
accept-ranges: bytes
content-length: 2438
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 wa-channel.svg
www.viva.co.id/asset-viva/responsive-web/img/ 3 KB
2 KB 35ms
29ms Image
image/svg+xml 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.viva.co.id/asset-viva/responsive-web/img/wa-channel.svg?v=2.85

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb7907cec135f0e9ec513cdb19f31a581752984e0eb2166150b5f23ea10fe835

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"670ca722-b1e"
age: 1523853
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: image/svg+xml
last-modified: Mon, 14 Oct 2024 05:07:46 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8e8ce2c28e2bafd5-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 lazysizes.min.js Show response
www.viva.co.id/asset-viva/responsive-web/js/ 8 KB
4 KB 35ms
30ms Script
application/javascript 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/js/lazysizes.min.js?v=2.85

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9b0999f439d6fc07e37171f45a1cef5a75c419dcfcc28321ec6f2ce12011b07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"670ca722-1ebb"
age: 1523854
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: application/javascript
last-modified: Mon, 14 Oct 2024 05:07:46 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8e8ce2c28e2dafd5-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 base.js Show response
www.viva.co.id/asset-viva/responsive-web/js/ 4 KB
1 KB 37ms
32ms Script
application/javascript 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/js/base.js?v=2.85

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8eb8d561b2af70e27b34fc94cfdf0bd734ac464fd245267c305c75d5dcbc2c1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"670ca722-118a"
age: 1524210
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: application/javascript
last-modified: Mon, 14 Oct 2024 05:07:46 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8e8ce2c28e2eafd5-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 detail-copy.js Show response
www.viva.co.id/asset-viva/responsive-web/js/ 711 B
668 B 38ms
34ms Script
application/javascript 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/js/detail-copy.js?v=2.85

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b5c8da3805d9d11c3d3c7bfe3aa7906285fdb7ef1a7f18a11ed5953e6baa66a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"670ca722-2c7"
age: 1524210
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: application/javascript
last-modified: Mon, 14 Oct 2024 05:07:46 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8e8ce2c28e30afd5-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 cook.php Show response
sso.thevivanetworks.com/ 236 B
851 B 357ms
330ms Script
application/javascript 172.67.135.246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.thevivanetworks.com/cook.php

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.135.246 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbf0af2030686af9c2b66c8db72742c57530aae9b91b7ae8e3700a24e32578b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mrPG5Pj3N8IMk8Qj%2FLGIBbJ7RYMYlWIPkhLd5XiMQUCyaJTOINdPlHz8oTHOm5YlXU5ffyOPRVVIxOpoOrfIxcNXGmi4udIh8GT%2Bl3V3hHsd2AyP2P%2BoBfSO7IabLKJx8%2BMklqmZrcoYfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4579&sent=14&recv=11&lost=0&retrans=0&sent_bytes=4234&recv_bytes=5617&delivery_rate=1040&cwnd=12000&unsent_bytes=0&cid=496f53f2f60272f7&ts=341&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8ce2c30f1ce029-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H/1.1 200
OK uid2-sdk-3.2.0.js Show response
cdn.prod.uidapi.com/ 24 KB
25 KB 74ms
12ms Script
text/javascript 2600:9000:26a9:6c00:a:e047:754:f4a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2-sdk-3.2.0.js
Requested by: Host: paddyofegans.com
URL: https://paddyofegans.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26a9:6c00:a:e047:754:f4a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a89306d44791afa482b05eca81136304a9b63e0b2be0967b2cda0a3f64af5df0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

x-amz-version-id: Ig1D8Iwz1EDgtYSS0rWi.KiVAlDG_cbj
ETag: "de7d05e12b7d11fa22ad4b16481f1925"
Age: 81926
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: SAQ0cKu4JJmidcDENLhavliy7gx4De-5_y_uyvIPiNFbFazft-arQw==
Date: Mon, 25 Nov 2024 22:28:37 GMT
Content-Type: text/javascript
Last-Modified: Mon, 09 Oct 2023 04:44:24 GMT
x-amz-replication-status: COMPLETED
Connection: keep-alive
Via: 1.1 a532cd265198c776263d431ed698ba2e.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 24594
X-Amz-Cf-Pop: KIX56-P2
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 unifiedid2.js Show response
www.viva.co.id/asset-viva/responsive-web/iklan/js/ 1 KB
870 B 33ms
30ms Script
application/javascript 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/iklan/js/unifiedid2.js?v=2.85

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c48b3ea62716a485b054d83771276f69dfab80d53009dd347d9b49f2e4b7ae65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"670ca722-5ad"
age: 1177990
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: application/javascript
last-modified: Mon, 14 Oct 2024 05:07:46 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8e8ce2c28e33afd5-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 viva-app.js Show response
www.viva.co.id/asset-viva/responsive-web/js/ 2 KB
833 B 33ms
30ms Script
application/javascript 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/js/viva-app.js?v=2.85

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8a1366618012b338623a64297e330fc920a50c59d17776758341ed9e52f13b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"670ca722-919"
age: 1523854
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: application/javascript
last-modified: Mon, 14 Oct 2024 05:07:46 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8e8ce2c28e35afd5-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 vre-stg.js Show response
data-rengine.viva.co.id/ 698 B
664 B 314ms
304ms Script
application/javascript 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://data-rengine.viva.co.id/vre-stg.js

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f50921b4bb2395bd54fead36e59b0178fa9a670908b62d0dd6c42e93ccd817b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
cache-control: max-age=300
content-encoding: br
cf-cache-status: HIT
etag: W/"0b09d2a3e5a06a0bc8ef506b0c8c1362"
cf-ray: 8e8ce2c32e9cafd5-NRT
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: application/javascript
x-obs-request-id: 000001930F793733B01457D93D65D84E
vary: Accept-Encoding
last-modified: Fri, 01 Mar 2024 07:49:06 GMT

GET
H3 200 footer-style.css
www.viva.co.id/asset-viva/responsive-web/css/ 2 KB
885 B 20ms
20ms Stylesheet
text/css 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/footer-style.css?v=2.85

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e504f36e9c0aa264956f6d46e49fc7a6ed7f118529e286412f13a9a4225c0c87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"670ca722-651"
age: 1523853
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:01 GMT
content-type: text/css
last-modified: Mon, 14 Oct 2024 05:07:46 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8e8ce2c13d0dafd5-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 color-light.css
www.viva.co.id/asset-viva/responsive-web/css/ 3 KB
1 KB 21ms
21ms Stylesheet
text/css 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/color-light.css?v=2.85

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb797f6a1bf5afea405b836d26ed891f66331cd929db748fd6590f31c9646a27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"670ca722-c01"
age: 1523853
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:01 GMT
content-type: text/css
last-modified: Mon, 14 Oct 2024 05:07:46 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8e8ce2c13d15afd5-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 color-light-desktop.css
www.viva.co.id/asset-viva/responsive-web/css/ 357 B
478 B 22ms
22ms Stylesheet
text/css 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/color-light-desktop.css?v=2.85

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcd770e2cb9546ed1ab2b570a67ce45ba388bee12ab2f031c1824353cbefd3e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"670ca722-165"
age: 1523853
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:01 GMT
content-type: text/css
last-modified: Mon, 14 Oct 2024 05:07:46 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8e8ce2c15d29afd5-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 color-dark.css
www.viva.co.id/asset-viva/responsive-web/css/ 3 KB
1 KB 15ms
14ms Stylesheet
text/css 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/color-dark.css?v=2.85

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb8a18c337c3710d459aef28c0d4942069eab765bf4fe8e5f0e3a8a9530c97fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"670ca722-d9a"
age: 1523853
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:01 GMT
content-type: text/css
last-modified: Mon, 14 Oct 2024 05:07:46 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8e8ce2c15d36afd5-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 color-dark-desktop.css
www.viva.co.id/asset-viva/responsive-web/css/ 401 B
489 B 15ms
15ms Stylesheet
text/css 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/color-dark-desktop.css?v=2.85

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

083c6b672b316f3a046bde98a0c176f0cb3584534b3e74904cb32b0ca1f226df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"670ca722-191"
age: 1523853
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:01 GMT
content-type: text/css
last-modified: Mon, 14 Oct 2024 05:07:46 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8e8ce2c17d40afd5-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 hold.css
www.viva.co.id/asset-viva/responsive-web/css/ 20 KB
5 KB 16ms
16ms Stylesheet
text/css 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/hold.css?v=2.85

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

708a8077fa186892d91cc20cbe1a979c625ffebbd354e37b1df612dd23664ebd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"670ca722-518f"
age: 1523853
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:01 GMT
content-type: text/css
last-modified: Mon, 14 Oct 2024 05:07:46 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8e8ce2c17d43afd5-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 hold-desktop.css
www.viva.co.id/asset-viva/responsive-web/css/ 3 KB
1 KB 18ms
18ms Stylesheet
text/css 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/hold-desktop.css?v=2.85

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f6ee0f7bf816084278b1799fbf5a1916cc3054785ea76d7e8c2dde88db44c0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"670ca722-adc"
age: 1523853
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:01 GMT
content-type: text/css
last-modified: Mon, 14 Oct 2024 05:07:46 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8e8ce2c19d4fafd5-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 iosfix.css
www.viva.co.id/asset-viva/responsive-web/css/ 182 B
381 B 15ms
14ms Stylesheet
text/css 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/iosfix.css?v=2.85

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c25763c777e259235f4e23bd621cc39dedc55faaeba4444f7d7711cc9da36a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"670ca722-b6"
age: 1523853
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:01 GMT
content-type: text/css
last-modified: Mon, 14 Oct 2024 05:07:46 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8e8ce2c19d55afd5-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 popinfix.css
www.viva.co.id/asset-viva/responsive-web/iklan/css/ 2 KB
1 KB 14ms
13ms Stylesheet
text/css 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/iklan/css/popinfix.css?v=2.85

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e579cdf4d7652ca013120fa529cea04864bb4e0d120afb716a5fa6fb3ef01517

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"670ca722-957"
age: 1523853
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:01 GMT
content-type: text/css
last-modified: Mon, 14 Oct 2024 05:07:46 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8e8ce2c1bd63afd5-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 macawfix.css
www.viva.co.id/asset-viva/responsive-web/iklan/css/ 320 B
436 B 17ms
17ms Stylesheet
text/css 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/iklan/css/macawfix.css?v=2.85

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d65426fa7754d57f738550542301db572a825d92eb264e9c1c9a85b40df2d468

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"670ca722-140"
age: 1523853
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:01 GMT
content-type: text/css
last-modified: Mon, 14 Oct 2024 05:07:46 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8e8ce2c1bd66afd5-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 freakoutfix.css
www.viva.co.id/asset-viva/responsive-web/iklan/css/ 664 B
595 B 24ms
23ms Stylesheet
text/css 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/iklan/css/freakoutfix.css?v=2.85

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76098890aa9c07f04a65c8b8611cfc2abafde4a13d11d76d8cc8bd38d592e816

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"670ca722-298"
age: 1523853
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:01 GMT
content-type: text/css
last-modified: Mon, 14 Oct 2024 05:07:46 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8e8ce2c1cd7cafd5-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 fontawesome5.css
www.viva.co.id/asset-viva/responsive-web/css/ 2 KB
634 B 16ms
15ms Stylesheet
text/css 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/fontawesome5.css?v=2.85

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85fc9d5de7a76ff51e5561182705a1896af5a561fb3b99dfe2f3ceda7707d125

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"670ca722-6c3"
age: 1523853
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:01 GMT
content-type: text/css
last-modified: Mon, 14 Oct 2024 05:07:46 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8e8ce2c1cd82afd5-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 x4kuw.js Show response
geo.dailymotion.com/libs/player/ 41 KB
13 KB 185ms
178ms Script
text/javascript 13.200.1.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.dailymotion.com/libs/player/x4kuw.js

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.200.1.252 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-200-1-252.ap-south-1.compute.amazonaws.com

Software

Resource Hash

061f5690b7e72017c3d342e199fe828105e68dc1e358ed13bb704a9121b5fc7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
link: <https://static-origin.dmcdn.net>; rel="preconnect"; crossorigin, <https://www.dailymotion.com>; rel="preconnect"; crossorigin
cache-control: no-cache, no-store
content-encoding: br
content-length: 12313
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: text/javascript; charset=utf-8

GET
H2 200 bundle.6b7b9433e47f9a4bfe93.js Show response
delivery.r2b2.io/js/7.24.0/online/public/ 758 KB
241 KB 19ms
17ms Script
text/javascript 151.101.195.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/get/viva.co.id/generic/sticky/mobile
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1e84ea1595ae336d42aa95123c16585099b126008768a993d1b48aba91b5c891

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: max-age=10800, public
content-encoding: gzip
etag: "673c7be2-bd8ee"
age: 898
x-lb-cache: HIT
expires: Tue, 26 Nov 2024 23:58:48 GMT
accept-ranges: bytes
x-cache: HIT
content-length: 246573
date: Tue, 26 Nov 2024 20:59:05 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 19 Nov 2024 11:52:02 GMT
server: nginx
x-cache-hits: 25040
x-served-by: cache-nrt-rjtf7700061-NRT

GET
H2 200 ifo0f39r58 Show response
www.clarity.ms/tag/ 865 B
1 KB 184ms
167ms Script
application/x-javascript 2620:1ec:bdf::46
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/ifo0f39r58?ref=gtm2
Requested by: Host: paddyofegans.com
URL: https://paddyofegans.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c290582c983f1ef5467109295dc614860386964d58698efeed84a33b9159ab26

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 865
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: application/x-javascript
x-azure-ref: 20241126T211402Z-167dd484d77ndpllhC1TYO2ad4000000088g000000002p6z

GET
H3 200 hold-mobile.css
www.viva.co.id/asset-viva/responsive-web/css/ 4 KB
1 KB 21ms
20ms Stylesheet
text/css 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/hold-mobile.css?v=2.85

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

918ab98299ed3e657af5f5d5d625f8480d1592ae2bc9d05bc623c5dc27332411

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"670ca722-f27"
age: 1523854
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: text/css
last-modified: Mon, 14 Oct 2024 05:07:46 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8e8ce2c2ae4bafd5-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 pilkada-bg.svg
www.viva.co.id/asset-viva/responsive-web/img/ 176 KB
61 KB 18ms
17ms Image
image/svg+xml 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.viva.co.id/asset-viva/responsive-web/img/pilkada-bg.svg?v=2.85

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ebed5842b2d65b31b69a4176986f54c7997f20f902134a5dc4ea29ef4dcdc82

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"670ca722-2be5a"
age: 1523854
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: image/svg+xml
last-modified: Mon, 14 Oct 2024 05:07:46 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8e8ce2c2be57afd5-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 3454 0
0 98ms
40ms Document
text/html 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-YFFX5TN9EH&gacid=765266272.1730230449&gtm=45je4bk0v883879034za200zb72652391&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=2014715549

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 26 Nov 2024 21:14:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 taboola-prebid-browsing-topics.html
cdn.taboola.com/libtrc/static/topics/ Frame C9E4 0
0 18ms
1ms Document
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/topics/taboola-prebid-browsing-topics.html?bidder=taboola
Requested by: Host: paddyofegans.com
URL: https://paddyofegans.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

abp: 32
accept-ranges: bytes
access-control-allow-origin: *
age: 10
cache-control: private,max-age=31536000
content-encoding: gzip
content-length: 539
content-type: text/html
date: Tue, 26 Nov 2024 21:14:02 GMT
etag: "3a04a0889d22f29ff26db71b6559fec1"
last-modified: Tue, 20 Feb 2024 14:00:18 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 varnish
x-amz-id-2: /1Y0i0JAl6NUj6qgnnwEj19h6UUaLsehqCJMKCUmbl1H1n6lwq+jAZR3pysP1RfGmsuvevM3F8A=
x-amz-replication-status: COMPLETED
x-amz-request-id: MZXH0739VTF4ZNVZ
x-amz-server-side-encryption: AES256
x-amz-version-id: x9X4oBHDSMJ3A3AgD4XG8_3AHqwdsw1t
x-cache: HIT
x-cache-hits: 6
x-served-by: cache-nrt-rjtf7700091-NRT
x-timer: S1732655642.089125,VS0,VE0

GET fa-solid-900.woff2
www.viva.co.id/asset-viva/responsive-web/fonts/awesome5/ 0
0

GET
H2 200 topicsapi.html
onetag-sys.com/static/ Frame F441 0
0 213ms
71ms Document
text/html 51.79.154.29
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/static/topicsapi.html?bidder=onetag

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.79.154.29 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip29.ip-51-79-154.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: public, max-age=2628000, immutable
content-encoding: gzip
content-length: 566
content-type: text/html
expires: Mon, 01 Jan 2046 12:34:56 GMT
strict-transport-security: max-age=15552000
vary: accept-encoding

GET
H/1.1 200
OK prebid-topics-frame.html
api.popin.cc/topic/ Frame BA46 0
0 40ms
6ms Document
text/html 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/topic/prebid-topics-frame.html?bidder=discovery
Requested by: Host: paddyofegans.com
URL: https://paddyofegans.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control: max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Cross-Origin-Resource-Policy: cross-origin
Date: Tue, 26 Nov 2024 21:14:02 GMT
ETag: W/"8c71e26cee5af68d0dbe5d507b8ed111"
Expires: Tue, 26 Nov 2024 22:14:02 GMT
Last-Modified: Tue, 12 Mar 2024 03:24:51 GMT
Server: nginx
Timing-Allow-Origin: *
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Cache-Status: HIT from 10.252.55.26
x-amz-server-side-encryption: AES256
x-amz-version-id: NGIkCgD6bcLUel.CcLdlmpgCJ.f_PIbB

GET
H2 200 topics.html
hb.360yield.com/privacy-sandbox/ Frame 0C8C 0
0 38ms
9ms Document
text/html 3.163.218.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.360yield.com/privacy-sandbox/topics.html?bidder=improvedigital
Requested by: Host: paddyofegans.com
URL: https://paddyofegans.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.163.218.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-163-218-21.kix56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 110
cache-control: max-age=3600
content-length: 840
content-type: text/html
date: Tue, 26 Nov 2024 21:12:13 GMT
etag: "df731667f516cd61f16f3bc51bc7022f"
last-modified: Thu, 14 Mar 2024 16:48:35 GMT
server: AmazonS3
via: 1.1 c4df4bd4ce15c39496dd040401d8f4b2.cloudfront.net (CloudFront)
x-amz-cf-id: pECHDaQAVl8EtcHOfw973Ay8PH3pPBWxAaYG8_rExjYBvM5NzYTa7w==
x-amz-cf-pop: KIX56-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: kpEupr6y3cwJy6IieEVrXoWKzFeDpUx4
x-cache: Hit from cloudfront

GET
H2 200 topicsapi.html
onetag-sys.com/static/ Frame A229 0
0 202ms
202ms Document
text/html 51.79.154.29
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-sys.com/static/topicsapi.html?bidder=onetag
Requested by: Host: paddyofegans.com
URL: https://paddyofegans.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.79.154.29 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip29.ip-51-79-154.net
Software: /
Resource Hash

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: public, max-age=2628000, immutable
content-encoding: gzip
content-length: 566
content-type: text/html
expires: Mon, 01 Jan 2046 12:34:56 GMT
vary: accept-encoding

GET
H2 200 topics.html
hb.360yield.com/privacy-sandbox/ Frame A8BF 0
0 35ms
35ms Document
text/html 3.163.218.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.360yield.com/privacy-sandbox/topics.html?bidder=improvedigital
Requested by: Host: paddyofegans.com
URL: https://paddyofegans.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.163.218.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-163-218-21.kix56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 110
cache-control: max-age=3600
content-length: 840
content-type: text/html
date: Tue, 26 Nov 2024 21:12:13 GMT
etag: "df731667f516cd61f16f3bc51bc7022f"
last-modified: Thu, 14 Mar 2024 16:48:35 GMT
server: AmazonS3
via: 1.1 c4df4bd4ce15c39496dd040401d8f4b2.cloudfront.net (CloudFront)
x-amz-cf-id: pECHDaQAVl8EtcHOfw973Ay8PH3pPBWxAaYG8_rExjYBvM5NzYTa7w==
x-amz-cf-pop: KIX56-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: kpEupr6y3cwJy6IieEVrXoWKzFeDpUx4
x-cache: Hit from cloudfront

GET
H2 200 topics_frame.html
pa.openx.net/ Frame A271 0
0 23ms
5ms Document
text/html 34.36.214.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.openx.net/topics_frame.html?bidder=openx
Requested by: Host: paddyofegans.com
URL: https://paddyofegans.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.214.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.214.36.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1910
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=3600
content-length: 1036
content-type: text/html; charset=utf-8
date: Tue, 26 Nov 2024 20:42:12 GMT
etag: "c5379e35e267deacc52e06ed0f5fa81f"
last-modified: Mon, 22 Jan 2024 14:38:43 GMT
server: UploadServer
supports-loading-mode: fenced-frame
vary: Origin
x-allow-fledge: true
x-goog-generation: 1705934323795552
x-goog-hash: crc32c=eLLIGA== md5=xTeeNeJn3qzFLgbtD1+oHw==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1036
x-guploader-uploadid: AFiumC5aFER_cfWvrugdI0b-GaXVercl8CmcPImAMnXoKmxb74PN7MXYZ5KuX0W8BkqlFjU72_U

GET
H/1.1 200
OK prebid-topics-frame.html
api.popin.cc/topic/ Frame DBEF 0
0 24ms
24ms Document
text/html 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/topic/prebid-topics-frame.html?bidder=discovery
Requested by: Host: paddyofegans.com
URL: https://paddyofegans.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control: max-age=3600
Content-Encoding: gzip
Content-Type: text/html
Cross-Origin-Resource-Policy: cross-origin
Date: Tue, 26 Nov 2024 21:14:02 GMT
ETag: W/"8c71e26cee5af68d0dbe5d507b8ed111"
Expires: Tue, 26 Nov 2024 22:14:02 GMT
Last-Modified: Tue, 12 Mar 2024 03:24:51 GMT
Server: nginx
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Cache-Status: HIT from 10.252.55.26
x-amz-server-side-encryption: AES256
x-amz-version-id: NGIkCgD6bcLUel.CcLdlmpgCJ.f_PIbB

GET
H2 200 prebid_2024_11_25_7_25_20.js Show response
anymind360.com/js/1326/ 380 KB
129 KB 8ms
7ms Script
application/javascript 151.101.1.55
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anymind360.com/js/1326/prebid_2024_11_25_7_25_20.js

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/1326/ats.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.55 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

63ce28a6a9a33b78c0e3f5ec191fff6314038d1c49889d67ee3018bcd64b8d97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type
content-encoding: gzip
x-goog-hash: crc32c=/gWxeg==, md5=82sWYJt0sbPaSitwxOazdg==
etag: "f36b16609b74b1b3da4a2b70c4e6b376"
age: 49699
x-goog-stored-content-encoding: gzip
expires: Mon, 25 Nov 2024 07:25:35 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-goog-stored-content-length: 131995
x-cache: HIT, HIT
date: Tue, 26 Nov 2024 21:14:02 GMT
last-modified: Mon, 25 Nov 2024 07:25:35 GMT
content-type: application/javascript; charset=UTF-8
x-served-by: cache-tyo11936-TYO, cache-nrt-rjtf7700049-NRT
x-cache-hits: 8, 1
x-guploader-uploadid: AFiumC59CpEYEgb5AIh1PU5MF0S3oqUEGc15zLQRmo08AHhtfMn6wVBaJXORRKGIA9vkJ7BQD4o
strict-transport-security: max-age=31557600
vary: Accept-Encoding
cache-control: max-age=31536000, public
x-goog-storage-class: STANDARD
x-timer: S1732655642.128415,VS0,VE1
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1732519535082351
content-length: 131995
server: UploadServer

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 107 KB
33 KB 87ms
47ms Script
text/javascript 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/1326/ats.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

3c958c27c30ca5cb798719c52355a13ea7abcac9bc3b4d6f20fcdb8841eae4da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: br
etag: 883 / 20053 / m202411180101 / config-hash: 2173145291705866055
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 21:14:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33304
x-xss-protection: 0
server: cafe

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 345 KB
85 KB 100ms
9ms Script
application/javascript 13.249.153.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/1326/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.153.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-153-39.nrt51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3bf4f940a69cf7d1af0797f0371ddae937a8274190b22ebe165f0f7223b0e670

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=3600
content-encoding: gzip
etag: W/"812ceba01127f3bf5aede260eaddcd29"
age: 2057
via: 1.1 d7ca514ecfb45988506b3b12d3088ac4.cloudfront.net (CloudFront), 1.1 759f5a446e32d0b0f5d49f7d67134620.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: lI8IzFeYIeJ3qeCH8d9uD6E8OqSiA0OrsNxf2nStzhGcDK8Na0cnGQ==
date: Tue, 26 Nov 2024 20:39:46 GMT
content-type: application/javascript
last-modified: Wed, 06 Nov 2024 22:51:07 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-P3, NRT51-C1
x-amz-server-side-encryption: AES256

GET
H2 200 grumi-ip.js Show response
rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/ 16 KB
7 KB 57ms
18ms Script
application/javascript 2600:9000:2218:a600:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/grumi-ip.js
Requested by: Host: paddyofegans.com
URL: https://paddyofegans.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2218:a600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5d7be6f59fe99ff493b48c1ff9bb7cad6d8d13b5abf62a009e8f08fb07ad45d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

vary: accept-encoding
cache-control: public, max-age=14400, stale-while-revalidate=14400, immutable
content-encoding: br
x-amz-version-id: IPqX5wDuYg_yGkZdSr8kqiqCVzw8M0fr
etag: W/"f0532961cd7857f31499843a77d47ecb"
age: 2847
via: 1.1 6269b150df4618d480141e7011541b64.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 0qNO3-ZcT6muODrJYyrHETen5U5pzcfy5uVZVversioP2bhyv0ezSQ==
date: Tue, 26 Nov 2024 20:26:36 GMT
content-type: application/javascript
last-modified: Wed, 06 Nov 2024 14:17:37 GMT
server: AmazonS3
x-amz-cf-pop: NRT51-P2
x-amz-server-side-encryption: AES256

GET
H2 200 iz_setcid.html
cdn.izooto.com/scripts/sak/ Frame 4871 0
0 19ms
14ms Document
text/html 2606:4700::6810:ff40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ff40 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
age: 1645328
cache-control: public, max-age=2678400
cf-cache-status: HIT
cf-ray: 8e8ce2c38ea8e36e-NRT
content-encoding: br
content-type: text/html
date: Tue, 26 Nov 2024 21:14:02 GMT
expires: Fri, 27 Dec 2024 21:14:02 GMT
last-modified: Tue, 14 May 2024 14:09:56 GMT
server: cloudflare
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET fa-solid-900.woff
www.viva.co.id/asset-viva/responsive-web/fonts/awesome5/ 0
0

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/158361/3614/ 260 KB
89 KB 17ms
3ms Script
application/javascript 23.32.224.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/158361/3614/pwt.js
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.224.239 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-224-239.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d5e62fff7eaf370fbed188432f6ea7cfb63ca0ee68a91a7ee86c8befc180c77b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: max-age=164836
content-encoding: gzip
expires: Thu, 28 Nov 2024 19:01:18 GMT
accept-ranges: bytes
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 90697
date: Tue, 26 Nov 2024 21:14:02 GMT
last-modified: Tue, 17 Oct 2023 13:19:47 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2 200 topicsapi.html
topics.authorizedvault.com/ Frame B8F6 0
0 19ms
1ms Document
text/html 2a02:6ea0:d300::33
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://topics.authorizedvault.com/topicsapi.html?bidder=rtbhouse
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:d300::33 Tokyo, Japan, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=604800
content-encoding: gzip
content-type: text/html
date: Tue, 26 Nov 2024 21:14:02 GMT
etag: W/"b1da2234a554ee8bc6519a75d88402d9"
expires: Sun, 07 Jan 2024 22:30:26 GMT
last-modified: Mon, 26 Jun 2023 15:39:25 GMT
server: CDN77-Turbo
vary: Accept-Encoding
via: 1.1 google
x-77-age: 171770
x-77-cache: HIT
x-77-nzt: EwwBsvnVAQH3+p4CAAwBWbugFQH3FpsAAAwB1GY4EQH3AAAAAA
x-77-nzt-ray: f18b3a1aab117a1b1a3a46675768e510
x-77-pop: tokyoJP
x-goog-generation: 1687793965818864
x-goog-hash: crc32c=LvKeBQ== md5=sdoiNKVU7ovGUZp12IQC2Q==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1404
x-guploader-uploadid: ABPtcPoZDS7_aCon-JVvX7xEB5qiduXohRxhaUJEcurJnHQA4lh4mfE-NaoMpM1Avb2HKdtYrSbrQ63T

GET
H2 200 topics_frame.html
ads.pubmatic.com/AdServer/js/topics/ Frame 303D 0
0 7ms
3ms Document
text/html 23.32.224.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.224.239 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-224-239.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=160044
content-encoding: gzip
content-length: 859
content-type: text/html
date: Tue, 26 Nov 2024 21:14:02 GMT
expires: Thu, 28 Nov 2024 17:41:26 GMT
last-modified: Tue, 21 Mar 2023 05:02:13 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 topics_frame.html
delivery.r2b2.io/static/topics/ Frame 637B 0
0 15ms
9ms Document
text/html 151.101.3.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.r2b2.io/static/topics/topics_frame.html?bidder=r2b2
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.3.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2580
content-encoding: gzip
content-length: 617
content-type: text/html
date: Tue, 26 Nov 2024 20:31:03 GMT
etag: "673c7be7-58c"
last-modified: Tue, 19 Nov 2024 11:52:07 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT
x-cache-hits: 182
x-lb-cache: HIT
x-served-by: cache-nrt-rjtf7700107-NRT

OPTIONS
H2 204 publishertag.standalone.js
static.criteo.net/js/ld/ Frame 0
0 13ms
5ms Preflight 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.standalone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://paddyofegans.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=86400
date: Tue, 26 Nov 2024 21:14:02 GMT
expires: Wed, 27 Nov 2024 21:14:02 GMT
server: nginx
strict-transport-security: max-age=31536000; preload;

GET
H2 200 publishertag.standalone.js Show response
static.criteo.net/js/ld/ 100 KB
32 KB 6ms
4ms XHR
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.standalone.js

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a571605e34597742b2e316f4d25828053eb2e841413ba6cf8ae58a487b692c7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/javascript
Referer: https://paddyofegans.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: max-age=86400, public
timing-allow-origin: *
content-encoding: gzip
etag: W/"670e3454-191ed"
cross-origin-resource-policy: cross-origin
expires: Wed, 27 Nov 2024 21:14:02 GMT
access-control-allow-origin: *
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: text/javascript
last-modified: Tue, 15 Oct 2024 09:22:28 GMT
server: nginx

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
366 B 12ms
7ms Image
image/gif 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: max-age=31104000, public
timing-allow-origin: *
etag: "493ea254-2b"
cross-origin-resource-policy: cross-origin
expires: Fri, 21 Nov 2025 21:14:02 GMT
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: image/gif
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 11ms
3ms Preflight
application/json 2406:2600:4::b
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpaddyofegans.com%2F&domain=paddyofegans.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://paddyofegans.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://paddyofegans.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 26 Nov 2024 21:14:01 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 218139
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 11ms
3ms Fetch
application/json 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/1326/prebid_2024_11_25_7_25_20.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

99f94b5e179c32e6a375c7df32c224fad6786034ca17f29c276e17ec21a55668

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://paddyofegans.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"63e-SQyiSNozgpVUijfdOaz2khbe23g"
age: 18791
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230103-FRA, cache-nrt-rjtf7700075-NRT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 831
x-jsd-version: 1.0.2252

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpaddyofegans.com%2F&domain=paddyofegans.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=wRZIzHxqTGltL2ZGUXMxR0R0aGhGZE1VZFRteWhmZit1enVRQ2RXWG4yWFdyekFGN2JoZnRWUWdOVGQyUENDVXR2T3hKdGNhamlpdEo0UVlsSnNwNkk1VHBDTkFFWjROdEIzU0hZMlhkL1hGdXovS2tnMkZJdDJtRXd5VD...

362 B
948 B

9ms
4ms

Fetch
application/json

182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=wRZIzHxqTGltL2ZGUXMxR0R0aGhGZE1VZFRteWhmZit1enVRQ2RXWG4yWFdyekFGN2JoZnRWUWdOVGQyUENDVXR2T3hKdGNhamlpdEo0UVlsSnNwNkk1VHBDTkFFWjROdEIzU0hZMlhkL1hGdXovS2tnMkZJdDJtRXd5VDNQMkplL1BDb2R0UHVJc1VBbUxQcXU5N3hnM2lSZHRORCtLQ2oxZUpRWlNFSG1YbGlhQWtYdmJBYWZSVThMUzdMSElucUJocWRESXI0UHdJY09YNGFmOHBGUUtSam1qK0JGdzE5cWZUOVh3TUYwdk9pUDQrNjNIbVFFY08vazZRb0ZGbjFkbGpRfA&cppv=2

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

0edb44addee932f385b574cbb74236e48f5132344f6ff73a6961ed78390aea08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 762443
expires: 0
access-control-allow-origin: null
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: Kestrel

Redirect headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache, no-store, must-revalidate
location: https://mug.criteo.com/sid?cpp=wRZIzHxqTGltL2ZGUXMxR0R0aGhGZE1VZFRteWhmZit1enVRQ2RXWG4yWFdyekFGN2JoZnRWUWdOVGQyUENDVXR2T3hKdGNhamlpdEo0UVlsSnNwNkk1VHBDTkFFWjROdEIzU0hZMlhkL1hGdXovS2tnMkZJdDJtRXd5VDNQMkplL1BDb2R0UHVJc1VBbUxQcXU5N3hnM2lSZHRORCtLQ2oxZUpRWlNFSG1YbGlhQWtYdmJBYWZSVThMUzdMSElucUJocWRESXI0UHdJY09YNGFmOHBGUUtSam1qK0JGdzE5cWZUOVh3TUYwdk9pUDQrNjNIbVFFY08vazZRb0ZGbjFkbGpRfA&cppv=2
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 327606
expires: 0
access-control-allow-origin: https://paddyofegans.com
content-length: 0
date: Tue, 26 Nov 2024 21:14:01 GMT
server: Kestrel

GET fa-solid-900.ttf
www.viva.co.id/asset-viva/responsive-web/fonts/awesome5/ 0
0

POST
H2 200 events Show response
track.us.org/ 19 B
603 B 802ms
265ms XHR
text/javascript 185.59.208.177
VSHOSTING VSHosti...

General

Check archive.org

Show headers Download Go to

Full URL: https://track.us.org/events?u=https%3A%2F%2Fpaddyofegans.com%2F
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.208.177 , Czech Republic, ASN43541 (VSHOSTING VSHosting s.r.o., CZ),
Reverse DNS: webgarden-track-lb-ha.vshosting.cz
Software: nginx /
Resource Hash: bdf60e2359d50891838d3415e1f67c9ad5a8456bc653c5685eb25d9f83df8430

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://paddyofegans.com/

Response headers

access-control-max-age: 1
cache-control: post-check=0, pre-check=0; max-age=0, no-cache, must-revalidate, proxy-revalidate, private
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
expires: Tue, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin: https://paddyofegans.com
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: nginx
last-modified: Tue, 26 Nov 2024 21:14:03 GMT
access-control-allow-headers: X-Requested-With,origin,content-type,accept,accept-encoding,accept-language

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 4448 107 KB
0 87ms
47ms Script
text/javascript 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

3c958c27c30ca5cb798719c52355a13ea7abcac9bc3b4d6f20fcdb8841eae4da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: br
etag: 883 / 20053 / m202411180101 / config-hash: 2173145291705866055
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 21:14:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33304
x-xss-protection: 0
server: cafe

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 15ms
2ms Preflight
application/json 182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 26 Nov 2024 21:14:01 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 187382
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/ Frame B457 255 KB
90 KB 20ms
20ms Script
text/javascript 2600:9000:2218:a600:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/grumi.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2218:a600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 73c9826149fbc179a44b956c2786961340734aa6cdc1dc3c160d342c17cdc0bf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
x-amz-version-id: 7X4TSEyW.mmvRNSncAifWuc0HxzGVPz6
etag: W/"778ed516706e87a787a9d9707c0def38"
age: 2846
x-cache: Hit from cloudfront
x-amz-cf-id: afgUBb4crAtaeUNRgZT28HIPb41-a1nk-TIIRYVv8atLnFv-BYylhQ==
date: Tue, 26 Nov 2024 20:26:37 GMT
content-type: text/javascript
vary: accept-encoding
last-modified: Tue, 26 Nov 2024 20:22:05 GMT
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin: *
via: 1.1 6269b150df4618d480141e7011541b64.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT51-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/ 492 KB
152 KB 3ms
3ms Script
text/javascript 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: br
etag: 1421939719645060458
age: 2108
x-content-type-options: nosniff
expires: Wed, 26 Nov 2025 20:38:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 26 Nov 2024 20:38:54 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 155913
x-xss-protection: 0
server: cafe

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 70 B
86 B 74ms
73ms XHR
application/json 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=paddyofegans.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

cc050811a0094195e8e37f5bc2c15573d781be915efc38919a78c8d83caecb58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 21:14:02 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 62
date: Tue, 26 Nov 2024 21:14:02 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 db25e772-a50a-4abc-826c-f029cd5364e4 Show response
config.aps.amazon-adsystem.com/configs/ 563 B
838 B 41ms
11ms Script
application/javascript 18.65.100.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/db25e772-a50a-4abc-826c-f029cd5364e4
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.100.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-100-35.kix50.r.cloudfront.net
Software: CloudFront /
Resource Hash: d8a8b2593298285e71e198536b28ae3dd80ff119782a10a6f5bc9c98f6a90cd3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: max-age=3600
age: 3208
via: 1.1 ed8cc7eba7c18d2bee60e1a252622756.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 563
x-amz-cf-id: dMjzaC4xuzalTaOjjmTdmF1iOWzku4FRxbvvLI88OnFUedbk38x-5w==
date: Tue, 26 Nov 2024 20:20:34 GMT
content-type: application/javascript
x-amz-cf-pop: KIX50-P1
server: CloudFront

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
302 B 162ms
162ms XHR
text/plain 13.249.153.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fpaddyofegans.com&pubid=db25e772-a50a-4abc-826c-f029cd5364e4
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.153.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-153-39.nrt51.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
via: 1.1 759f5a446e32d0b0f5d49f7d67134620.cloudfront.net (CloudFront)
access-control-allow-origin: https://paddyofegans.com
x-cache: Miss from cloudfront
x-amz-cf-id: S0l067cqZwVz5Nczs6mv_Lv_pgPpgDM4x13U1FegA-GcKgPJms-B9Q==
date: Tue, 26 Nov 2024 21:14:01 GMT
x-amz-cf-pop: NRT51-C1
server: Server

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
375 B 934ms
744ms XHR
text/javascript 18.65.154.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpaddyofegans.com%2F&pid=kN6hYHMAYLxCh&cb=0&ws=1600x1200&v=24.1105.2150&t=2000&slots=%5B%7B%22sd%22%3A%22ats-insert_ads-15%22%2C%22s%22%3A%5B%22320x50%22%2C%22320x100%22%5D%2C%22sn%22%3A%22%2F21622890900%2C11225321%2FID_viva.co.id_res_allpage_top_320x100%2F%2F320x50%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1%21anymanager.io%2C1326%2C1%2C%2C%2C&sm=24c37793-cfb8-43f5-bc5e-5307c13b65b6&pubid=db25e772-a50a-4abc-826c-f029cd5364e4&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.154.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-154-135.nrt51.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 964dcea2ce9513bdb853e662b2030b0a.cloudfront.net (CloudFront)
access-control-allow-origin: https://paddyofegans.com
x-cache: Miss from cloudfront
content-length: 43
x-amz-cf-id: JATEcB1mD1-bmTtGVPsptUI6QBlzo8EnFoTR6mL6uliK5fj3ynQ0Xw==
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: text/javascript;charset=UTF-8
x-amz-cf-pop: NRT51-P2
server: Server

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 648ms
628ms XHR
application/javascript 13.249.153.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.153.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-153-39.nrt51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-allow-methods: GET
x-cache: Miss from cloudfront
x-amz-cf-id: rxw9V3HipUei6-hI9NDhIZQ1c4DBzWPjhi05EbbZb2qMzDxv69mXkA==
date: Tue, 26 Nov 2024 21:14:04 GMT
content-type: application/javascript
vary: Origin,accept-encoding
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
cache-control: public, max-age=86400
via: 1.1 759f5a446e32d0b0f5d49f7d67134620.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: NRT51-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 ROS Show response
pbjs.e-planning.net/pbjs/1/76d41/1/paddyofegans.com/ 2 B
157 B 259ms
85ms XHR
text/plain 64.120.110.137
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/pbjs/1/76d41/1/paddyofegans.com/ROS?rnd=0.7447799420074781&e=1443003%3A300x250%2C300x50%2C250x250%2C300x100%2C200x200%2C234x60%2C220x90%2C120x240%7C0&ur=https%3A%2F%2Fpaddyofegans.com%2F&pbv=8.18.0&ncb=1&vs=F&crs=UTF-8
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.120.110.137 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

x-sid: SIN-596
access-control-allow-origin: https://paddyofegans.com
content-length: 2
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: text/plain
server: openresty
access-control-allow-credentials: true

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
338 B 235ms
74ms XHR
application/json 69.173.158.92
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.158.92 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 9d0d7fb17d15de0f1660c969421465f9274e3de25f31947fd5a82811666e04fd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://paddyofegans.com
content-length: 174
x-prebid: pbs-java/3.15.0
content-type: application/json
vary: origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
195 B 14ms
3ms XHR
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=159&profileId=184&cb=92065709483

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://paddyofegans.com/

Response headers

cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:01 GMT
vary: Origin
server: Kestrel
access-control-allow-credentials: true

POST
H2 200 prebid Show response
r2b2-apac.adnxs.com/ut/v3/ 162 B
1 KB 719ms
209ms XHR
application/json 103.43.90.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://r2b2-apac.adnxs.com/ut/v3/prebid

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.149 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

608.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

d28f242b8e512a757c7b579119f3ad6eca1af24f013dfb6b9887f9af8dcd897d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 146.70.201.215; 146.70.201.215; 608.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://paddyofegans.com
an-x-request-uuid: fcd7ddf7-2f12-41d9-b9f2-ad658afa5499
content-length: 162
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Tue, 26 Nov 2024 21:14:03 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
server: nginx/1.23.4

POST
H/1.1 204
No Content translator Show response
openbid.pubmatic.com/ 0
211 B 57ms
22ms XHR
text/plain 207.65.34.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://openbid.pubmatic.com/translator?pubId=158361
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.79 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Origin: https://paddyofegans.com
Date: Tue, 26 Nov 2024 21:14:02 GMT
Access-Control-Allow-Credentials: true

POST
H2 200 dsh Show response
hb.adscale.de/ 11 B
228 B 701ms
240ms XHR
text/plain 35.156.62.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adscale.de/dsh
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.62.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-62-221.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

x-robots-tag: none
cache-control: no-cache
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:03 GMT
content-type: text/plain
vary: origin

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 313 B
828 B 527ms
73ms XHR
application/json 69.173.158.65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21794&site_id=557564&zone_id=3500726&size_id=15&alt_size_ids=14%2C19%2C13%2C44&p_pos=atf&rf=https%3A%2F%2Fpaddyofegans.com%2F&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.0752417959885543&rp_schain=1.0%2C1!r2b2.cz%2C3535%2C1%2C%2C%2C&dsarequired=0
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.27.2 /
Resource Hash: 1fef9ba15f338c524b74e773f3b7fd4fde6635f7041582b911d0aaf25f13309a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://paddyofegans.com
content-length: 313
date: Tue, 26 Nov 2024 21:14:03 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.27.2

POST
H2 200 prebid Show response
r2b2-apac.adnxs.com/ut/v3/ 161 B
1 KB 706ms
199ms XHR
application/json 103.43.90.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://r2b2-apac.adnxs.com/ut/v3/prebid

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.149 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

608.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

c523ad1b1cc5f13be226e0075e7b98bc719d85314aa1e9e5ad843dfc4b96bb3b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 146.70.201.215; 146.70.201.215; 608.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://paddyofegans.com
an-x-request-uuid: effffa71-9fd9-4eb3-b3da-a96213e8cf0a
content-length: 161
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Tue, 26 Nov 2024 21:14:03 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
server: nginx/1.23.4

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
194 B 9ms
3ms XHR
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=159&profileId=184&cb=76941699213

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://paddyofegans.com/

Response headers

cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:02 GMT
vary: Origin
server: Kestrel
access-control-allow-credentials: true

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
413 B 216ms
71ms XHR
application/json 51.79.154.29
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.79.154.29 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip29.ip-51-79-154.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://paddyofegans.com
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
content-length: 41
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
179 B 737ms
248ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS RTB...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS RTB Marketing and Tech Services Ltd, CY),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

access-control-max-age: 3600
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:03 GMT
vary: Origin
access-control-allow-credentials: true
access-control-allow-methods: POST

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
183 B 255ms
70ms XHR
text/plain 131.153.206.100
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 131.153.206.100 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
x-nbr: 2b
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:02 GMT
vary: origin, accept-encoding, Accept-Encoding
server: envoy

POST bids
prebid-eu.creativecdn.com/bidder/prebid/ 0
0

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/ Frame 4448 492 KB
0 0ms
0ms Script
text/javascript 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: br
etag: 1421939719645060458
age: 2108
x-content-type-options: nosniff
expires: Wed, 26 Nov 2025 20:38:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 26 Nov 2024 20:38:54 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 155913
x-xss-protection: 0
server: cafe

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 4448 70 B
0 2ms
2ms XHR
application/json 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=paddyofegans.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

cc050811a0094195e8e37f5bc2c15573d781be915efc38919a78c8d83caecb58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 21:14:02 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 62
date: Tue, 26 Nov 2024 21:14:02 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
207 B 218ms
78ms XHR
application/json 69.173.158.92
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.158.92 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 1d8d74554f2f341a5e947319730a585096a9ca40f9bb1061b75dcf2c5c3385fe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://paddyofegans.com
content-length: 173
x-prebid: pbs-java/3.15.0
content-type: application/json
vary: origin

GET
H2 200 ROS Show response
pbjs.e-planning.net/pbjs/1/76d41/1/paddyofegans.com/ 2 B
157 B 236ms
85ms XHR
text/plain 64.120.110.137
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/pbjs/1/76d41/1/paddyofegans.com/ROS?rnd=0.15010109813789896&e=1443059%3A320x50%2C300x50%2C292x30%2C300x31%7C0&ur=https%3A%2F%2Fpaddyofegans.com%2F&pbv=8.18.0&ncb=1&vs=F&crs=UTF-8
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.120.110.137 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

x-sid: SIN-596
access-control-allow-origin: https://paddyofegans.com
content-length: 2
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: text/plain
server: openresty
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
194 B 8ms
3ms XHR
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=159&profileId=184&cb=88347804077

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://paddyofegans.com/

Response headers

cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:02 GMT
vary: Origin
server: Kestrel
access-control-allow-credentials: true

POST
H2 200 prebid Show response
r2b2-apac.adnxs.com/ut/v3/ 162 B
1 KB 698ms
204ms XHR
application/json 103.43.90.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://r2b2-apac.adnxs.com/ut/v3/prebid

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.149 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

608.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

52186228098ee37f0a8c59ae4fc724901f8caca245e9622610e317e4b019457a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 146.70.201.215; 146.70.201.215; 608.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://paddyofegans.com
an-x-request-uuid: 3d1d56a7-082f-4f2b-a2da-08bcea54595f
content-length: 162
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Tue, 26 Nov 2024 21:14:03 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
server: nginx/1.23.4

POST
H/1.1 204
No Content translator Show response
openbid.pubmatic.com/ 0
211 B 24ms
6ms XHR
text/plain 207.65.34.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://openbid.pubmatic.com/translator?pubId=158361
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.79 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Origin: https://paddyofegans.com
Date: Tue, 26 Nov 2024 21:14:01 GMT
Access-Control-Allow-Credentials: true

POST
H2 200 dsh Show response
hb.adscale.de/ 11 B
227 B 690ms
245ms XHR
text/plain 35.156.62.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adscale.de/dsh
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.62.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-62-221.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

x-robots-tag: none
cache-control: no-cache
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:03 GMT
content-type: text/plain
vary: origin

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 304 B
645 B 513ms
75ms XHR
application/json 69.173.158.65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21794&site_id=557564&zone_id=3524126&size_id=43&alt_size_ids=44&p_pos=atf&rf=https%3A%2F%2Fpaddyofegans.com%2F&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.42660021251343405&rp_schain=1.0%2C1!r2b2.cz%2C3535%2C1%2C%2C%2C&dsarequired=0
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.27.2 /
Resource Hash: af1c96930872ef7bd98415af1b1871b85d99688893990adb4be584af0f72af6c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://paddyofegans.com
content-length: 304
date: Tue, 26 Nov 2024 21:14:03 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.27.2

POST
H2 200 prebid Show response
r2b2-apac.adnxs.com/ut/v3/ 162 B
1 KB 707ms
217ms XHR
application/json 103.43.90.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://r2b2-apac.adnxs.com/ut/v3/prebid

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.149 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

608.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

47d6cf8be68847551bef6fec32605b0cd9bb296c0cdf282c6580b63fcba77154

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 146.70.201.215; 146.70.201.215; 608.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://paddyofegans.com
an-x-request-uuid: 597c3128-f383-4f5e-986f-77941b458522
content-length: 162
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Tue, 26 Nov 2024 21:14:03 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
server: nginx/1.23.4

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
194 B 6ms
2ms XHR
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=159&profileId=184&cb=7012965299

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://paddyofegans.com/

Response headers

cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:01 GMT
vary: Origin
server: Kestrel
access-control-allow-credentials: true

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
412 B 203ms
72ms XHR
application/json 51.79.154.29
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.79.154.29 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip29.ip-51-79-154.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://paddyofegans.com
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
content-length: 41
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent

POST bids
prebid-eu.creativecdn.com/bidder/prebid/ 0
0

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
20 B 244ms
72ms XHR
text/plain 131.153.206.100
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 131.153.206.100 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 3
access-control-allow-credentials: true
x-nbr: 2b
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:01 GMT
vary: origin, accept-encoding, Accept-Encoding
server: envoy

POST bids
prebid-eu.creativecdn.com/bidder/prebid/ 0
0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
207 B 273ms
138ms XHR
application/json 69.173.158.92
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.158.92 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 5edf849f5f1cec616ec21c058bf501b3287185ccfe4375a35649763d371c7812

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://paddyofegans.com
content-length: 173
x-prebid: pbs-java/3.15.0
content-type: application/json
vary: origin

GET
H2 200 ROS Show response
pbjs.e-planning.net/pbjs/1/76d41/1/paddyofegans.com/ 2 B
157 B 230ms
84ms XHR
text/plain 64.120.110.137
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/pbjs/1/76d41/1/paddyofegans.com/ROS?rnd=0.07583238168321849&e=1443517%3A300x250%2C728x90%2C300x600%2C970x250%2C970x310%2C300x300%2C336x280%2C1000x310%2C970x210%2C900x250%2C994x250%2C998x200%2C950x300%2C930x180%2C750x100%2C1000x210%2C776x200%2C1000x300%2C1000x250%2C750x200%7C0.41503999999999996&ur=https%3A%2F%2Fpaddyofegans.com%2F&pbv=8.18.0&ncb=1&vs=F&crs=UTF-8
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.120.110.137 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

x-sid: SIN-596
access-control-allow-origin: https://paddyofegans.com
content-length: 2
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: text/plain
server: openresty
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
194 B 5ms
2ms XHR
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=159&profileId=184&cb=1577133513

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://paddyofegans.com/

Response headers

cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:02 GMT
vary: Origin
server: Kestrel
access-control-allow-credentials: true

POST
H2 200 prebid Show response
r2b2-apac.adnxs.com/ut/v3/ 162 B
1 KB 704ms
218ms XHR
application/json 103.43.90.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://r2b2-apac.adnxs.com/ut/v3/prebid

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.149 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

608.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

8167d5ab20163d258f8898f332c1bb28b4e18a5166ce57fbf955e725dd37439d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 146.70.201.215; 146.70.201.215; 608.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://paddyofegans.com
an-x-request-uuid: 2020a8cf-94e9-4e87-a95b-3fc0971062e0
content-length: 162
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Tue, 26 Nov 2024 21:14:03 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
server: nginx/1.23.4

POST
H/1.1 204
No Content translator Show response
openbid.pubmatic.com/ 0
211 B 33ms
22ms XHR
text/plain 207.65.34.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://openbid.pubmatic.com/translator?pubId=158361
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.79 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Origin: https://paddyofegans.com
Date: Tue, 26 Nov 2024 21:14:02 GMT
Access-Control-Allow-Credentials: true

POST dsh
hb.adscale.de/ 0
0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 312 B
651 B 509ms
77ms XHR
application/json 69.173.158.65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21794&site_id=557564&zone_id=3500674&size_id=94&alt_size_ids=57%2C10%2C15%2C2&p_pos=atf&rf=https%3A%2F%2Fpaddyofegans.com%2F&p_screen_res=1600x1200&rp_floor=0.5533866666666666&rp_secure=1&slots=1&rand=0.26422487185899746&rp_schain=1.0%2C1!r2b2.cz%2C3535%2C1%2C%2C%2C&dsarequired=0
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.27.2 /
Resource Hash: 119b8cfd9e92a16c0010266291c977994af672c7aa80ed2c4a33c0e1e8848585

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://paddyofegans.com
content-length: 312
date: Tue, 26 Nov 2024 21:14:03 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.27.2

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
194 B 7ms
3ms XHR
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=159&profileId=184&cb=57421341448

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://paddyofegans.com/

Response headers

cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:01 GMT
vary: Origin
server: Kestrel
access-control-allow-credentials: true

POST prebid
r2b2-apac.adnxs.com/ut/v3/ 0
0

POST bids
prebid-eu.creativecdn.com/bidder/prebid/ 0
0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
412 B 196ms
73ms XHR
application/json 51.79.154.29
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.79.154.29 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip29.ip-51-79-154.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://paddyofegans.com
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
content-length: 41
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent

POST bids
prebid-eu.creativecdn.com/bidder/prebid/ 0
0

GET
H2 200 ROS Show response
pbjs.e-planning.net/pbjs/1/76d41/1/paddyofegans.com/ 2 B
158 B 223ms
83ms XHR
text/plain 64.120.110.137
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/pbjs/1/76d41/1/paddyofegans.com/ROS?rnd=0.3802586637123049&e=1442999%3A300x250%2C300x50%2C250x250%2C300x100%2C200x200%2C234x60%2C220x90%2C120x240%7C0&ur=https%3A%2F%2Fpaddyofegans.com%2F&pbv=8.18.0&ncb=1&vs=F&crs=UTF-8
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.120.110.137 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

x-sid: SIN-596
access-control-allow-origin: https://paddyofegans.com
content-length: 2
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: text/plain
server: openresty
access-control-allow-credentials: true

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
208 B 270ms
142ms XHR
application/json 69.173.158.92
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.158.92 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 045838b85586d86b92e5fc283b5860f674ea570dd820d1298f3b6fc3b1d21415

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://paddyofegans.com
content-length: 174
x-prebid: pbs-java/3.15.0
content-type: application/json
vary: origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
194 B 5ms
4ms XHR
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=159&profileId=184&cb=2513841632

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://paddyofegans.com/

Response headers

cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:02 GMT
vary: Origin
server: Kestrel
access-control-allow-credentials: true

POST
H2 200 prebid Show response
r2b2-apac.adnxs.com/ut/v3/ 161 B
1 KB 709ms
227ms XHR
application/json 103.43.90.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://r2b2-apac.adnxs.com/ut/v3/prebid

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.149 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

608.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

b7b2adf8cd9d70a6c1264232c5ecb7ea9d2a989e38834481c364fd91869dd968

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 146.70.201.215; 146.70.201.215; 608.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://paddyofegans.com
an-x-request-uuid: 264e4a2b-16b3-4b2e-832e-631206a7fcc8
content-length: 161
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Tue, 26 Nov 2024 21:14:03 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
server: nginx/1.23.4

POST
H/1.1 204
No Content translator Show response
openbid.pubmatic.com/ 0
211 B 26ms
17ms XHR
text/plain 207.65.34.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://openbid.pubmatic.com/translator?pubId=158361
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.79 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Origin: https://paddyofegans.com
Date: Tue, 26 Nov 2024 21:14:02 GMT
Access-Control-Allow-Credentials: true

POST dsh
hb.adscale.de/ 0
0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 313 B
653 B 506ms
80ms XHR
application/json 69.173.158.65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21794&site_id=557564&zone_id=3500720&size_id=15&alt_size_ids=14%2C19%2C13%2C44&p_pos=atf&rf=https%3A%2F%2Fpaddyofegans.com%2F&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.06811917251378752&rp_schain=1.0%2C1!r2b2.cz%2C3535%2C1%2C%2C%2C&dsarequired=0
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.27.2 /
Resource Hash: 1431dd7ff023b4fa93cb835f91e3adfe780e5c1bdcfaf984a73f6c1a9c9e8389

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://paddyofegans.com
content-length: 313
date: Tue, 26 Nov 2024 21:14:03 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.27.2

POST
H2 200 prebid Show response
r2b2-apac.adnxs.com/ut/v3/ 162 B
1 KB 682ms
201ms XHR
application/json 103.43.90.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://r2b2-apac.adnxs.com/ut/v3/prebid

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.149 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

608.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

06f4b9aed040f5fced1d658a8f4dec96ed90424558ff433c169b583aca0a9c9b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 146.70.201.215; 146.70.201.215; 608.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://paddyofegans.com
an-x-request-uuid: 3c4bb049-7252-4a0b-8bda-e55e5b7a0663
content-length: 162
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Tue, 26 Nov 2024 21:14:03 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
server: nginx/1.23.4

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
194 B 7ms
4ms XHR
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=159&profileId=184&cb=92726964726

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://paddyofegans.com/

Response headers

cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:02 GMT
vary: Origin
server: Kestrel
access-control-allow-credentials: true

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
412 B 261ms
143ms XHR
application/json 51.79.154.29
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.79.154.29 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip29.ip-51-79-154.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://paddyofegans.com
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
content-length: 41
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent

POST bids
prebid-eu.creativecdn.com/bidder/prebid/ 0
0

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
44 B 230ms
71ms XHR
text/plain 131.153.206.100
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 131.153.206.100 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 2
access-control-allow-credentials: true
x-nbr: 2b
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:01 GMT
vary: origin, accept-encoding, Accept-Encoding
server: envoy

POST bids
prebid-eu.creativecdn.com/bidder/prebid/ 0
0

GET
H2 200 ROS Show response
pbjs.e-planning.net/pbjs/1/76d41/1/paddyofegans.com/ 2 B
157 B 218ms
85ms XHR
text/plain 64.120.110.137
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/pbjs/1/76d41/1/paddyofegans.com/ROS?rnd=0.9236875775691729&e=1443005%3A320x50%2C300x50%2C292x30%2C300x31%7C0.20751999999999998&ur=https%3A%2F%2Fpaddyofegans.com%2F&pbv=8.18.0&ncb=1&vs=F&crs=UTF-8
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.120.110.137 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

x-sid: SIN-596
access-control-allow-origin: https://paddyofegans.com
content-length: 2
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: text/plain
server: openresty
access-control-allow-credentials: true

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
208 B 264ms
143ms XHR
application/json 69.173.158.92
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.158.92 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 0690cdb8cabe8c505724d88b23d74064a3e7032dfae6fb8f5f748a91813c08b0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://paddyofegans.com
content-length: 174
x-prebid: pbs-java/3.15.0
content-type: application/json
vary: origin

POST
H2 200 prebid Show response
r2b2-apac.adnxs.com/ut/v3/ 162 B
1 KB 719ms
244ms XHR
application/json 103.43.90.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://r2b2-apac.adnxs.com/ut/v3/prebid

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.149 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

608.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

c4f8c51ea1251511dd5eb30a5f491759ee90968ac38eac3f59dcdb5620f5e60a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 146.70.201.215; 146.70.201.215; 608.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://paddyofegans.com
an-x-request-uuid: 9fa3432b-8c61-488b-826c-f4117fd21dec
content-length: 162
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Tue, 26 Nov 2024 21:14:03 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
server: nginx/1.23.4

POST dsh
hb.adscale.de/ 0
0

POST
H2 200 prebid Show response
r2b2-apac.adnxs.com/ut/v3/ 162 B
1 KB 683ms
208ms XHR
application/json 103.43.90.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://r2b2-apac.adnxs.com/ut/v3/prebid

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.149 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

608.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

b7c7ee513f1f4e3f302811198a415bd2c3db3526892c5fbeb75eb1b3ef477004

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 146.70.201.215; 146.70.201.215; 608.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://paddyofegans.com
an-x-request-uuid: 973b9fbd-f2ff-4fb5-a984-69e9800233dd
content-length: 162
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Tue, 26 Nov 2024 21:14:03 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
server: nginx/1.23.4

POST bids
prebid-eu.creativecdn.com/bidder/prebid/ 0
0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
412 B 252ms
137ms XHR
application/json 51.79.154.29
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.79.154.29 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip29.ip-51-79-154.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://paddyofegans.com
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
content-length: 41
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent

POST bids
prebid-eu.creativecdn.com/bidder/prebid/ 0
0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
208 B 269ms
150ms XHR
application/json 69.173.158.92
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.158.92 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 01bd8dcd3f61f1438b9ba8f843becef83654f348f8b8ac1615afafdedf9c6a40

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://paddyofegans.com
content-length: 174
x-prebid: pbs-java/3.15.0
content-type: application/json
vary: origin

GET
H2 200 ROS Show response
pbjs.e-planning.net/pbjs/1/76d41/1/paddyofegans.com/ 2 B
157 B 213ms
85ms XHR
text/plain 64.120.110.137
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/pbjs/1/76d41/1/paddyofegans.com/ROS?rnd=0.6597124464339696&e=1443049%3A160x600%2C120x600%2C120x240%7C0.20751999999999998&ur=https%3A%2F%2Fpaddyofegans.com%2F&pbv=8.18.0&ncb=1&vs=F&crs=UTF-8
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.120.110.137 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

x-sid: SIN-596
access-control-allow-origin: https://paddyofegans.com
content-length: 2
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: text/plain
server: openresty
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
194 B 8ms
4ms XHR
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=159&profileId=184&cb=44758696740

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://paddyofegans.com/

Response headers

cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:01 GMT
vary: Origin
server: Kestrel
access-control-allow-credentials: true

POST
H2 200 prebid Show response
r2b2-apac.adnxs.com/ut/v3/ 160 B
1 KB 667ms
199ms XHR
application/json 103.43.90.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://r2b2-apac.adnxs.com/ut/v3/prebid

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.149 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

608.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

b21ff791cd4707c26603327e2c2467b38ef48bf0af02c9d92730908c9a7dcde4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 146.70.201.215; 146.70.201.215; 608.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://paddyofegans.com
an-x-request-uuid: 509fdccf-5bc0-4fb7-840e-9fe258732b35
content-length: 160
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Tue, 26 Nov 2024 21:14:03 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
server: nginx/1.23.4

POST
H/1.1 204
No Content translator Show response
openbid.pubmatic.com/ 0
211 B 15ms
11ms XHR
text/plain 207.65.34.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://openbid.pubmatic.com/translator?pubId=158361
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.79 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Origin: https://paddyofegans.com
Date: Tue, 26 Nov 2024 21:14:02 GMT
Access-Control-Allow-Credentials: true

POST
H2 200 dsh Show response
hb.adscale.de/ 11 B
227 B 667ms
245ms XHR
text/plain 35.156.62.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adscale.de/dsh
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.62.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-62-221.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

x-robots-tag: none
cache-control: no-cache
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:03 GMT
content-type: text/plain
vary: origin

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 302 B
641 B 490ms
75ms XHR
application/json 69.173.158.65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21794&site_id=557564&zone_id=3520656&size_id=9&alt_size_ids=8&p_pos=atf&rf=https%3A%2F%2Fpaddyofegans.com%2F&p_screen_res=1600x1200&rp_floor=0.2766933333333333&rp_secure=1&slots=1&rand=0.1687242902236199&rp_schain=1.0%2C1!r2b2.cz%2C3535%2C1%2C%2C%2C&dsarequired=0
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.27.2 /
Resource Hash: cff4b7b64f17b817c98df04b453c976d45b5c0d14a6f13665c526eda2346d017

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://paddyofegans.com
content-length: 302
date: Tue, 26 Nov 2024 21:14:03 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.27.2

POST
H2 200 prebid Show response
r2b2-apac.adnxs.com/ut/v3/ 162 B
1 KB 687ms
219ms XHR
application/json 103.43.90.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://r2b2-apac.adnxs.com/ut/v3/prebid

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.149 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

608.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

f74b05e616a39a7b047b9961fd961f79502cca71d36ded5e12e4d29e60f9287f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 146.70.201.215; 146.70.201.215; 608.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://paddyofegans.com
an-x-request-uuid: c5e94f96-595a-4a14-ab74-b5b6d3f39d11
content-length: 162
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Tue, 26 Nov 2024 21:14:03 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
server: nginx/1.23.4

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
194 B 7ms
4ms XHR
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=159&profileId=184&cb=78418779651

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://paddyofegans.com/

Response headers

cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:02 GMT
vary: Origin
server: Kestrel
access-control-allow-credentials: true

POST bids
prebid-eu.creativecdn.com/bidder/prebid/ 0
0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
412 B 181ms
73ms XHR
application/json 51.79.154.29
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.79.154.29 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip29.ip-51-79-154.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://paddyofegans.com
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
content-length: 41
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent

POST bids
prebid-eu.creativecdn.com/bidder/prebid/ 0
0

POST
H/1.1 200
OK / Show response
pebed.dm-event.net/ 15 B
363 B 1291ms
239ms Fetch
application/json 188.65.124.59
DAILYMOTION Daily...

General

Check archive.org

Show headers Download Go to

Full URL: https://pebed.dm-event.net/
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/libs/player/x4kuw.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.124.59 Paris, France, ASN41690 (DAILYMOTION Dailymotion S.A., FR),
Reverse DNS: ebed2.dm.gg
Software: edward-ed/2.2.2 /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain; charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

Access-Control-Max-Age: 604800
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Content-Length: 15
Date: Tue, 26 Nov 2024 21:14:03 GMT
Content-Type: application/json
Server: edward-ed/2.2.2
Access-Control-Allow-Headers: Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.56/ 66 KB
28 KB 5ms
5ms Script
application/javascript 2620:1ec:bdf::46
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.56/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ifo0f39r58?ref=gtm2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

x-azure-ref: 20241126T211402Z-167dd484d77ndpllhC1TYO2ad4000000088g000000002p80
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DD041B2B98F09E"
x-fd-int-roxy-purgeid: 79034942
x-ms-request-id: 12129bac-c01e-002b-4e28-3eae17000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 13 Nov 2024 19:41:29 GMT

GET
H2 200 all_an_white_4.png
advertnative.com/storage/logo/ 3 KB
3 KB 228ms
71ms Image
image/png 139.99.126.164
OVH OVH SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://advertnative.com/storage/logo/all_an_white_4.png

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.99.126.164 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip164.ip-139-99-126.net

Software

nginx/1.19.5 /

Resource Hash

23a7a772f258be3aec21ea1617a951c1f8a8867c69f446740826d0f6709b2129

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

strict-transport-security: max-age=15768000
cache-control: max-age=315360000
etag: "5e29b8e4-a78"
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 2680
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: image/png
last-modified: Thu, 23 Jan 2020 15:16:52 GMT
server: nginx/1.19.5

POST
H3 200 hit Show response
api-rengine-stg.viva.id/ 7 B
661 B 349ms
327ms XHR
application/json 172.67.68.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-rengine-stg.viva.id/hit

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.68.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://paddyofegans.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: */*
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-expose-headers: Content-Length
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=enoU3orQ8EQaZEK0Ciq0%2Bs5kc8RbY6nlnpDiK9dEeMvD18I1uHSFOWRdCpKRLkNXFr8KrAfT%2FQkT204azffX6vvQm%2Fk8875GnfFRW3Aa%2Bnw68q1hwNvSnxFTjh2S1gAex8huSXo3WAMN"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1693&sent=14&recv=13&lost=0&retrans=0&sent_bytes=4311&recv_bytes=6151&delivery_rate=1026&cwnd=12000&unsent_bytes=0&cid=92a555f7cf2e2274&ts=334&x=1", cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: application/json
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: no-cache, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e8ce2c63f50d79c-NRT
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 7041 0
0 39ms
2ms Document
text/html 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1052
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 28994
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Nov 2024 20:56:30 GMT
expires: Tue, 26 Nov 2024 21:46:30 GMT
last-modified: Mon, 18 Nov 2024 20:43:40 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 events
bidder.criteo.com/csm/ 0
194 B 4ms
2ms Ping
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:02 GMT
vary: Origin
server: Kestrel
access-control-allow-credentials: true

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 3ms
2ms Image
image/gif 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: max-age=31104000, public
timing-allow-origin: *
etag: "493ea254-2b"
cross-origin-resource-policy: cross-origin
expires: Fri, 21 Nov 2025 21:14:02 GMT
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: image/gif
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx

POST
H2 204 events
bidder.criteo.com/csm/ 0
194 B 5ms
3ms Ping
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:02 GMT
vary: Origin
server: Kestrel
access-control-allow-credentials: true

POST
H2 204 events
bidder.criteo.com/csm/ 0
194 B 3ms
2ms Ping
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:02 GMT
vary: Origin
server: Kestrel
access-control-allow-credentials: true

POST
H2 204 events
bidder.criteo.com/csm/ 0
194 B 4ms
3ms Ping
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:02 GMT
vary: Origin
server: Kestrel
access-control-allow-credentials: true

POST
H2 204 events
bidder.criteo.com/csm/ 0
194 B 5ms
3ms Ping
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:02 GMT
vary: Origin
server: Kestrel
access-control-allow-credentials: true

POST
H2 204 events
bidder.criteo.com/csm/ 0
194 B 6ms
3ms Ping
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:02 GMT
vary: Origin
server: Kestrel
access-control-allow-credentials: true

POST
H2 204 events
bidder.criteo.com/csm/ 0
194 B 6ms
4ms Ping
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:01 GMT
vary: Origin
server: Kestrel
access-control-allow-credentials: true

POST
H2 204 events
bidder.criteo.com/csm/ 0
194 B 4ms
2ms Ping
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:01 GMT
vary: Origin
server: Kestrel
access-control-allow-credentials: true

POST
H2 204 events
bidder.criteo.com/csm/ 0
194 B 3ms
3ms Ping
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:01 GMT
vary: Origin
server: Kestrel
access-control-allow-credentials: true

POST
H2 204 events
bidder.criteo.com/csm/ 0
194 B 5ms
5ms Ping
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:02 GMT
vary: Origin
server: Kestrel
access-control-allow-credentials: true

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 37A1 0
0 10ms
10ms Document
text/html 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1052
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 28994
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Nov 2024 20:56:30 GMT
expires: Tue, 26 Nov 2024 21:46:30 GMT
last-modified: Mon, 18 Nov 2024 20:43:40 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ Frame 4448 17 KB
13 KB 101ms
61ms XHR
application/json 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202411180101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

efd34c830d1191562765ac8319c6b20522b276dbe4d01cf9570d2fed97358ef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13211
date: Tue, 26 Nov 2024 21:14:02 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 4448 882 B
470 B 58ms
58ms Fetch
text/plain 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=245455803527580&correlator=1036175853655478&eid=31088726%2C31086809&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fifs&iu_parts=187332344%3A11225321%2Cgeneric_300x600_(viva.co.id)_-_Sale&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250%7C300x300%7C160x600%7C250x250%7C120x600%7C240x400%7C300x337%7C250x360%7C300x480%7C300x319%7C300x465%7C300x359%7C300x470%7C300x368%7C300x360%7C300x476%7C300x332&ifi=1&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&abxe=1&dt=1732655642674&adxs=485&adys=1458&biw=1600&bih=1200&isw=300&ish=600&scr_x=0&scr_y=0&btvi=1&ucis=yg0sg1csk9mr&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fpaddyofegans.com%2F&top=paddyofegans.com&vis=1&psz=300x600&msz=300x0&fws=260&ohw=300&td=1&tan=81dc2521-d4fb-46ce-a782-9f8195c29c52&tdf=2&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732655642412&idt=244&adks=3822314918&frm=23&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

7461269a772933886deeb7f2681d2a50e870cdd52ee7631bbab897db3438ecdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: br
google-lineitem-id: -2
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://paddyofegans.com
content-length: 439
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
711849abfba5b159000eb2dbe19c976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 604B 0
0 88ms
36ms Document
text/html 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://711849abfba5b159000eb2dbe19c976f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Nov 2024 21:14:02 GMT
expires: Tue, 26 Nov 2024 21:14:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 header-bidding-request
mweb-hb.presage.io/api/ Frame 0
0 23ms
6ms Preflight
application/json 52.196.7.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mweb-hb.presage.io/api/header-bidding-request
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.196.7.28 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-196-7-28.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://paddyofegans.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://paddyofegans.com
content-length: 4
content-type: application/json
date: Tue, 26 Nov 2024 21:14:02 GMT

POST
H2 200 v1 Show response
prg-apac.smartadserver.com/prebid/ 923 B
2 KB 398ms
189ms Fetch
application/json 23.106.127.34
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/1326/prebid_2024_11_25_7_25_20.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.106.127.34 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software: /
Resource Hash: c2b215356659df270766ba263e9009d9dbbccf6da53a9ae645b40e15f66c6aaa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://paddyofegans.com/

Response headers

cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://paddyofegans.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding, Origin

POST
H2 200 v1 Show response
prg-apac.smartadserver.com/prebid/ 1 KB
2 KB 394ms
186ms Fetch
application/json 23.106.127.34
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/1326/prebid_2024_11_25_7_25_20.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.106.127.34 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software: /
Resource Hash: acbb301b1aa6571b9833e81a8cb088797d66155893ce02093f751f345d956206

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://paddyofegans.com/

Response headers

cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://paddyofegans.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding, Origin

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
385 B 56ms
40ms Fetch
text/plain 35.227.252.103
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/1326/prebid_2024_11_25_7_25_20.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: f1f249590152335f7f5b5985558d6093e27624bb3198b0ef712294c89306ddd4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
x-forwarded-for: 146.70.201.215
access-control-allow-credentials: true
observe-browsing-topics: ?1
via: 1.1 google
access-control-allow-origin: https://paddyofegans.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: text/plain
vary: Origin

POST
H2 400 header-bidding-request Show response
mweb-hb.presage.io/api/ 0
169 B 15ms
6ms Fetch
application/json 52.196.7.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mweb-hb.presage.io/api/header-bidding-request
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/1326/prebid_2024_11_25_7_25_20.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.196.7.28 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-196-7-28.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer: https://paddyofegans.com/

Response headers

access-control-allow-origin: https://paddyofegans.com
content-length: 0
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 138 B
829 B 262ms
100ms Fetch
application/json 103.43.90.179
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/1326/prebid_2024_11_25_7_25_20.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.179 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

b3df88dd1ca48b06286060417c08940fad65cfd74d3720221d7635537c701605

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://paddyofegans.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 146.70.201.215; 146.70.201.215; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://paddyofegans.com
an-x-request-uuid: 194a6ff9-ef0b-431c-80db-e1521c0c365c
content-length: 138
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Tue, 26 Nov 2024 21:14:02 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
server: nginx/1.23.4

POST
H2 204 request Show response
grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/ 0
223 B 14ms
4ms Fetch 2406:2600:4::c
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/request?profileId=207&av=37&wv=9.14.0&cb=71625569231&lsavail=1&bundle=rpwXo19SdlVVTTIxQ3E2RDdZNUVYMVU1UTdGZGZFVThmTjNUZHFZczd6clpyYmlXN0U5TE5DbXhmcHdIZSUyRjBWRkhrJTJCbnZFOFdaJTJCakNraWRrMWZnbUpwRko2dGp3QzJoQmZkVnpMMk9HSFlKRHFVeXFyVFRRRVlzT2JIY01qYlc2U20yNw&networkId=9528

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/1326/prebid_2024_11_25_7_25_20.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::c , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://paddyofegans.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
observe-browsing-topics: ?1
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:02 GMT
vary: Origin
server: Kestrel

POST
H2 204 prebid Show response
prebid.ad.smaato.net/oapi/ 0
397 B 254ms
77ms Fetch 34.1.195.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/1326/prebid_2024_11_25_7_25_20.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.1.195.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.195.1.34.bc.googleusercontent.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://paddyofegans.com/

Response headers

x-smt-trace: https://tracing.smaato.net/api/traces/bebd3c07016ee401bd5d754236405a87?prettyPrint=true
access-control-expose-headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:02 GMT
server: SOMA
access-control-allow-credentials: true
x-smt-sessionid: c82c1971-7238-ed8c-5b90-a84ada7df594

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 469 B
809 B 334ms
75ms Fetch
application/json 69.173.158.65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17692&site_id=496146&zone_id=3545390&size_id=43&alt_size_ids=117&rp_schain=1.0,1!anymanager.io,A838,1,,,&eid_criteo.com=wgVUB19KMmRWNEh5MGUzOUVRcUJpWEo3bDBKRjdVMWNXS1VPb0JmQUN1TyUyRjJsTG8lMkZ4QWJ3c2U5JTJCd2NhN2VwY0REYUZudEhwUUs0bWpMNzhESWNhJTJCVEVsakR3JTNEJTNE%5E1&rf=https%3A%2F%2Fpaddyofegans.com%2F&kw=index%2Cfollow%2Cadirabet%2Cadirabetslot%2Cadirabelogin%2Csetyobudiyanto%2Cdpr%2Ckpk&tg_i.domain=paddyofegans.com&tg_i.page=https%3A%2F%2Fpaddyofegans.com%2F&tg_i.dfp_ad_unit_code=%2F21622890900%2C11225321%2FID_viva.co.id_res_allpage_top_320x100%2F%2F320x50&tk_flint=pbjs_lite_v9.14.0&x_source.tid=a017dfd0-a1ee-44ac-9295-9c1245bc6fa4&l_pb_bid_id=166e96ae3403e79&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=86320965-a850-48b4-94ce-c02d0ef31a78&rp_maxbids=1&p_gpid=%2F21622890900%2C11225321%2FID_viva.co.id_res_allpage_top_320x100%2F%2F320x50&m_ch_mobile=%3F0&slots=1&rand=0.8267086792791687
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/1326/prebid_2024_11_25_7_25_20.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.27.2 /
Resource Hash: 8b33ba930beeefa30ecceffb521fc61d48d6f533d2004415195eab682dc07050

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://paddyofegans.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://paddyofegans.com
content-length: 469
date: Tue, 26 Nov 2024 21:14:03 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.27.2

GET
H2 200 topics.html
widgets.outbrain.com/nanoWidget/externals/topics/ Frame 9868 0
0 25ms
8ms Document
text/html 23.32.225.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/topics/topics.html?r=https%3A%2F%2Fpaddyofegans.com
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.225.140 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-225-140.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=14400
content-length: 667
content-type: text/html
date: Tue, 26 Nov 2024 21:14:02 GMT
etag: "a52151dbf5b2ca563e40ccca1ab8228c:1732624660.182232"
expires: Wed, 27 Nov 2024 01:14:02 GMT
last-modified: Tue, 26 Nov 2024 12:09:03 GMT
server: AkamaiNetStorage
timing-allow-origin: * *

GET
H/1.1 200
OK cGFkZHlvZmVnYW5zLmNvbQ== Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
536 B 581ms
528ms XHR
application/json 184.27.209.254
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tcheck.outbrainimg.com/tcheck/check/cGFkZHlvZmVnYW5zLmNvbQ==

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

184.27.209.254 Seattle, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-27-209-254.deploy.static.akamaitechnologies.com

Software

Resource Hash

929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
Access-Control-Max-Age: 43200
Cache-Control: max-age=43192
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Connection: keep-alive
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
Expires: Wed, 27 Nov 2024 09:13:55 GMT
Access-Control-Allow-Origin: *
Content-Length: 16
Date: Tue, 26 Nov 2024 21:14:03 GMT
Content-Type: application/json; charset=utf-8
x-traceid: 938c45a924d22dac3304e857e073e7c

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
371 B 21ms
14ms Image
image/gif 23.32.225.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: paddyofegans.com
URL: https://paddyofegans.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.225.140 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-225-140.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: max-age=2592000
timing-allow-origin: *, *
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-request-headers: X-OB-STG,X-OB-PRD
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
expires: Thu, 26 Dec 2024 21:14:02 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: image/gif
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage

GET sodar2.js
ep2.adtrafficquality.google/sodar/ Frame 4448 0
0

POST
H/1.1 204
No Content collect Show response
k.clarity.ms/ 0
280 B 591ms
163ms XHR
text/plain 172.175.38.6
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.175.38.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://paddyofegans.com/

Response headers

Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
Access-Control-Allow-Origin: https://paddyofegans.com
Date: Tue, 26 Nov 2024 21:14:03 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 200 ROS Show response
pbjs.e-planning.net/pbjs/1/76d41/1/paddyofegans.com/ 2 B
157 B 84ms
83ms XHR
text/plain 64.120.110.137
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/pbjs/1/76d41/1/paddyofegans.com/ROS?rnd=0.30974230395344704&e=1442995%3A300x250%2C300x600%2C160x600%2C300x300%2C250x250%2C120x600%2C240x400%2C300x337%2C250x360%2C300x480%2C300x319%2C300x465%2C300x359%2C300x470%2C300x368%2C300x360%2C300x476%2C300x332%7C0&ur=https%3A%2F%2Fpaddyofegans.com%2F&pbv=8.18.0&ncb=1&vs=F&crs=UTF-8
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.120.110.137 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

x-sid: SIN-596
access-control-allow-origin: https://paddyofegans.com
content-length: 2
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: text/plain
server: openresty
access-control-allow-credentials: true

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
208 B 75ms
69ms XHR
application/json 69.173.158.92
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.158.92 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 8ef03aa2821420856419cdecde8ffd2a6e1b78e6a16b3009bae7b9b64079d15d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://paddyofegans.com
content-length: 174
x-prebid: pbs-java/3.15.0
content-type: application/json
vary: origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
194 B 13ms
5ms XHR
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=159&profileId=184&cb=26270925579

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://paddyofegans.com/

Response headers

cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:02 GMT
vary: Origin
server: Kestrel
access-control-allow-credentials: true

POST
H2 200 prebid Show response
r2b2-apac.adnxs.com/ut/v3/ 162 B
1 KB 348ms
221ms XHR
application/json 103.43.90.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://r2b2-apac.adnxs.com/ut/v3/prebid

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.149 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

608.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

b9fa211ae08032eed28cc81798fcdb9ea315f57c827b8e7e003bb7843157bb3a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 146.70.201.215; 146.70.201.215; 608.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://paddyofegans.com
an-x-request-uuid: 84b5e11a-e56c-4062-bada-6f030d01dfb3
content-length: 162
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Tue, 26 Nov 2024 21:14:03 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
server: nginx/1.23.4

POST
H/1.1 204
No Content translator Show response
openbid.pubmatic.com/ 0
211 B 17ms
11ms XHR
text/plain 207.65.34.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://openbid.pubmatic.com/translator?pubId=158361
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.79 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Origin: https://paddyofegans.com
Date: Tue, 26 Nov 2024 21:14:02 GMT
Access-Control-Allow-Credentials: true

POST
H2 200 dsh Show response
hb.adscale.de/ 11 B
227 B 549ms
469ms XHR
text/plain 35.156.62.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adscale.de/dsh
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.62.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-62-221.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

x-robots-tag: none
cache-control: no-cache
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:03 GMT
content-type: text/plain
vary: origin

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 312 B
651 B 146ms
74ms XHR
application/json 69.173.158.65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21794&site_id=557564&zone_id=3500708&size_id=10&alt_size_ids=15%2C48%2C9%2C14&p_pos=atf&rf=https%3A%2F%2Fpaddyofegans.com%2F&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6907765665133017&rp_schain=1.0%2C1!r2b2.cz%2C3535%2C1%2C%2C%2C&dsarequired=0
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.27.2 /
Resource Hash: bde4c886e89be6e665305b4d83f2932800ce6889429166c6c38cae3da651292d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://paddyofegans.com
content-length: 312
date: Tue, 26 Nov 2024 21:14:03 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.27.2

POST
H2 200 prebid Show response
r2b2-apac.adnxs.com/ut/v3/ 162 B
1 KB 321ms
197ms XHR
application/json 103.43.90.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://r2b2-apac.adnxs.com/ut/v3/prebid

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.149 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

608.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

42320209450988feacdafe4ae776d99717419eb11a69133e90b7b8caf6bda121

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 146.70.201.215; 146.70.201.215; 608.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://paddyofegans.com
an-x-request-uuid: c06d7da7-1534-4d82-8495-c7840aa9f3cc
content-length: 162
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Tue, 26 Nov 2024 21:14:03 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
server: nginx/1.23.4

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
194 B 9ms
4ms XHR
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=159&profileId=184&cb=54226147411

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://paddyofegans.com/

Response headers

cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:01 GMT
vary: Origin
server: Kestrel
access-control-allow-credentials: true

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
412 B 76ms
70ms XHR
application/json 51.79.154.29
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.79.154.29 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip29.ip-51-79-154.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://paddyofegans.com
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
content-length: 41
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
178 B 591ms
482ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS RTB...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS RTB Marketing and Tech Services Ltd, CY),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

access-control-max-age: 3600
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:03 GMT
vary: Origin
access-control-allow-credentials: true
access-control-allow-methods: POST

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
18 B 76ms
72ms XHR
text/plain 131.153.206.100
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 131.153.206.100 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 2
access-control-allow-credentials: true
x-nbr: 2b
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:02 GMT
vary: origin, accept-encoding, Accept-Encoding
server: envoy

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
178 B 597ms
489ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS RTB...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS RTB Marketing and Tech Services Ltd, CY),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

access-control-max-age: 3600
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:03 GMT
vary: Origin
access-control-allow-credentials: true
access-control-allow-methods: POST

POST
H2 204 events
bidder.criteo.com/csm/ 0
194 B 4ms
2ms Ping
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:02 GMT
vary: Origin
server: Kestrel
access-control-allow-credentials: true

POST
H2 204 events
bidder.criteo.com/csm/ 0
194 B 5ms
4ms Ping
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:02 GMT
vary: Origin
server: Kestrel
access-control-allow-credentials: true

GET
H2 200 cads-generic.min.js Show response
cdn.contextads.live/publishers/ 11 KB
4 KB 55ms
11ms Script
application/javascript 2600:9000:2047:9400:1:420f:ab00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contextads.live/publishers/cads-generic.min.js
Requested by: Host: www.viva.co.id
URL: https://www.viva.co.id/asset-viva/responsive-web/ads/forkmedia.js?v=2.85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2047:9400:1:420f:ab00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b449bbf84168dd9d957e44708e79703e21d9cf8bda1333169a6d7eb8525f609a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

x-amz-cf-pop: KIX56-C1
content-encoding: gzip
etag: W/"9f1ed657e62b10850b355f3311b73e9f"
age: 52919
via: 1.1 e06dfcdb8abf82709b7aa659a8d098ce.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: CzX907BQGOIKc2u2ttk6PAFsO5QcgZQqhgNIrs5m1yaWDJnuvRjyvg==
date: Tue, 26 Nov 2024 06:32:59 GMT
content-type: application/javascript
vary: accept-encoding
server: AmazonS3
last-modified: Thu, 21 Nov 2024 06:30:45 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 1 KB
2 KB 309ms
301ms Script
text/javascript 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fadirabet61.com%2F&idx=0&rand=79644&widgetJSId=AR_1&va=true&et=true&format=html&px=315&py=1428&vpd=-382&settings=true&recs=true&cw=640&key=NANOWDGT01&tch=0&adblck=0&abwl=0&activeTab=true&clientType=21&clientVer=20101009&version=20101009&sig=FvJ1H2r8&apv=false&osLang=ja-JP&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fpaddyofegans.com%2F

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1f04d2504027f2dc825a14e606e9b4b6edf012bf94b4bd18f43aedf209b57d50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: br
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
date: Tue, 26 Nov 2024 21:14:03 GMT
content-type: text/javascript
x-served-by: cache-iad-kjyo7100166-IAD, cache-nrt-rjtf7700040-NRT
x-cache-hits: 0, 0
x-traceid: 488fd2e7b675efa4c15e9653f4003898
vary: Accept-Encoding, User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
pragma: no-cache
x-timer: S1732655643.065508,VS0,VE299
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 1020
traffic-path: WNDC1, IAD, NRT, ASIA

GET
H2 406 client Show response
cengineapi.contextads.live/ 52 B
172 B 397ms
132ms XHR
application/json 65.0.226.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cengineapi.contextads.live/client?url=https%3A%2F%2Fpaddyofegans.com%2F&device=desktop&product=cads
Requested by: Host: cdn.contextads.live
URL: https://cdn.contextads.live/publishers/cads-generic.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 65.0.226.243 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-65-0-226-243.ap-south-1.compute.amazonaws.com
Software: /
Resource Hash: 1fb6b8cd8d1e887bd714862d4711d08bf8a280ce06414cfab848bbadf4cd1f5e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

access-control-allow-origin: *
content-length: 52
date: Tue, 26 Nov 2024 21:14:03 GMT
content-type: application/json; charset=utf-8
vary: Origin

GET cads-paddyofegans.com.min.js
cdn.contextads.live/publishers/v3/paddyofegans.com/ 0
0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 5378 107 KB
0 0ms
0ms Script
text/javascript 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

3c958c27c30ca5cb798719c52355a13ea7abcac9bc3b4d6f20fcdb8841eae4da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: br
etag: 883 / 20053 / m202411180101 / config-hash: 2173145291705866055
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 21:14:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33304
x-xss-protection: 0
server: cafe

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 4AD5 107 KB
0 0ms
0ms Script
text/javascript 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

3c958c27c30ca5cb798719c52355a13ea7abcac9bc3b4d6f20fcdb8841eae4da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: br
etag: 883 / 20053 / m202411180101 / config-hash: 2173145291705866055
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 21:14:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33304
x-xss-protection: 0
server: cafe

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 4846 107 KB
0 0ms
0ms Script
text/javascript 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

3c958c27c30ca5cb798719c52355a13ea7abcac9bc3b4d6f20fcdb8841eae4da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: br
etag: 883 / 20053 / m202411180101 / config-hash: 2173145291705866055
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 21:14:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33304
x-xss-protection: 0
server: cafe

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/ Frame 5378 492 KB
0 0ms
0ms Script
text/javascript 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: br
etag: 1421939719645060458
age: 2108
x-content-type-options: nosniff
expires: Wed, 26 Nov 2025 20:38:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 26 Nov 2024 20:38:54 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 155913
x-xss-protection: 0
server: cafe

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 5378 70 B
0 1ms
1ms XHR
application/json 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=paddyofegans.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

cc050811a0094195e8e37f5bc2c15573d781be915efc38919a78c8d83caecb58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 21:14:02 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 62
date: Tue, 26 Nov 2024 21:14:02 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame CED9 107 KB
0 0ms
0ms Script
text/javascript 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

3c958c27c30ca5cb798719c52355a13ea7abcac9bc3b4d6f20fcdb8841eae4da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: br
etag: 883 / 20053 / m202411180101 / config-hash: 2173145291705866055
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 21:14:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33304
x-xss-protection: 0
server: cafe

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame C82B 107 KB
0 0ms
0ms Script
text/javascript 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

3c958c27c30ca5cb798719c52355a13ea7abcac9bc3b4d6f20fcdb8841eae4da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: br
etag: 883 / 20053 / m202411180101 / config-hash: 2173145291705866055
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 21:14:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33304
x-xss-protection: 0
server: cafe

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 3635 107 KB
0 0ms
0ms Script
text/javascript 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

3c958c27c30ca5cb798719c52355a13ea7abcac9bc3b4d6f20fcdb8841eae4da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: br
etag: 883 / 20053 / m202411180101 / config-hash: 2173145291705866055
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 21:14:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33304
x-xss-protection: 0
server: cafe

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/ Frame 4AD5 492 KB
0 0ms
0ms Script
text/javascript 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: br
etag: 1421939719645060458
age: 2108
x-content-type-options: nosniff
expires: Wed, 26 Nov 2025 20:38:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 26 Nov 2024 20:38:54 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 155913
x-xss-protection: 0
server: cafe

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 4AD5 70 B
0 1ms
1ms XHR
application/json 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=paddyofegans.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

cc050811a0094195e8e37f5bc2c15573d781be915efc38919a78c8d83caecb58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 21:14:02 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 62
date: Tue, 26 Nov 2024 21:14:02 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/ Frame 4846 492 KB
0 0ms
0ms Script
text/javascript 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: br
etag: 1421939719645060458
age: 2108
x-content-type-options: nosniff
expires: Wed, 26 Nov 2025 20:38:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 26 Nov 2024 20:38:54 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 155913
x-xss-protection: 0
server: cafe

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 4846 70 B
0 2ms
2ms XHR
application/json 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=paddyofegans.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

cc050811a0094195e8e37f5bc2c15573d781be915efc38919a78c8d83caecb58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 21:14:02 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 62
date: Tue, 26 Nov 2024 21:14:02 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/ Frame CED9 492 KB
0 0ms
0ms Script
text/javascript 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: br
etag: 1421939719645060458
age: 2108
x-content-type-options: nosniff
expires: Wed, 26 Nov 2025 20:38:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 26 Nov 2024 20:38:54 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 155913
x-xss-protection: 0
server: cafe

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame CED9 70 B
0 1ms
1ms XHR
application/json 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=paddyofegans.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

cc050811a0094195e8e37f5bc2c15573d781be915efc38919a78c8d83caecb58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 21:14:02 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 62
date: Tue, 26 Nov 2024 21:14:02 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/ Frame C82B 492 KB
0 0ms
0ms Script
text/javascript 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: br
etag: 1421939719645060458
age: 2108
x-content-type-options: nosniff
expires: Wed, 26 Nov 2025 20:38:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 26 Nov 2024 20:38:54 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 155913
x-xss-protection: 0
server: cafe

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame C82B 70 B
0 1ms
1ms XHR
application/json 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=paddyofegans.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

cc050811a0094195e8e37f5bc2c15573d781be915efc38919a78c8d83caecb58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 21:14:02 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 62
date: Tue, 26 Nov 2024 21:14:02 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/ Frame 3635 492 KB
0 0ms
0ms Script
text/javascript 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: br
etag: 1421939719645060458
age: 2108
x-content-type-options: nosniff
expires: Wed, 26 Nov 2025 20:38:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 26 Nov 2024 20:38:54 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 155913
x-xss-protection: 0
server: cafe

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 3635 70 B
0 1ms
1ms XHR
application/json 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=paddyofegans.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

cc050811a0094195e8e37f5bc2c15573d781be915efc38919a78c8d83caecb58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 21:14:02 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 62
date: Tue, 26 Nov 2024 21:14:02 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 put.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 45E1 0
0 3ms
2ms Document
text/html 23.32.225.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.225.140 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-225-140.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-length: 416
content-type: text/html
date: Tue, 26 Nov 2024 21:14:03 GMT
etag: "c0311cf15c21ddda054005e92fad3f9e:1732624656.132877"
expires: Tue, 03 Dec 2024 21:14:03 GMT
last-modified: Tue, 26 Nov 2024 12:09:03 GMT
server: AkamaiNetStorage
timing-allow-origin: * *

GET
H/1.1 200
OK l Show response
mcdp-wndc1.outbrain.com/ 2 B
429 B 306ms
103ms Fetch
text/plain 172.179.183.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://mcdp-wndc1.outbrain.com/l?token=3c4cbe743ab3a2518a1c7bacf804a0c9_0_1732655643245_1&tm=589&eT=0&widgetWidth=640&widgetHeight=0&widgetX=315&widgetY=1429&wRV=20101009&pVis=0&lsd=7e1116eb-3016-4a6d-8d6b-f4cc78298608&eIdx=&cheq=0&rtt=379&oo=false&lo=1157&obreq=561&mvreq=1557&mvres=1936&cet=4g&to=1732655641499&ll=0&chs=8&ab=0&wl=0&retries=0

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

172.179.183.128 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-expose-headers: content-range
content-encoding: br
access-control-allow-origin: *
content-length: 6
date: Tue, 26 Nov 2024 21:14:03 GMT
content-type: text/plain; charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-traceid: 72339887f1abfd67b40b22bd62858997

GET
H2 200 obUserSync.html
widgets.outbrain.com/widgetOBUserSync/ Frame E922 0
0 4ms
4ms Document
text/html 23.32.225.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.225.140 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-225-140.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-encoding: gzip
content-length: 6559
content-type: text/html
date: Tue, 26 Nov 2024 21:14:03 GMT
etag: "e2c93015015d69447ee032a0d40bb959:1726489446.958345"
expires: Tue, 03 Dec 2024 21:14:03 GMT
last-modified: Mon, 16 Sep 2024 12:20:34 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 620 B
338 B 64ms
64ms Fetch
text/plain 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4255252775906676&correlator=1538100510763108&eid=95344999%2C83320949%2C31086809&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fifs&iu_parts=21622890900%3A11225321%2CID_viva.co.id_res_skinformat_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Ddbbe56b4ca227fd8%3AT%3D1732655642%3ART%3D1732655642%3AS%3DALNI_MaNvc7n5WPIwW4pE9AbonYAJ01dMQ&gpic=UID%3D00000f9fbd5dd2c6%3AT%3D1732655642%3ART%3D1732655642%3AS%3DALNI_Max6heCYM-rPYz9Sw4K0jkby7EHIA&abxe=1&dt=1732655643477&lmt=1732351787&adxs=800&adys=45&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fpaddyofegans.com%2F&vis=1&psz=1600x0&msz=0x0&fws=132&ohw=1600&td=1&tan=b662163c-7f2d-4dd1-b149-8fd45c04ee6a&tdf=2&topics=1&tps=1&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732655641570&idt=1030&cust_params=kwblock%3Dtrue%26IAB_Category%3D1020%26url%3D%252F%26ref%3Dnull&adks=680837532&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

faf6f9c8ccfc463d9808bda5efb26ece37498c3cd0a73f737883c23646fdd0ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: br
google-lineitem-id: -2
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 26 Nov 2024 21:14:03 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://paddyofegans.com
content-length: 309
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
0895f0aa2c467178304330755a52a8b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0F63 0
0 75ms
38ms Document
text/html 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0895f0aa2c467178304330755a52a8b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Nov 2024 21:14:03 GMT
expires: Tue, 26 Nov 2024 21:14:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame DA9C 0
0 0ms
0ms Document
text/html 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1052
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 28994
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Nov 2024 20:56:30 GMT
expires: Tue, 26 Nov 2024 21:46:30 GMT
last-modified: Mon, 18 Nov 2024 20:43:40 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ Frame 5378 17 KB
13 KB 56ms
55ms XHR
application/json 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202411180101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

4a2bfab16edf4d89800782d6414b98e4d71260d3b39d352586e551dc8f708a3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13212
date: Tue, 26 Nov 2024 21:14:03 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 5378 643 B
356 B 65ms
65ms Fetch
text/plain 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=619342638820087&correlator=1658670942528987&eid=83320950%2C31086809&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fifs&iu_parts=187332344%3A11225321%2Cgeneric_300x250_mobile_(viva.co.id)_-_Zero&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x50%7C250x250%7C300x100%7C200x200%7C234x60%7C220x90%7C120x240&ifi=1&sfv=1-0-40&eri=4&sc=1&cookie=ID%3Ddbbe56b4ca227fd8%3AT%3D1732655642%3ART%3D1732655642%3AS%3DALNI_MaNvc7n5WPIwW4pE9AbonYAJ01dMQ&gpic=UID%3D00000f9fbd5dd2c6%3AT%3D1732655642%3ART%3D1732655642%3AS%3DALNI_Max6heCYM-rPYz9Sw4K0jkby7EHIA&abxe=1&dt=1732655643515&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=kgtkgjv9m4m8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fpaddyofegans.com%2F&top=paddyofegans.com&vis=1&psz=0x0&msz=0x0&fws=260&ohw=0&td=1&egid=7353&tan=25bb92ee-fb6f-48ba-a491-d3e72425cdc7&tdf=2&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732655643327&idt=167&adks=2074463268&frm=23&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

71fd4cf6fa2ca8cdb38b91a10abb4d45a4dc5f91c56f0cb3d670ccc5b1e7bd44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: br
google-lineitem-id: -2
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 26 Nov 2024 21:14:03 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://paddyofegans.com
content-length: 327
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
8eae539367dce3dd3a72a46447c5a1ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 47E4 0
0 47ms
37ms Document
text/html 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8eae539367dce3dd3a72a46447c5a1ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Nov 2024 21:14:03 GMT
expires: Tue, 26 Nov 2024 21:14:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
513 B 311ms
103ms XHR
application/json 172.179.183.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1732655643525&sessionId=1909f1c5-34cc-84a0-4d8a-41753ef89cb8&url=paddyofegans.com&cheqSource=1&cheqEvent=3&responseTime=673

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

172.179.183.128 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
pragma: no-cache
access-control-allow-methods: GET,POST
expires: 0
access-control-allow-origin: *
content-length: 8
date: Tue, 26 Nov 2024 21:14:03 GMT
content-type: application/json; charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-traceid: 1241b8a33fa20783798c379f2d556103

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 0195 107 KB
0 0ms
0ms Script
text/javascript 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

3c958c27c30ca5cb798719c52355a13ea7abcac9bc3b4d6f20fcdb8841eae4da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: br
etag: 883 / 20053 / m202411180101 / config-hash: 2173145291705866055
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 21:14:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33304
x-xss-protection: 0
server: cafe

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame AF9F 0
0 0ms
0ms Document
text/html 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1052
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 28994
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Nov 2024 20:56:30 GMT
expires: Tue, 26 Nov 2024 21:46:30 GMT
last-modified: Mon, 18 Nov 2024 20:43:40 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ Frame 4AD5 17 KB
13 KB 59ms
52ms XHR
application/json 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202411180101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

f42f8bb439bceb4ef395118f2d81a8cf454fdd013fac6f187ec3ea5f9c70943f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13125
date: Tue, 26 Nov 2024 21:14:03 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 4AD5 641 B
358 B 64ms
64ms Fetch
text/plain 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=952529157251443&correlator=3346078554177615&eid=31088952%2C31086809&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fifs&iu_parts=187332344%3A11225321%2Cgeneric_320x50_mobile_(viva.co.id)_-_Zero&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x50%7C292x30%7C300x31&ifi=1&sfv=1-0-40&eri=4&sc=1&cookie=ID%3Ddbbe56b4ca227fd8%3AT%3D1732655642%3ART%3D1732655642%3AS%3DALNI_MaNvc7n5WPIwW4pE9AbonYAJ01dMQ&gpic=UID%3D00000f9fbd5dd2c6%3AT%3D1732655642%3ART%3D1732655642%3AS%3DALNI_Max6heCYM-rPYz9Sw4K0jkby7EHIA&abxe=1&dt=1732655643566&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=l1lrf6v2gk6j&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fpaddyofegans.com%2F&top=paddyofegans.com&vis=1&psz=0x0&msz=0x0&fws=260&ohw=0&td=1&egid=7353&tan=f8ea9647-94bf-4c86-aed8-81b93eecc468&tdf=2&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732655643338&idt=211&adks=3221270776&frm=23&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

5608e528fba224b2aac12b4533d56f744555d9d1cf044a3ab0453edd332c11fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: br
google-lineitem-id: -2
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 26 Nov 2024 21:14:03 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://paddyofegans.com
content-length: 329
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
c3b1732374ca94e347ee8dc574bf7695.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B0D6 0
0 49ms
37ms Document
text/html 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c3b1732374ca94e347ee8dc574bf7695.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Nov 2024 21:14:03 GMT
expires: Tue, 26 Nov 2024 21:14:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 64D1 0
0 0ms
0ms Document
text/html 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1052
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 28994
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Nov 2024 20:56:30 GMT
expires: Tue, 26 Nov 2024 21:46:30 GMT
last-modified: Mon, 18 Nov 2024 20:43:40 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ Frame 4846 17 KB
13 KB 78ms
51ms XHR
application/json 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202411180101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

be3ce27aecff1097ed5af3844c9d06af60eeea861645a2b5a06a88d2d76133ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13109
date: Tue, 26 Nov 2024 21:14:03 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 4846 635 B
354 B 60ms
59ms Fetch
text/plain 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1346930639944590&correlator=295492203502519&eid=31089148%2C31086809%2C95340253%2C95340255&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fifs&iu_parts=187332344%3A11225321%2Cgeneric_sticky_(viva.co.id)_-_Sale&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x310%7C300x600%7C300x250%7C300x300%7C336x280%7C970x250%7C728x90%7C1000x310%7C970x210%7C900x250%7C994x250%7C998x200%7C950x300%7C930x180%7C750x100%7C1000x210%7C776x200%7C1000x300%7C1000x250%7C750x200&ifi=1&sfv=1-0-40&eri=4&sc=1&cookie=ID%3Ddbbe56b4ca227fd8%3AT%3D1732655642%3ART%3D1732655642%3AS%3DALNI_MaNvc7n5WPIwW4pE9AbonYAJ01dMQ&gpic=UID%3D00000f9fbd5dd2c6%3AT%3D1732655642%3ART%3D1732655642%3AS%3DALNI_Max6heCYM-rPYz9Sw4K0jkby7EHIA&abxe=1&dt=1732655643598&adxs=315&adys=890&biw=1600&bih=1200&isw=970&ish=310&scr_x=0&scr_y=0&btvi=0&ucis=uoh8yr395v1b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fpaddyofegans.com%2F&top=paddyofegans.com&vis=1&psz=970x310&msz=970x0&fws=260&ohw=970&td=1&egid=7353&tan=1b9da9e9-f9ab-49d6-8dde-0b0d2bf8c110&tdf=2&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732655643347&idt=234&adks=2319010200&frm=23&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

836609f7382201c8ab41d229e67f5c1c911576caa23017e9fa441a2724152896

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: br
google-lineitem-id: -2
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 26 Nov 2024 21:14:03 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://paddyofegans.com
content-length: 325
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
a298434c674fa411777e4938d023c5f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 20EE 0
0 79ms
37ms Document
text/html 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a298434c674fa411777e4938d023c5f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Nov 2024 21:14:03 GMT
expires: Tue, 26 Nov 2024 21:14:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 4CA9 0
0 1ms
0ms Document
text/html 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1052
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 28994
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Nov 2024 20:56:30 GMT
expires: Tue, 26 Nov 2024 21:46:30 GMT
last-modified: Mon, 18 Nov 2024 20:43:40 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ Frame CED9 17 KB
13 KB 98ms
54ms XHR
application/json 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202411180101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

4c442a2bcf874e0fc722993b45bb631e51ea585307748d4adacaea630631202e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13175
date: Tue, 26 Nov 2024 21:14:03 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame CED9 636 B
357 B 59ms
58ms Fetch
text/plain 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2069296394646544&correlator=3167804349035077&eid=31086809&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fifs&iu_parts=187332344%3A11225321%2Cgeneric_300x250_(viva.co.id)_-_Zero&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x50%7C250x250%7C300x100%7C200x200%7C234x60%7C220x90%7C120x240&ifi=1&sfv=1-0-40&eri=4&sc=1&cookie=ID%3Ddbbe56b4ca227fd8%3AT%3D1732655642%3ART%3D1732655642%3AS%3DALNI_MaNvc7n5WPIwW4pE9AbonYAJ01dMQ&gpic=UID%3D00000f9fbd5dd2c6%3AT%3D1732655642%3ART%3D1732655642%3AS%3DALNI_Max6heCYM-rPYz9Sw4K0jkby7EHIA&abxe=1&dt=1732655643632&adxs=485&adys=2059&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=3nxp5vq1n80v&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fpaddyofegans.com%2F&top=paddyofegans.com&vis=1&psz=300x250&msz=300x0&fws=260&ohw=300&td=1&egid=7353&tan=a01e62b5-176d-4883-a1be-73fc8c5fed49&tdf=2&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732655643365&idt=249&adks=3418095023&frm=23&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

c42635bf22941628df3170bcd65c32130a2e57a3d0e236902f43150f15edfb1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: br
google-lineitem-id: -2
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 26 Nov 2024 21:14:03 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://paddyofegans.com
content-length: 328
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
0149f852a20148c48665bbfb5d8cb3f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4F0A 0
0 78ms
37ms Document
text/html 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0149f852a20148c48665bbfb5d8cb3f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Nov 2024 21:14:03 GMT
expires: Tue, 26 Nov 2024 21:14:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame D3EF 0
0 0ms
0ms Document
text/html 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1052
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 28994
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Nov 2024 20:56:30 GMT
expires: Tue, 26 Nov 2024 21:46:30 GMT
last-modified: Mon, 18 Nov 2024 20:43:40 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ Frame C82B 17 KB
13 KB 115ms
54ms XHR
application/json 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202411180101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

4e16f5fa2706f39dfa3fe3cb1a85e0a763d1f8a14515a7a84e99f915fe404954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13167
date: Tue, 26 Nov 2024 21:14:03 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame C82B 634 B
356 B 58ms
57ms Fetch
text/plain 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=788879484833017&correlator=3594587678597798&eid=31086814%2C31089066%2C31086809&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fifs&iu_parts=187332344%3A11225321%2Cgeneric_320x50_(viva.co.id)_-_Sale&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x50%7C292x30%7C300x31&ifi=1&sfv=1-0-40&eri=4&sc=1&cookie=ID%3Ddbbe56b4ca227fd8%3AT%3D1732655642%3ART%3D1732655642%3AS%3DALNI_MaNvc7n5WPIwW4pE9AbonYAJ01dMQ&gpic=UID%3D00000f9fbd5dd2c6%3AT%3D1732655642%3ART%3D1732655642%3AS%3DALNI_Max6heCYM-rPYz9Sw4K0jkby7EHIA&abxe=1&dt=1732655643671&adxs=475&adys=2309&biw=1600&bih=1200&isw=320&ish=50&scr_x=0&scr_y=0&btvi=1&ucis=35skt1kxc9fx&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fpaddyofegans.com%2F&top=paddyofegans.com&vis=1&psz=320x50&msz=320x0&fws=260&ohw=320&td=1&egid=7353&tan=e8c1b07c-56ce-4ab1-a516-a0ea4f5a17af&tdf=2&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732655643374&idt=274&adks=2016120414&frm=23&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

c898e6c17b6d36c822386603c83c4f6cb56481fdbaee31d9edfc34a70df6c06c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: br
google-lineitem-id: -2
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 26 Nov 2024 21:14:03 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://paddyofegans.com
content-length: 327
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
258900d3f0256004d783bfc403da5710.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5CE6 0
0 49ms
37ms Document
text/html 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://258900d3f0256004d783bfc403da5710.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Nov 2024 21:14:03 GMT
expires: Tue, 26 Nov 2024 21:14:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 3070 0
0 0ms
0ms Document
text/html 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1052
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 28994
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Nov 2024 20:56:30 GMT
expires: Tue, 26 Nov 2024 21:46:30 GMT
last-modified: Mon, 18 Nov 2024 20:43:40 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ Frame 3635 17 KB
13 KB 121ms
51ms XHR
application/json 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202411180101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

8f9fb965aba36fce47193b875d52483910dcc233aba8d80fe873779aaa458de5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13147
date: Tue, 26 Nov 2024 21:14:03 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 3635 635 B
355 B 62ms
60ms Fetch
text/plain 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1964505267532438&correlator=1082542388198720&eid=31083345%2C31085777%2C31086809&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fifs&iu_parts=187332344%3A11225321%2Cgeneric_160x600_(viva.co.id)_-_Sale&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600%7C120x600%7C120x240&ifi=1&sfv=1-0-40&eri=4&sc=1&cookie=ID%3Ddbbe56b4ca227fd8%3AT%3D1732655642%3ART%3D1732655642%3AS%3DALNI_MaNvc7n5WPIwW4pE9AbonYAJ01dMQ&gpic=UID%3D00000f9fbd5dd2c6%3AT%3D1732655642%3ART%3D1732655642%3AS%3DALNI_Max6heCYM-rPYz9Sw4K0jkby7EHIA&abxe=1&dt=1732655643716&adxs=555&adys=2359&biw=1600&bih=1200&isw=160&ish=600&scr_x=0&scr_y=0&btvi=1&ucis=igtys5ejsqg&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fpaddyofegans.com%2F&top=paddyofegans.com&vis=1&psz=160x600&msz=160x0&fws=260&ohw=160&td=1&egid=7353&tan=560cc053-c962-418d-baab-081dae745b43&tdf=2&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732655643382&idt=312&adks=390125801&frm=23&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

195f79d24a870e61cf1a315744117e31656cd898bcaa3392d80cd72b449af656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: br
google-lineitem-id: -2
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 26 Nov 2024 21:14:03 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://paddyofegans.com
content-length: 326
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
79c873eb841a3c001651f4050b696596.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 47BC 0
0 47ms
37ms Document
text/html 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://79c873eb841a3c001651f4050b696596.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Nov 2024 21:14:03 GMT
expires: Tue, 26 Nov 2024 21:14:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/ Frame 0195 492 KB
0 0ms
0ms Script
text/javascript 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: br
etag: 1421939719645060458
age: 2108
x-content-type-options: nosniff
expires: Wed, 26 Nov 2025 20:38:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 26 Nov 2024 20:38:54 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 155913
x-xss-protection: 0
server: cafe

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 0195 70 B
0 1ms
1ms XHR
application/json 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=paddyofegans.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

cc050811a0094195e8e37f5bc2c15573d781be915efc38919a78c8d83caecb58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 21:14:02 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 62
date: Tue, 26 Nov 2024 21:14:02 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET sodar2.js
ep2.adtrafficquality.google/sodar/ Frame 5378 0
0

GET sodar2.js
ep2.adtrafficquality.google/sodar/ Frame 4AD5 0
0

GET
H2 200 yads-async.js Show response
yads.c.yimg.jp/js/ 200 KB
55 KB 16ms
3ms Script
text/javascript 182.22.16.251
YAHOO Yahoo Japan...

General

Check archive.org

Show headers Download Go to

Full URL: https://yads.c.yimg.jp/js/yads-async.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 182.22.16.251 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software: DragonStorage /
Resource Hash: 0e40fbdfb7a492514bea027d03dcf78a40d3dea6500413a79aa85df804aa549c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
etag: "ee9e13090ecc09c2c41d14086edd58b0"
age: 37
date: Tue, 26 Nov 2024 21:13:26 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Tue, 19 Nov 2024 08:02:52 GMT
cache-control: public, max-age=600, stale-while-revalidate=1200
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
ats-carp-promotion: 1
x-amz-request-id: 60ac2dc4-e10a-46cc-a357-ccd6ce9b5047
permissions-policy: ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
accept-ranges: bytes
content-length: 56257
server: DragonStorage
x-amz-server-side-encryption: AES256

GET
H2 200 prebid-v8.52.1.js Show response
cpt.geniee.jp/hb/v1/lib/ 447 KB
0 0ms
0ms Script
application/javascript 133.186.12.49
TOKAI TOKAI Commu...

General

Check archive.org

Show headers Download Go to

Full URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v8.52.1.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/grumi-ip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 133.186.12.49 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS: p049.net133186012.broadline.ne.jp
Software: nginx /
Resource Hash: 197e9bb0f9f3a4ffd839cd317a7069237f2063571dc5555a169683422b04f25d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: max-age=86400, private
content-encoding: gzip
etag: W/"66fb92f7-6fc46"
cross-origin-resource-policy: cross-origin
expires: Wed, 27 Nov 2024 21:14:02 GMT
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: application/javascript
last-modified: Tue, 01 Oct 2024 06:13:11 GMT
server: nginx

GET
H2 200 gnshbrequest-v4.6.11.js Show response
cpt.geniee.jp/hb/v1/lib/ 153 KB
56 KB 10ms
9ms Script
application/javascript 133.186.12.49
TOKAI TOKAI Commu...

General

Check archive.org

Show headers Download Go to

Full URL: https://cpt.geniee.jp/hb/v1/lib/gnshbrequest-v4.6.11.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/grumi-ip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 133.186.12.49 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS: p049.net133186012.broadline.ne.jp
Software: nginx /
Resource Hash: 18dc789f2bad7f30369899fd861232ba5cefe0e97d9851bac4dfa4f930dfdf4a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: max-age=86400, private
content-encoding: gzip
etag: W/"673afba6-26457"
cross-origin-resource-policy: cross-origin
expires: Wed, 27 Nov 2024 21:14:03 GMT
date: Tue, 26 Nov 2024 21:14:03 GMT
content-type: application/javascript
last-modified: Mon, 18 Nov 2024 08:32:38 GMT
server: nginx

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
903 B 5ms
4ms Fetch
application/json 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20241127

Requested by

Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v8.52.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

99f94b5e179c32e6a375c7df32c224fad6786034ca17f29c276e17ec21a55668

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://paddyofegans.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"63e-SQyiSNozgpVUijfdOaz2khbe23g"
age: 18792
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Tue, 26 Nov 2024 21:14:03 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230103-FRA, cache-nrt-rjtf7700075-NRT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 831
x-jsd-version: 1.0.2252

GET
H2 200 topicsapi.html
topics.authorizedvault.com/ Frame 65D4 0
0 1ms
1ms Document
text/html 2a02:6ea0:d300::33
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://topics.authorizedvault.com/topicsapi.html?bidder=rtbhouse
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:d300::33 Tokyo, Japan, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=604800
content-encoding: gzip
content-type: text/html
date: Tue, 26 Nov 2024 21:14:02 GMT
etag: W/"b1da2234a554ee8bc6519a75d88402d9"
expires: Sun, 07 Jan 2024 22:30:26 GMT
last-modified: Mon, 26 Jun 2023 15:39:25 GMT
server: CDN77-Turbo
vary: Accept-Encoding
via: 1.1 google
x-77-age: 171770
x-77-cache: HIT
x-77-nzt: EwwBsvnVAQH3+p4CAAwBWbugFQH3FpsAAAwB1GY4EQH3AAAAAA
x-77-nzt-ray: f18b3a1aab117a1b1a3a46675768e510
x-77-pop: tokyoJP
x-goog-generation: 1687793965818864
x-goog-hash: crc32c=LvKeBQ== md5=sdoiNKVU7ovGUZp12IQC2Q==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1404
x-guploader-uploadid: ABPtcPoZDS7_aCon-JVvX7xEB5qiduXohRxhaUJEcurJnHQA4lh4mfE-NaoMpM1Avb2HKdtYrSbrQ63T

GET
H2 200 topics_frame.html
ads.pubmatic.com/AdServer/js/topics/ Frame 7FE6 0
0 0ms
0ms Document
text/html 23.32.224.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/grumi-ip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.224.239 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-224-239.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=160044
content-encoding: gzip
content-length: 859
content-type: text/html
date: Tue, 26 Nov 2024 21:14:02 GMT
expires: Thu, 28 Nov 2024 17:41:26 GMT
last-modified: Tue, 21 Mar 2023 05:02:13 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 topics_frame.html
creative-p.undertone.com/spk-public/ Frame F081 0
0 39ms
10ms Document
text/html 2600:9000:2047:a800:10:b8e:a980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://creative-p.undertone.com/spk-public/topics_frame.html?bidder=undertone
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2047:a800:10:b8e:a980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 79652
content-encoding: gzip
content-type: text/html
date: Mon, 25 Nov 2024 23:06:32 GMT
etag: W/"da9ad7ee298e6db286cad67335082336"
last-modified: Wed, 21 Feb 2024 13:45:25 GMT
server: AmazonS3
vary: accept-encoding
via: 1.1 c4fefa035d4e095079e2e6d179023316.cloudfront.net (CloudFront)
x-amz-cf-id: VeI0LSbdQ4UPFBFX7rVfTXGS2NNuANg4iv5GeV5q9_VI8ZI3nhFE6g==
x-amz-cf-pop: KIX56-C1
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: a.cedyVLVwa.c4ZBAWy8QMPd_T4tR8MS
x-cache: Hit from cloudfront

GET
H2 200 taboola-prebid-browsing-topics.html
cdn.taboola.com/libtrc/static/topics/ Frame 4638 0
0 1ms
0ms Document
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/topics/taboola-prebid-browsing-topics.html?bidder=taboola
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

abp: 32
accept-ranges: bytes
access-control-allow-origin: *
age: 10
cache-control: private,max-age=31536000
content-encoding: gzip
content-length: 539
content-type: text/html
date: Tue, 26 Nov 2024 21:14:02 GMT
etag: "3a04a0889d22f29ff26db71b6559fec1"
last-modified: Tue, 20 Feb 2024 14:00:18 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 varnish
x-amz-id-2: /1Y0i0JAl6NUj6qgnnwEj19h6UUaLsehqCJMKCUmbl1H1n6lwq+jAZR3pysP1RfGmsuvevM3F8A=
x-amz-replication-status: COMPLETED
x-amz-request-id: MZXH0739VTF4ZNVZ
x-amz-server-side-encryption: AES256
x-amz-version-id: x9X4oBHDSMJ3A3AgD4XG8_3AHqwdsw1t
x-cache: HIT
x-cache-hits: 6
x-served-by: cache-nrt-rjtf7700091-NRT
x-timer: S1732655642.089125,VS0,VE0

GET 6dccbf26-4653-4600-9af9-4c299df92bc1
https://paddyofegans.com/ Frame 0
0

GET 378230d1-2261-4fe3-b33d-b097f7e961c1
https://paddyofegans.com/ Frame 0
0

POST
H2 200 / Show response
shb.richaudience.com/hb/ 0
174 B 211ms
69ms Fetch
application/json 103.253.24.61
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v8.52.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.253.24.61 , Singapore, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://paddyofegans.com/

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-origin: https://paddyofegans.com
content-length: 0
date: Tue, 26 Nov 2024 21:14:03 GMT
content-type: application/json; charset=utf-8
vary: Origin
server: nginx/1.14.1

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 375 B
409 B 74ms
73ms Fetch
application/json 69.173.158.65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10724&site_id=169060&zone_id=3612794&size_id=15&alt_size_ids=13%2C14%2C16&rp_schain=1.0,1!genieesspv.jp,0,1,,,&eid_criteo.com=wgVUB19KMmRWNEh5MGUzOUVRcUJpWEo3bDBKRjdVMWNXS1VPb0JmQUN1TyUyRjJsTG8lMkZ4QWJ3c2U5JTJCd2NhN2VwY0REYUZudEhwUUs0bWpMNzhESWNhJTJCVEVsakR3JTNEJTNE%5E1&eid_pubcid.org=44dc169e-9f3b-41ad-b511-0017602b9b3b%5E1&rf=https%3A%2F%2Fpaddyofegans.com%2F&kw=index%2Cfollow%2Cadirabet%2Cadirabetslot%2Cadirabelogin%2Csetyobudiyanto%2Cdpr%2Ckpk&tg_i.domain=paddyofegans.com&tg_i.page=https%3A%2F%2Fpaddyofegans.com%2F&tk_flint=pbjs_lite_v8.52.1&l_pb_bid_id=435bb376164027&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&m_ch_mobile=%3F0&slots=1&rand=0.5442409121057803
Requested by: Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v8.52.1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.27.2 /
Resource Hash: 19a2c3304531b50550fa9626f5387557cb2c8b6014eba624ef22e485416280ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://paddyofegans.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://paddyofegans.com
content-length: 375
date: Tue, 26 Nov 2024 21:14:03 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.27.2

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
222 B 47ms
45ms Fetch
text/plain 35.227.252.103
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v8.52.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 7a9ce12caa7711c118b895afea409ac2364c1bbebbac564aad00c0888021f9a8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
x-forwarded-for: 146.70.201.215
access-control-allow-credentials: true
observe-browsing-topics: ?1
via: 1.1 google
access-control-allow-origin: https://paddyofegans.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: text/plain
vary: Origin

POST
H2 200 v1 Show response
prg-apac.smartadserver.com/prebid/ 1 KB
1 KB 194ms
189ms Fetch
application/json 23.106.127.34
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v8.52.1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.106.127.34 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software: /
Resource Hash: e29dcde844b6d66ec6151e53486a87d44d82c819bbc43c178ad08a34eb1e1b92

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://paddyofegans.com/

Response headers

cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://paddyofegans.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Tue, 26 Nov 2024 21:14:03 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding, Origin

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/2060/ 64 KB
22 KB 33ms
2ms Script
application/javascript 23.52.168.23
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/2060/smart.js
Requested by: Host: paddyofegans.com
URL: https://paddyofegans.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.168.23 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-52-168-23.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 331b630c02c679387d8ad27d215690e546ce696be367b6b0c386a9c2e6285c7a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

Cache-Control: public, max-age=7200
Content-Encoding: gzip
Connection: keep-alive
Expires: Tue, 26 Nov 2024 23:14:03 GMT
Content-Length: 22643
Date: Tue, 26 Nov 2024 21:14:03 GMT
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding

GET
H2 200 syncframe
gum.criteo.com/ Frame 645A 0
0 7ms
3ms Document
text/html 2406:2600:4::b
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=paddyofegans.com

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 26 Nov 2024 21:14:03 GMT
server: Kestrel
server-processing-duration-in-ticks: 903826
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET sodar2.js
ep2.adtrafficquality.google/sodar/ Frame 4846 0
0

GET sodar2.js
ep2.adtrafficquality.google/sodar/ Frame CED9 0
0

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame C209 0
0 0ms
0ms Document
text/html 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1052
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 28994
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Nov 2024 20:56:30 GMT
expires: Tue, 26 Nov 2024 21:46:30 GMT
last-modified: Mon, 18 Nov 2024 20:43:40 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ Frame 0195 17 KB
13 KB 52ms
52ms XHR
application/json 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202411180101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

d00ab33f6c576c5e36dbb9b17b106daecfc4968dd26bfc5de61ae48f52765158

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13121
date: Tue, 26 Nov 2024 21:14:03 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 0195 635 B
352 B 59ms
59ms Fetch
text/plain 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1904248662076451&correlator=1672087077410347&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fifs&iu_parts=187332344%3A11225321%2Cgeneric_300x600_(viva.co.id)_-_Zero&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250%7C300x300%7C160x600%7C250x250%7C120x600%7C240x400%7C300x337%7C250x360%7C300x480%7C300x319%7C300x465%7C300x359%7C300x470%7C300x368%7C300x360%7C300x476%7C300x332&ifi=1&sfv=1-0-40&eri=4&sc=1&cookie=ID%3Ddbbe56b4ca227fd8%3AT%3D1732655642%3ART%3D1732655642%3AS%3DALNI_MaNvc7n5WPIwW4pE9AbonYAJ01dMQ&gpic=UID%3D00000f9fbd5dd2c6%3AT%3D1732655642%3ART%3D1732655642%3AS%3DALNI_Max6heCYM-rPYz9Sw4K0jkby7EHIA&abxe=1&dt=1732655643922&adxs=485&adys=1459&biw=1600&bih=1200&isw=300&ish=600&scr_x=0&scr_y=0&btvi=1&ucis=jg8laboh8e5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fpaddyofegans.com%2F&top=paddyofegans.com&vis=1&psz=300x600&msz=300x0&fws=260&ohw=300&td=1&egid=7353&tan=f1615df9-8d1e-47f0-80de-2991c78796f9&tdf=2&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732655643537&idt=356&adks=3207003500&frm=23&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

2aeabedf81a09caa32835518eef0cad17d2e8e3ac58e1898e72b665cd1c371c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: br
google-lineitem-id: -2
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 26 Nov 2024 21:14:03 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://paddyofegans.com
content-length: 323
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
488e4f192ad925b4a575ad2fc52cc3d3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B8A7 0
0 48ms
38ms Document
text/html 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://488e4f192ad925b4a575ad2fc52cc3d3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Nov 2024 21:14:03 GMT
expires: Tue, 26 Nov 2024 21:14:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 107 KB
0 0ms
0ms Script
text/javascript 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

3c958c27c30ca5cb798719c52355a13ea7abcac9bc3b4d6f20fcdb8841eae4da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: br
etag: 883 / 20053 / m202411180101 / config-hash: 2173145291705866055
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 21:14:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33304
x-xss-protection: 0
server: cafe

GET sodar2.js
ep2.adtrafficquality.google/sodar/ Frame C82B 0
0

GET sodar2.js
ep2.adtrafficquality.google/sodar/ Frame 3635 0
0

GET gen_204
pagead2.googlesyndication.com/pagead/ Frame 4846 0
0

GET
BLOB 206
Partial Content 4e045f3d-12b5-4e81-9eaf-db73bafd8214
https://paddyofegans.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://paddyofegans.com/4e045f3d-12b5-4e81-9eaf-db73bafd8214
Requested by: Host: paddyofegans.com
URL: https://paddyofegans.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

Content-Type: video/mp4
Content-Range: bytes 0-1492/1493
Content-Length: 1493

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ Frame 0195 18 KB
0 0ms
0ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 21:14:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 21:14:03 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
209 B 74ms
73ms XHR
application/json 69.173.158.92
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.158.92 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 0e52f4ec0cf643b8c59da7d18ac189447d5c5eb1e127dcf0fca48f2ede840db3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://paddyofegans.com
content-length: 175
x-prebid: pbs-java/3.15.0
content-type: application/json
vary: origin

GET
H2 200 ROS Show response
pbjs.e-planning.net/pbjs/1/76d41/1/paddyofegans.com/ 2 B
157 B 84ms
83ms XHR
text/plain 64.120.110.137
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/pbjs/1/76d41/1/paddyofegans.com/ROS?rnd=0.7440840049153046&e=1443519%3A300x250%2C728x90%2C300x600%2C970x250%2C970x310%2C300x300%2C336x280%2C1000x310%2C970x210%2C900x250%2C994x250%2C998x200%2C950x300%2C930x180%2C750x100%2C1000x210%2C776x200%2C1000x300%2C1000x250%2C750x200%7C0&ur=https%3A%2F%2Fpaddyofegans.com%2F&pbv=8.18.0&ncb=1&vs=F&crs=UTF-8
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.120.110.137 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

x-sid: SIN-596
access-control-allow-origin: https://paddyofegans.com
content-length: 2
date: Tue, 26 Nov 2024 21:14:04 GMT
content-type: text/plain
server: openresty
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
194 B 4ms
3ms XHR
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=159&profileId=184&cb=59615710819

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://paddyofegans.com/

Response headers

cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:04 GMT
vary: Origin
server: Kestrel
access-control-allow-credentials: true

POST
H2 200 prebid Show response
r2b2-apac.adnxs.com/ut/v3/ 162 B
1 KB 162ms
161ms XHR
application/json 103.43.90.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://r2b2-apac.adnxs.com/ut/v3/prebid

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.149 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

608.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

808017caa663b06be775557aa150a78f82c5570d5ad682c4fd6fd9fdfcb7c67f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 146.70.201.215; 146.70.201.215; 608.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://paddyofegans.com
an-x-request-uuid: 5b17c21f-a5bb-4692-a392-7a9c2d41e861
content-length: 162
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Tue, 26 Nov 2024 21:14:04 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
server: nginx/1.23.4

POST
H/1.1 204
No Content translator Show response
openbid.pubmatic.com/ 0
211 B 9ms
8ms XHR
text/plain 207.65.34.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://openbid.pubmatic.com/translator?pubId=158361
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.79 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Origin: https://paddyofegans.com
Date: Tue, 26 Nov 2024 21:14:02 GMT
Access-Control-Allow-Credentials: true

POST
H2 200 dsh Show response
hb.adscale.de/ 11 B
227 B 244ms
243ms XHR
text/plain 35.156.62.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adscale.de/dsh
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.62.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-62-221.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

x-robots-tag: none
cache-control: no-cache
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:04 GMT
content-type: text/plain
vary: origin

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 312 B
368 B 73ms
73ms XHR
application/json 69.173.158.65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21794&site_id=557564&zone_id=3500676&size_id=94&alt_size_ids=57%2C10%2C15%2C2&p_pos=atf&rf=https%3A%2F%2Fpaddyofegans.com%2F&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6837489306671627&rp_schain=1.0%2C1!r2b2.cz%2C3535%2C1%2C%2C%2C&dsarequired=0
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.27.2 /
Resource Hash: be2538b4cc7a24872e2d4b15b4e0848f03bef80066ea8ca278ebe7b21aac48e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://paddyofegans.com
content-length: 312
date: Tue, 26 Nov 2024 21:14:04 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.27.2

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
194 B 4ms
3ms XHR
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=159&profileId=184&cb=8183520732

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://paddyofegans.com/

Response headers

cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:03 GMT
vary: Origin
server: Kestrel
access-control-allow-credentials: true

POST
H2 200 prebid Show response
r2b2-apac.adnxs.com/ut/v3/ 162 B
1 KB 140ms
139ms XHR
application/json 103.43.90.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://r2b2-apac.adnxs.com/ut/v3/prebid

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.149 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

608.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

61ee5fef28d2e392ccbacd1a2f0f3a3f54b898e024c234ddbd35d0a0045c51dd

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 146.70.201.215; 146.70.201.215; 608.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://paddyofegans.com
an-x-request-uuid: e4c3b0da-60fd-4491-95a5-91e4c731d00c
content-length: 162
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Tue, 26 Nov 2024 21:14:04 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
server: nginx/1.23.4

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
412 B 72ms
71ms XHR
application/json 51.79.154.29
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.79.154.29 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip29.ip-51-79-154.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://paddyofegans.com
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
content-length: 41
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
178 B 244ms
244ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS RTB...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS RTB Marketing and Tech Services Ltd, CY),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

access-control-max-age: 3600
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:04 GMT
vary: Origin
access-control-allow-credentials: true
access-control-allow-methods: POST

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
41 B 72ms
71ms XHR
text/plain 131.153.206.100
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 131.153.206.100 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 3
access-control-allow-credentials: true
x-nbr: 2b
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:03 GMT
vary: origin, accept-encoding, Accept-Encoding
server: envoy

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
178 B 248ms
246ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS RTB...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS RTB Marketing and Tech Services Ltd, CY),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

access-control-max-age: 3600
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:04 GMT
vary: Origin
access-control-allow-credentials: true
access-control-allow-methods: POST

GET
H2 200 topics.js Show response
ced-ns.sascdn.com/diff/js/modules/ 10 KB
3 KB 35ms
5ms Script
application/x-javascript 192.229.237.180
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/js/modules/topics.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.237.180 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (tkb/73C8) /
Resource Hash: af005746e99b6b5e3721759fc55588fddcb000a054990ad799ea309adffa5a04

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: max-age=86400
content-encoding: gzip
etag: "b5228c416b8e80db61b64afe15dbdd77:1727944397.510969"
age: 43209
accept-ranges: bytes
x-cache: HIT
content-length: 3341
date: Tue, 26 Nov 2024 21:14:04 GMT
content-type: application/x-javascript
last-modified: Thu, 03 Oct 2024 08:30:16 GMT
server: ECS (tkb/73C8)
vary: Accept-Encoding

GET
H2 200 ROS Show response
pbjs.e-planning.net/pbjs/1/76d41/1/paddyofegans.com/ 2 B
157 B 83ms
83ms XHR
text/plain 64.120.110.137
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/pbjs/1/76d41/1/paddyofegans.com/ROS?rnd=0.17092263174780364&e=1443007%3A320x50%2C300x50%2C292x30%2C300x31%7C0&ur=https%3A%2F%2Fpaddyofegans.com%2F&pbv=8.18.0&ncb=1&vs=F&crs=UTF-8
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.120.110.137 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

x-sid: SIN-596
access-control-allow-origin: https://paddyofegans.com
content-length: 2
date: Tue, 26 Nov 2024 21:14:04 GMT
content-type: text/plain
server: openresty
access-control-allow-credentials: true

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
208 B 75ms
72ms XHR
application/json 69.173.158.92
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.158.92 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: b36cbc26fff216753d23ddb64c13cc99dcd0aadf165faac09185ffe97964c345

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://paddyofegans.com
content-length: 174
x-prebid: pbs-java/3.15.0
content-type: application/json
vary: origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
194 B 5ms
2ms XHR
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=159&profileId=184&cb=77313961555

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://paddyofegans.com/

Response headers

cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:03 GMT
vary: Origin
server: Kestrel
access-control-allow-credentials: true

POST
H2 200 prebid Show response
r2b2-apac.adnxs.com/ut/v3/ 162 B
1 KB 150ms
147ms XHR
application/json 103.43.90.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://r2b2-apac.adnxs.com/ut/v3/prebid

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.149 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

608.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

3b6365915c2f81b09abd7b3749f5e61e3d65451800201413827014728932ffc9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 146.70.201.215; 146.70.201.215; 608.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://paddyofegans.com
an-x-request-uuid: 5ffb7696-7090-4307-aced-407dfe50ff5f
content-length: 162
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Tue, 26 Nov 2024 21:14:04 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
server: nginx/1.23.4

POST
H/1.1 204
No Content translator Show response
openbid.pubmatic.com/ 0
211 B 9ms
8ms XHR
text/plain 207.65.34.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://openbid.pubmatic.com/translator?pubId=158361
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.79 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Origin: https://paddyofegans.com
Date: Tue, 26 Nov 2024 21:14:02 GMT
Access-Control-Allow-Credentials: true

POST
H2 200 dsh Show response
hb.adscale.de/ 11 B
227 B 241ms
238ms XHR
text/plain 35.156.62.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adscale.de/dsh
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.62.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-62-221.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

x-robots-tag: none
cache-control: no-cache
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:04 GMT
content-type: text/plain
vary: origin

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 304 B
338 B 75ms
73ms XHR
application/json 69.173.158.65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21794&site_id=557564&zone_id=3500730&size_id=43&alt_size_ids=44&p_pos=atf&rf=https%3A%2F%2Fpaddyofegans.com%2F&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9837863056922245&rp_schain=1.0%2C1!r2b2.cz%2C3535%2C1%2C%2C%2C&dsarequired=0
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.27.2 /
Resource Hash: 5646e62d6808b7325b68722ba8bc9c8b31684ff4929e920a1f4b7b8b6658f66c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://paddyofegans.com
content-length: 304
date: Tue, 26 Nov 2024 21:14:04 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.27.2

POST
H2 200 prebid Show response
r2b2-apac.adnxs.com/ut/v3/ 162 B
1 KB 173ms
166ms XHR
application/json 103.43.90.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://r2b2-apac.adnxs.com/ut/v3/prebid

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.149 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

608.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

cde8b6a5f5fb1895f68d6fcc846070360a5ee4c391ed0d2c8696c9ff795d9c57

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 146.70.201.215; 146.70.201.215; 608.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://paddyofegans.com
an-x-request-uuid: 09e592da-dfba-4e9b-b183-6786434944bd
content-length: 162
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Tue, 26 Nov 2024 21:14:04 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
server: nginx/1.23.4

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
194 B 9ms
2ms XHR
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=159&profileId=184&cb=66104666608

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://paddyofegans.com/

Response headers

cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:03 GMT
vary: Origin
server: Kestrel
access-control-allow-credentials: true

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
412 B 77ms
70ms XHR
application/json 51.79.154.29
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.79.154.29 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip29.ip-51-79-154.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://paddyofegans.com
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
content-length: 41
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
178 B 247ms
240ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS RTB...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS RTB Marketing and Tech Services Ltd, CY),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

access-control-max-age: 3600
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:04 GMT
vary: Origin
access-control-allow-credentials: true
access-control-allow-methods: POST

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
18 B 78ms
70ms XHR
text/plain 131.153.206.100
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 131.153.206.100 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 2
access-control-allow-credentials: true
x-nbr: 2b
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:03 GMT
vary: origin, accept-encoding, Accept-Encoding
server: envoy

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
178 B 250ms
242ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS RTB...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS RTB Marketing and Tech Services Ltd, CY),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

access-control-max-age: 3600
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:04 GMT
vary: Origin
access-control-allow-credentials: true
access-control-allow-methods: POST

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
207 B 80ms
73ms XHR
application/json 69.173.158.92
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.158.92 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a67d9e9e9338d73bd1575e3f219948a095b8b97fb3554311b28653b01f889afb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://paddyofegans.com
content-length: 173
x-prebid: pbs-java/3.15.0
content-type: application/json
vary: origin

GET
H2 200 ROS Show response
pbjs.e-planning.net/pbjs/1/76d41/1/paddyofegans.com/ 2 B
157 B 88ms
83ms XHR
text/plain 64.120.110.137
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/pbjs/1/76d41/1/paddyofegans.com/ROS?rnd=0.6205166873675643&e=1443051%3A160x600%2C120x600%2C120x240%7C0&ur=https%3A%2F%2Fpaddyofegans.com%2F&pbv=8.18.0&ncb=1&vs=F&crs=UTF-8
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.120.110.137 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

x-sid: SIN-596
access-control-allow-origin: https://paddyofegans.com
content-length: 2
date: Tue, 26 Nov 2024 21:14:04 GMT
content-type: text/plain
server: openresty
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
194 B 11ms
5ms XHR
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=159&profileId=184&cb=91433999854

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://paddyofegans.com/

Response headers

cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:03 GMT
vary: Origin
server: Kestrel
access-control-allow-credentials: true

POST
H2 200 prebid Show response
r2b2-apac.adnxs.com/ut/v3/ 162 B
1 KB 148ms
142ms XHR
application/json 103.43.90.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://r2b2-apac.adnxs.com/ut/v3/prebid

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.149 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

608.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

5cd78e7d225f3516a3530ef8044df661d4431d9990b3f53d579005a4afb217e9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 146.70.201.215; 146.70.201.215; 608.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://paddyofegans.com
an-x-request-uuid: cf2556dd-85c0-467b-8fe1-02915855a162
content-length: 162
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Tue, 26 Nov 2024 21:14:04 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
server: nginx/1.23.4

POST
H/1.1 204
No Content translator Show response
openbid.pubmatic.com/ 0
211 B 12ms
7ms XHR
text/plain 207.65.34.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://openbid.pubmatic.com/translator?pubId=158361
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.79 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Origin: https://paddyofegans.com
Date: Tue, 26 Nov 2024 21:14:03 GMT
Access-Control-Allow-Credentials: true

POST
H2 200 dsh Show response
hb.adscale.de/ 11 B
227 B 430ms
423ms XHR
text/plain 35.156.62.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adscale.de/dsh
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.62.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-62-221.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

x-robots-tag: none
cache-control: no-cache
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:04 GMT
content-type: text/plain
vary: origin

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 302 B
335 B 78ms
74ms XHR
application/json 69.173.158.65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21794&site_id=557564&zone_id=3520658&size_id=9&alt_size_ids=8&p_pos=atf&rf=https%3A%2F%2Fpaddyofegans.com%2F&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.12231768630237605&rp_schain=1.0%2C1!r2b2.cz%2C3535%2C1%2C%2C%2C&dsarequired=0
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.27.2 /
Resource Hash: eab9b5898ef60613d8c1ad893d2e8f58083910374eaa2462f0a1c146fa250cb0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://paddyofegans.com
content-length: 302
date: Tue, 26 Nov 2024 21:14:04 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.27.2

POST
H2 200 prebid Show response
r2b2-apac.adnxs.com/ut/v3/ 161 B
1 KB 146ms
142ms XHR
application/json 103.43.90.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://r2b2-apac.adnxs.com/ut/v3/prebid

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.149 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

608.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

bf8cfa06c78d1b9b145322f73be40e48199dc5dbf391e4d55a8c267a4f13b4b3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 146.70.201.215; 146.70.201.215; 608.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://paddyofegans.com
an-x-request-uuid: 34f5e4e1-f7ec-4a27-9aaf-8c82db3889a1
content-length: 161
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Tue, 26 Nov 2024 21:14:04 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
server: nginx/1.23.4

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
194 B 8ms
3ms XHR
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=159&profileId=184&cb=77280419631

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://paddyofegans.com/

Response headers

cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:03 GMT
vary: Origin
server: Kestrel
access-control-allow-credentials: true

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
412 B 75ms
70ms XHR
application/json 51.79.154.29
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.79.154.29 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip29.ip-51-79-154.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://paddyofegans.com
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
content-length: 41
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
178 B 253ms
248ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS RTB...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS RTB Marketing and Tech Services Ltd, CY),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

access-control-max-age: 3600
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:04 GMT
vary: Origin
access-control-allow-credentials: true
access-control-allow-methods: POST

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
18 B 74ms
69ms XHR
text/plain 131.153.206.100
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 131.153.206.100 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 2
access-control-allow-credentials: true
x-nbr: 2b
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:03 GMT
vary: origin, accept-encoding, Accept-Encoding
server: envoy

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
178 B 266ms
261ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS RTB...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS RTB Marketing and Tech Services Ltd, CY),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

access-control-max-age: 3600
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:04 GMT
vary: Origin
access-control-allow-credentials: true
access-control-allow-methods: POST

POST
H2 204 events
bidder.criteo.com/csm/ 0
194 B 5ms
2ms Ping
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:03 GMT
vary: Origin
server: Kestrel
access-control-allow-credentials: true

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
0 1ms
1ms Image
image/gif 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: paddyofegans.com
URL: https://paddyofegans.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: max-age=31104000, public
timing-allow-origin: *
etag: "493ea254-2b"
cross-origin-resource-policy: cross-origin
expires: Fri, 21 Nov 2025 21:14:02 GMT
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: image/gif
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
0 2ms
2ms Image
image/gif 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: paddyofegans.com
URL: https://paddyofegans.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: max-age=31104000, public
timing-allow-origin: *
etag: "493ea254-2b"
cross-origin-resource-policy: cross-origin
expires: Fri, 21 Nov 2025 21:14:02 GMT
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: image/gif
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx

POST
H2 204 events
bidder.criteo.com/csm/ 0
194 B 4ms
2ms Ping
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:03 GMT
vary: Origin
server: Kestrel
access-control-allow-credentials: true

POST
H2 204 events
bidder.criteo.com/csm/ 0
194 B 4ms
2ms Ping
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:03 GMT
vary: Origin
server: Kestrel
access-control-allow-credentials: true

POST
H2 204 events
bidder.criteo.com/csm/ 0
194 B 5ms
3ms Ping
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:03 GMT
vary: Origin
server: Kestrel
access-control-allow-credentials: true

POST
H2 204 events
bidder.criteo.com/csm/ 0
194 B 6ms
3ms Ping
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:03 GMT
vary: Origin
server: Kestrel
access-control-allow-credentials: true

POST
H2 204 events
bidder.criteo.com/csm/ 0
194 B 5ms
3ms Ping
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paddyofegans.com/

Response headers

cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:04 GMT
vary: Origin
server: Kestrel
access-control-allow-credentials: true

GET
H2 200 topics_frame.html
ced-ns.sascdn.com/diff/js/assets/ Frame 1537 0
0 261ms
4ms Document
text/html 192.229.237.180
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/js/assets/topics_frame.html
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.237.180 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (tkb/73C9) /
Resource Hash

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 72684
cache-control: max-age=86400
content-encoding: gzip
content-length: 154
content-type: text/html
date: Tue, 26 Nov 2024 21:14:04 GMT
etag: "f0d2e72b7a1131e32549d3713c834900:1715760824.259072"
last-modified: Wed, 15 May 2024 08:11:55 GMT
server: ECS (tkb/73C9)
vary: Accept-Encoding
x-cache: HIT

OPTIONS
H2 204 genericpost
www18.smartadserver.com/ Frame 0
0 278ms
84ms Preflight 23.106.127.161
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://www18.smartadserver.com/genericpost
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.106.127.161 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,save-data,traceparent,tracestate
Access-Control-Request-Method: POST
Origin: https://paddyofegans.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,save-data,traceparent,tracestate
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:04 GMT
vary: Origin

POST
H2 200 genericpost Show response
www18.smartadserver.com/ 22 B
697 B 99ms
98ms XHR
application/javascript 23.106.127.34
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://www18.smartadserver.com/genericpost
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/2060/smart.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.106.127.34 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software: /
Resource Hash: e44c51c44d98e56e70bfdd2a2a9fe73171015812ac7cdb4ce599b66f92b8fde1

Request headers

traceparent: 00-e6d9bfe6247aeeadc1ee9275498b5cd3-2cfe3a5e166807ec-00
Save-Data: off
Referer: https://paddyofegans.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/javascript
tracestate: eqtv-source=smartjs

Response headers

cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://paddyofegans.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Tue, 26 Nov 2024 21:14:03 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Origin

GET
H3 200 /
c.mgid.com/pv/ 43 B
205 B 163ms
157ms Image
image/gif 104.19.129.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.mgid.com/pv/?lu=https%3A%2F%2Fpaddyofegans.com%2F&cbuster=1732655644090113022377&pvid=1936a52fdba9d44ff5c&implVersion=17&cxurl=https%3A%2F%2Fadirabet61.com%2F&site=524861&cid=1006337&i=1&scum=%3F0&scuw=%3F0

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-robots-tag: noindex
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
cf-ray: 8e8ce2cf9fa2d78b-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43
date: Tue, 26 Nov 2024 21:14:04 GMT
content-type: image/gif
server: cloudflare

GET
H3 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 21ms
14ms Image
image/svg+xml 104.19.129.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.mgid.com/images/mgid/mgid_ua.svg

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

x-robots-tag: noindex
content-encoding: br
cf-cache-status: HIT
x-amz-version-id: null
etag: W/"617c205137825561208ef7c1a2d8f319"
age: 2660
expires: Wed, 27 Nov 2024 21:14:04 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:04 GMT
content-type: image/svg+xml
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
vary: Accept-Encoding
x-amz-id-2: YD8eSaAKRlSK8UQJymAA5tT1nGvz1bCouM3cwFyEgNAl7scsycqJf659cLJIP56xWrPrlhjuvTw=
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=86400
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
x-amz-request-id: GHSNDPYV5MP6K2YT
cf-ray: 8e8ce2d09918d78b-NRT
access-control-allow-origin: *
server: cloudflare

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
1 KB 16ms
9ms Image
image/svg+xml 104.19.129.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.mgid.com/images/logos/Adchoices.svg

Requested by

Host: paddyofegans.com
URL: https://paddyofegans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

x-robots-tag: noindex
content-encoding: br
cf-cache-status: HIT
x-amz-version-id: null
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
age: 1379
expires: Wed, 27 Nov 2024 21:14:04 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:04 GMT
content-type: image/svg+xml
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
vary: Accept-Encoding
x-amz-id-2: +N3Z0N/Kshclq4jrPKvmLy+mk3tyCyKUgB1N6zUHLdp5CEMwgXaY+pQ+tginQdiLJ7oicjWISEM=
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=86400
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
x-amz-request-id: 7B7HQBNSZ90QJPRT
cf-ray: 8e8ce2d09915d78b-NRT
access-control-allow-origin: *
server: cloudflare

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 50BE 107 KB
0 0ms
0ms Script
text/javascript 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

3c958c27c30ca5cb798719c52355a13ea7abcac9bc3b4d6f20fcdb8841eae4da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: br
etag: 883 / 20053 / m202411180101 / config-hash: 2173145291705866055
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 21:14:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33304
x-xss-protection: 0
server: cafe

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame A8F4 107 KB
0 0ms
0ms Script
text/javascript 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

3c958c27c30ca5cb798719c52355a13ea7abcac9bc3b4d6f20fcdb8841eae4da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: br
etag: 883 / 20053 / m202411180101 / config-hash: 2173145291705866055
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 21:14:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33304
x-xss-protection: 0
server: cafe

POST
H/1.1 204
No Content collect Show response
k.clarity.ms/ 0
280 B 319ms
317ms XHR
text/plain 172.175.38.6
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.175.38.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://paddyofegans.com/

Response headers

Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
Access-Control-Allow-Origin: https://paddyofegans.com
Date: Tue, 26 Nov 2024 21:14:04 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/ Frame 50BE 492 KB
0 0ms
0ms Script
text/javascript 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: br
etag: 1421939719645060458
age: 2108
x-content-type-options: nosniff
expires: Wed, 26 Nov 2025 20:38:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 26 Nov 2024 20:38:54 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 155913
x-xss-protection: 0
server: cafe

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 50BE 70 B
0 0ms
0ms XHR
application/json 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=paddyofegans.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

cc050811a0094195e8e37f5bc2c15573d781be915efc38919a78c8d83caecb58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 21:14:02 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 62
date: Tue, 26 Nov 2024 21:14:02 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/ Frame A8F4 492 KB
0 0ms
0ms Script
text/javascript 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: br
etag: 1421939719645060458
age: 2108
x-content-type-options: nosniff
expires: Wed, 26 Nov 2025 20:38:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 26 Nov 2024 20:38:54 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 155913
x-xss-protection: 0
server: cafe

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame A8F4 70 B
0 0ms
0ms XHR
application/json 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=paddyofegans.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

cc050811a0094195e8e37f5bc2c15573d781be915efc38919a78c8d83caecb58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 21:14:02 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 62
date: Tue, 26 Nov 2024 21:14:02 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 6AD7 0
0 0ms
0ms Document
text/html 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1052
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 28994
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Nov 2024 20:56:30 GMT
expires: Tue, 26 Nov 2024 21:46:30 GMT
last-modified: Mon, 18 Nov 2024 20:43:40 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ Frame 50BE 17 KB
13 KB 53ms
53ms XHR
application/json 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202411180101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

4810b8d81284695b488aa86277d3e08f3e4ef1f920a516beb2e768843f707162

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13394
date: Tue, 26 Nov 2024 21:14:04 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 50BE 522 B
267 B 62ms
62ms Fetch
text/plain 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=697321191536253&correlator=2355537584395315&eid=31088726%2C31089065%2C83320949%2C95340253%2C95340255&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fifs&iu_parts=187332344%3A11225321%2Cgeneric_sticky_(viva.co.id)_-_Zero&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x310%7C300x600%7C300x250%7C300x300%7C336x280%7C970x250%7C728x90%7C1000x310%7C970x210%7C900x250%7C994x250%7C998x200%7C950x300%7C930x180%7C750x100%7C1000x210%7C776x200%7C1000x300%7C1000x250%7C750x200&ifi=1&sfv=1-0-40&eri=4&sc=1&cookie=ID%3Ddbbe56b4ca227fd8%3AT%3D1732655642%3ART%3D1732655642%3AS%3DALNI_MaNvc7n5WPIwW4pE9AbonYAJ01dMQ&gpic=UID%3D00000f9fbd5dd2c6%3AT%3D1732655642%3ART%3D1732655642%3AS%3DALNI_Max6heCYM-rPYz9Sw4K0jkby7EHIA&abxe=1&dt=1732655644378&adxs=315&adys=890&biw=1600&bih=1200&isw=970&ish=310&scr_x=0&scr_y=0&btvi=0&ucis=ezc8me6rklpo&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fpaddyofegans.com%2F&top=paddyofegans.com&vis=1&psz=970x310&msz=970x0&fws=260&ohw=970&td=1&egid=7353&tan=629908ca-c507-454d-b68b-a00d926788e1&tdf=2&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732655644313&idt=48&adks=2425369784&frm=23&eo_id_str=ID%3D6f15a1cafde1785c%3AT%3D1732655643%3ART%3D1732655643%3AS%3DAA-AfjZyN65wLa4AXlJPAfZsmqCi

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

d1a435737d207bb8a6286f7cc55eeaee8268ac83b3b94e3b3c5115b0952ac8e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: br
google-lineitem-id: -2
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 26 Nov 2024 21:14:04 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://paddyofegans.com
content-length: 238
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
523d35f3b6d84a8f23c17db7b4f92b4b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 088D 0
0 44ms
37ms Document
text/html 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://523d35f3b6d84a8f23c17db7b4f92b4b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Nov 2024 21:14:04 GMT
expires: Tue, 26 Nov 2024 21:14:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame A942 0
0 1ms
0ms Document
text/html 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1052
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 28994
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Nov 2024 20:56:30 GMT
expires: Tue, 26 Nov 2024 21:46:30 GMT
last-modified: Mon, 18 Nov 2024 20:43:40 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ Frame A8F4 17 KB
13 KB 74ms
53ms XHR
application/json 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202411180101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

8b64d0e7aba46a94cfe25ce238945742d8bca02db181f2b29cb89b950fe30669

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13156
date: Tue, 26 Nov 2024 21:14:04 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame A8F4 521 B
267 B 58ms
58ms Fetch
text/plain 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1633943182902391&correlator=1231868676216682&eid=83320950&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fifs&iu_parts=187332344%3A11225321%2Cgeneric_320x50_(viva.co.id)_-_Zero&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x50%7C292x30%7C300x31&ifi=1&sfv=1-0-40&eri=4&sc=1&cookie=ID%3Ddbbe56b4ca227fd8%3AT%3D1732655642%3ART%3D1732655642%3AS%3DALNI_MaNvc7n5WPIwW4pE9AbonYAJ01dMQ&gpic=UID%3D00000f9fbd5dd2c6%3AT%3D1732655642%3ART%3D1732655642%3AS%3DALNI_Max6heCYM-rPYz9Sw4K0jkby7EHIA&abxe=1&dt=1732655644411&adxs=1675&adys=1460&biw=1600&bih=1200&isw=320&ish=50&scr_x=0&scr_y=0&btvi=1&ucis=re43njyh0ghh&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fpaddyofegans.com%2F&top=paddyofegans.com&vis=1&psz=320x50&msz=320x0&fws=260&ohw=320&td=1&egid=7353&tan=d1eb0218-adaa-4881-b442-094d10743ba0&tdf=2&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732655644321&idt=73&adks=3683079676&frm=23&eo_id_str=ID%3D6f15a1cafde1785c%3AT%3D1732655643%3ART%3D1732655643%3AS%3DAA-AfjZyN65wLa4AXlJPAfZsmqCi

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

d68741fa7391792ece329749d6a2f2621a22e6cd5d32a35995ddb2839cb2793b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: br
google-lineitem-id: -2
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 26 Nov 2024 21:14:04 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://paddyofegans.com
content-length: 238
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
124e66e75d2bbd3ab7884a0aaef82fd2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CF49 0
0 75ms
36ms Document
text/html 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://124e66e75d2bbd3ab7884a0aaef82fd2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Nov 2024 21:14:04 GMT
expires: Tue, 26 Nov 2024 21:14:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 viva.co.id.13.js Show response
js.content-rec.com/ 22 KB
6 KB 33ms
11ms Script
text/javascript 172.67.140.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.content-rec.com/viva.co.id.13.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.140.193 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db787c2c73ad2f3be8bffc511bae84670c56adf3dfed13bd33c3a03624b365bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "ef68df7838443454af2868fd9a4e03e2"
x-amz-version-id: QwMo9ac5aG6FjytmSA3ujoo6ADHp0Vz0
age: 4675
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gnh1y3s%2BusBpuYQJCaN1H84gqYQMz%2Bw7%2FPvaQusdbp6FxDCCe8oIhDKg44lrNN4TUSlRmRJMuD5ylWFXwq%2Bs2koqJosB8i%2BpfqSa2Q%2BbZYuoWmQX2O140f5n945A%2FgxZ9%2FsStqA%3D"}],"group":"cf-nel","max_age":604800}
traceparent: 00-53a21bfec976204d7276cca67307be1c-edb318bee7d4c9ce-01
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1404&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4249&recv_bytes=5624&delivery_rate=486114&cwnd=12000&unsent_bytes=0&cid=a086c641787be481&ts=18&x=1", cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 21:14:04 GMT
content-type: text/javascript
last-modified: Fri, 24 Mar 2023 07:10:56 GMT
vary: Accept-Encoding
x-amz-id-2: Vvh4W6g+QgQioHB3x/ZqmdYdtpRS3eTVGPqR0w7JGXJULNqGOrjm1LbTIuFQwGynsUfcUr5hatf9pAU/ORxAtg==
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-id: cc1-hw-edge-gc12
x-id-fe: cc1-hw-edge-gc22
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 0BM4DFFY5Z5X1MBW
cf-ray: 8e8ce2d1c886afc9-NRT
accept-ranges: bytes
content-length: 5337
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ Frame 50BE 18 KB
0 0ms
0ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 21:14:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 21:14:03 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H3 200 1 Show response
servicer.mgid.com/1006337/ 87 B
297 B 93ms
86ms Script
application/x-javascript 104.19.129.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicer.mgid.com/1006337/1?nocmp=1&scale_metric_1=64.00&scale_metric_2=320.00&scale_metric_3=100.00&w=0&h=-1&sz=0x0&szp=1,2,3,4,5,6,7,8,9,10,11,12,13,14,15&szl=1,2,3,4,5,6,7,8,9,10,11,12,13,14,15&sessionId=67463a1c-0395d&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Fpaddyofegans.com%2F&cbuster=173265564444948519712&pvid=1936a52fdba9d44ff5c&implVersion=17&cxurl=https%3A%2F%2Fadirabet61.com%2F&scum=%3F0&scuw=%3F0&mp4=1&ap=1&consentStrLen=0&ogtitle=ADIRABET%20Login%20Pusat%20Raja%20Slot%20Gampang%20Maxwin%20Pragmatic%20Play&uniqId=0a43b&childs=1503742&gptbid=1514363&niet=4g&nisd=false&jsp=head&pv=5&lct=1731987000&jsv=es6&pageView=1&dpr=1&ref=&hashCommit=ad6ab10a&apt=1&tfre=2881

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e147a75b08439cda03886851d5de1d5b5d7163b13ae8f638697f2dc4489cf572

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-robots-tag: noindex
content-encoding: gzip
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
cf-ray: 8e8ce2d1dae0d78b-NRT
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 21:14:04 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 4BF4 0
0

GET aframe
www.google.com/recaptcha/api2/ Frame E363 0
0

GET gen_204
pagead2.googlesyndication.com/pagead/ Frame 50BE 0
0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 7FDD 107 KB
0 0ms
0ms Script
text/javascript 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

3c958c27c30ca5cb798719c52355a13ea7abcac9bc3b4d6f20fcdb8841eae4da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: br
etag: 883 / 20053 / m202411180101 / config-hash: 2173145291705866055
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 21:14:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 26 Nov 2024 21:14:02 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33304
x-xss-protection: 0
server: cafe

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ Frame A8F4 18 KB
0 0ms
0ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 21:14:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 21:14:03 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/ Frame 7FDD 492 KB
0 0ms
0ms Script
text/javascript 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: br
etag: 1421939719645060458
age: 2108
x-content-type-options: nosniff
expires: Wed, 26 Nov 2025 20:38:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 26 Nov 2024 20:38:54 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 155913
x-xss-protection: 0
server: cafe

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 7FDD 70 B
0 0ms
0ms XHR
application/json 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=paddyofegans.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

cc050811a0094195e8e37f5bc2c15573d781be915efc38919a78c8d83caecb58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 21:14:02 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 62
date: Tue, 26 Nov 2024 21:14:02 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 7B8E 0
0 1ms
1ms Document
text/html 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1052
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 28994
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Nov 2024 20:56:30 GMT
expires: Tue, 26 Nov 2024 21:46:30 GMT
last-modified: Mon, 18 Nov 2024 20:43:40 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ Frame 7FDD 17 KB
13 KB 56ms
55ms XHR
application/json 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202411180101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

49821ff86d7c7a501316e75f5d7b1a0247d2dba9fc209a9221451d784bce7f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13372
date: Tue, 26 Nov 2024 21:14:04 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 ads
securepubads.g.doubleclick.net/gampad/ Frame 7FDD 523 B
0 59ms
59ms Fetch
text/plain 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2347994132616287&correlator=3759731726042676&eid=31088952&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fifs&iu_parts=187332344%3A11225321%2Cgeneric_160x600_(viva.co.id)_-_Zero&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600%7C120x600%7C120x240&ifi=1&sfv=1-0-40&eri=4&sc=1&cookie=ID%3Ddbbe56b4ca227fd8%3AT%3D1732655642%3ART%3D1732655642%3AS%3DALNI_MaNvc7n5WPIwW4pE9AbonYAJ01dMQ&gpic=UID%3D00000f9fbd5dd2c6%3AT%3D1732655642%3ART%3D1732655642%3AS%3DALNI_Max6heCYM-rPYz9Sw4K0jkby7EHIA&abxe=1&dt=1732655644533&adxs=1755&adys=1460&biw=1600&bih=1200&isw=160&ish=600&scr_x=0&scr_y=0&btvi=1&ucis=y3hcjiefig9a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fpaddyofegans.com%2F&top=paddyofegans.com&vis=1&psz=160x600&msz=160x0&fws=260&ohw=160&td=1&egid=7353&tan=4d17d8a5-16e0-4060-894b-4fe48a4eae20&tdf=2&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732655644481&idt=34&adks=3686055976&frm=23&eo_id_str=ID%3D6f15a1cafde1785c%3AT%3D1732655643%3ART%3D1732655643%3AS%3DAA-AfjZyN65wLa4AXlJPAfZsmqCi

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: br
google-lineitem-id: -2
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 26 Nov 2024 21:14:04 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://paddyofegans.com
content-length: 238
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
022d54c880901c78833bc7e5a486d0b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 22F3 0
0 49ms
37ms Document
text/html 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://022d54c880901c78833bc7e5a486d0b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Nov 2024 21:14:04 GMT
expires: Tue, 26 Nov 2024 21:14:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ Frame 7FDD 18 KB
0 0ms
0ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 21:14:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 21:14:03 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 48C1 0
0 6ms
2ms Document
text/html 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2844
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Nov 2024 20:26:40 GMT
expires: Tue, 26 Nov 2024 21:16:40 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET aframe
www.google.com/recaptcha/api2/ Frame 7541 0
0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=B18EE06566924C3CB13E6AB8E81F2917&RedC=c.clarity.ms&MXFR=3E01E4087F426ABA19D4F14B7B4264CC
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B18EE06566924C3CB13E6AB8E81F2917&MUID=24B3639FCC3A6B7722A776DCCD406AD8

42 B
442 B

20ms
20ms

Image
image/gif

52.231.230.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B18EE06566924C3CB13E6AB8E81F2917&MUID=24B3639FCC3A6B7722A776DCCD406AD8
Protocol: H2
Server: 52.231.230.148 Busan, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
etag: "58964c231919db1:0"
accept-ranges: bytes
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 42
date: Tue, 26 Nov 2024 21:14:05 GMT
content-type: image/gif
last-modified: Tue, 08 Oct 2024 00:29:29 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

Redirect headers

cache-control: private, no-cache, proxy-revalidate, no-store
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B18EE06566924C3CB13E6AB8E81F2917&MUID=24B3639FCC3A6B7722A776DCCD406AD8
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5CFE376339BC48AD91E1945D374FB2DD Ref B: TYBEDGE0310 Ref C: 2024-11-26T21:14:05Z
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 0
date: Tue, 26 Nov 2024 21:14:05 GMT
x-powered-by: ASP.NET

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 56ms
55ms XHR
application/json 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202411180101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

95916e3c376c55b7d1540b54af0e8cd45d764de4a50a3993687e268b0a0c69d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13272
date: Tue, 26 Nov 2024 21:14:05 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 404 favicon-32x32.png
paddyofegans.com/ 263 B
336 B 12ms
11ms Other
text/html 15.168.174.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://paddyofegans.com/favicon-32x32.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 15.168.174.130 Osaka, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-15-168-174-130.ap-northeast-3.compute.amazonaws.com
Software: Apache /
Resource Hash: e2cb916303431f6fca1769b804ef807d6dbf0bc63b4f4117ccc538d77c78a5ea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-length: 263
date: Tue, 26 Nov 2024 21:14:05 GMT
content-type: text/html; charset=iso-8859-1
server: Apache

GET
H2 404 favicon-16x16.png
paddyofegans.com/ 263 B
291 B 12ms
11ms Other
text/html 15.168.174.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://paddyofegans.com/favicon-16x16.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 15.168.174.130 Osaka, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-15-168-174-130.ap-northeast-3.compute.amazonaws.com
Software: Apache /
Resource Hash: e2cb916303431f6fca1769b804ef807d6dbf0bc63b4f4117ccc538d77c78a5ea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-length: 263
date: Tue, 26 Nov 2024 21:14:05 GMT
content-type: text/html; charset=iso-8859-1
server: Apache

GET
H2 404 favicon-48x48.png
paddyofegans.com/ 263 B
291 B 11ms
11ms Other
text/html 15.168.174.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://paddyofegans.com/favicon-48x48.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 15.168.174.130 Osaka, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-15-168-174-130.ap-northeast-3.compute.amazonaws.com
Software: Apache /
Resource Hash: e2cb916303431f6fca1769b804ef807d6dbf0bc63b4f4117ccc538d77c78a5ea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-length: 263
date: Tue, 26 Nov 2024 21:14:05 GMT
content-type: text/html; charset=iso-8859-1
server: Apache

GET
H2 404 favicon-96x96.png
paddyofegans.com/ 263 B
291 B 11ms
10ms Other
text/html 15.168.174.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://paddyofegans.com/favicon-96x96.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 15.168.174.130 Osaka, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-15-168-174-130.ap-northeast-3.compute.amazonaws.com
Software: Apache /
Resource Hash: e2cb916303431f6fca1769b804ef807d6dbf0bc63b4f4117ccc538d77c78a5ea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-length: 263
date: Tue, 26 Nov 2024 21:14:05 GMT
content-type: text/html; charset=iso-8859-1
server: Apache

GET
H2 404 favicon-144x144.png
paddyofegans.com/ 263 B
291 B 10ms
9ms Other
text/html 15.168.174.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://paddyofegans.com/favicon-144x144.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 15.168.174.130 Osaka, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-15-168-174-130.ap-northeast-3.compute.amazonaws.com
Software: Apache /
Resource Hash: e2cb916303431f6fca1769b804ef807d6dbf0bc63b4f4117ccc538d77c78a5ea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-length: 263
date: Tue, 26 Nov 2024 21:14:05 GMT
content-type: text/html; charset=iso-8859-1
server: Apache

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 18 KB
0 0ms
0ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 21:14:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 21:14:03 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 6548 0
0 1ms
1ms Document
text/html 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2844
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Nov 2024 20:26:40 GMT
expires: Tue, 26 Nov 2024 21:16:40 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame BEFF 0
0 43ms
41ms Document
text/html 142.251.42.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.196 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zvIyNkmxcdjrriadzRkxDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-zvIyNkmxcdjrriadzRkxDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Nov 2024 21:14:05 GMT
expires: Tue, 26 Nov 2024 21:14:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 404 favicon-192x192.png
paddyofegans.com/ 263 B
291 B 12ms
11ms Other
text/html 15.168.174.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://paddyofegans.com/favicon-192x192.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 15.168.174.130 Osaka, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-15-168-174-130.ap-northeast-3.compute.amazonaws.com
Software: Apache /
Resource Hash: e2cb916303431f6fca1769b804ef807d6dbf0bc63b4f4117ccc538d77c78a5ea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

content-length: 263
date: Tue, 26 Nov 2024 21:14:05 GMT
content-type: text/html; charset=iso-8859-1
server: Apache

POST
H2 200 events Show response
track.us.org/ 19 B
603 B 584ms
578ms XHR
text/javascript 185.59.208.177
VSHOSTING VSHosti...

General

Check archive.org

Show headers Download Go to

Full URL: https://track.us.org/events?u=https%3A%2F%2Fpaddyofegans.com%2F
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.208.177 , Czech Republic, ASN43541 (VSHOSTING VSHosting s.r.o., CZ),
Reverse DNS: webgarden-track-lb-ha.vshosting.cz
Software: nginx /
Resource Hash: 62e9a2d90981412507e62bb2d22400a41d76d187fbc81f702f9bed24fa77922d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://paddyofegans.com/

Response headers

access-control-max-age: 1
cache-control: post-check=0, pre-check=0; max-age=0, no-cache, must-revalidate, proxy-revalidate, private
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
expires: Tue, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin: https://paddyofegans.com
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
date: Tue, 26 Nov 2024 21:14:06 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: nginx
last-modified: Tue, 26 Nov 2024 21:14:06 GMT
access-control-allow-headers: X-Requested-With,origin,content-type,accept,accept-encoding,accept-language

GET sodar
ep1.adtrafficquality.google/pagead/ 0
0

POST
H/1.1 204
No Content collect Show response
k.clarity.ms/ 0
280 B 162ms
161ms XHR
text/plain 172.175.38.6
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.175.38.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://paddyofegans.com/

Response headers

Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
Access-Control-Allow-Origin: https://paddyofegans.com
Date: Tue, 26 Nov 2024 21:14:06 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 3ms
2ms Preflight
application/json 2406:2600:4::b
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpaddyofegans.com%2F&domain=paddyofegans.com&bundle=rpwXo19SdlVVTTIxQ3E2RDdZNUVYMVU1UTdGZGZFVThmTjNUZHFZczd6clpyYmlXN0U5TE5DbXhmcHdIZSUyRjBWRkhrJTJCbnZFOFdaJTJCakNraWRrMWZnbUpwRko2dGp3QzJoQmZkVnpMMk9HSFlKRHFVeXFyVFRRRVlzT2JIY01qYlc2U20yNw&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://paddyofegans.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://paddyofegans.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 26 Nov 2024 21:14:07 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 228327
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpaddyofegans.com%2F&domain=paddyofegans.com&bundle=rpwXo19SdlVVTTIxQ3E2RDdZNUVYMVU1UTdGZGZFVThmTjNUZHFZczd6clpyYmlXN0U5TE5DbXhmcHd...
https://mug.criteo.com/sid?cpp=asHnD3xCQXRzeDgyZXhXaFVIOTdtQjI0L3R2NHZQak9DK0hFTTJEMU1DVG5qMnlXZVpGNk5SaE8xMkN3NHdBS2hPV3dzNXhKRWVGZ1QxSVYyWW9Ia051WXVPRE1TRHVwOEQ3akg3djlJSnpCTGVUd0hSNXZ2TzduVXVHZF...

447 B
1 KB

3ms
3ms

Fetch
application/json

182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=asHnD3xCQXRzeDgyZXhXaFVIOTdtQjI0L3R2NHZQak9DK0hFTTJEMU1DVG5qMnlXZVpGNk5SaE8xMkN3NHdBS2hPV3dzNXhKRWVGZ1QxSVYyWW9Ia051WXVPRE1TRHVwOEQ3akg3djlJSnpCTGVUd0hSNXZ2TzduVXVHZFJJTE41dEdGbnhZNGZvNE1XT0YwaFBtY0VVTmphVTlvamsrS1NEeFp3Y1UrYzFNNzFxOFhqb1FXU0hBZVRCQUwrS012cFp3ZDJ4VFFVc0xVSk9acXJSd1crRzFCeE5GZnpFZFZHeW50cXJ2Qi9iSzFNM3VZV2QzMHowRzY5RWI2L2Fza2s4Q2swOWVBSVNUTzE1NHROWExyRUV5dFZEVERPWFl4RVN2M2w0U0Z2RlJiMFltb01JZkx3a2JCc21JWXJkTGZGbUhiYXViWisvN0NYR1E4R216SHduejRaZXc9PXw&cppv=2

Protocol

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

273057259a519b357ba80d39e6d9494c10a6e34fa2f32521027632311cd1c32d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 620936
expires: 0
access-control-allow-origin: null
date: Tue, 26 Nov 2024 21:14:06 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: Kestrel

Redirect headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache, no-store, must-revalidate
location: https://mug.criteo.com/sid?cpp=asHnD3xCQXRzeDgyZXhXaFVIOTdtQjI0L3R2NHZQak9DK0hFTTJEMU1DVG5qMnlXZVpGNk5SaE8xMkN3NHdBS2hPV3dzNXhKRWVGZ1QxSVYyWW9Ia051WXVPRE1TRHVwOEQ3akg3djlJSnpCTGVUd0hSNXZ2TzduVXVHZFJJTE41dEdGbnhZNGZvNE1XT0YwaFBtY0VVTmphVTlvamsrS1NEeFp3Y1UrYzFNNzFxOFhqb1FXU0hBZVRCQUwrS012cFp3ZDJ4VFFVc0xVSk9acXJSd1crRzFCeE5GZnpFZFZHeW50cXJ2Qi9iSzFNM3VZV2QzMHowRzY5RWI2L2Fza2s4Q2swOWVBSVNUTzE1NHROWExyRUV5dFZEVERPWFl4RVN2M2w0U0Z2RlJiMFltb01JZkx3a2JCc21JWXJkTGZGbUhiYXViWisvN0NYR1E4R216SHduejRaZXc9PXw&cppv=2
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 316524
expires: 0
access-control-allow-origin: https://paddyofegans.com
content-length: 0
date: Tue, 26 Nov 2024 21:14:06 GMT
server: Kestrel

GET
H/1.1 200
OK pid Show response
sync6.im-apps.net/3929/ 76 B
341 B 38ms
20ms Fetch
application/json 2600:140b:400::172d:33d9
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync6.im-apps.net/3929/pid
Requested by: Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v8.52.1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:400::172d:33d9 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: /
Resource Hash: 326d3ca73f150a2ffc51fef708885bd7198bd9120d3690ed38544da7b023bd7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://paddyofegans.com/

Response headers

Access-Control-Allow-Origin: https://paddyofegans.com
Cache-Control: private, max-age=1800
Content-Length: 76
Date: Tue, 26 Nov 2024 21:14:07 GMT
Content-Type: application/json
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 200 pd
genieeintl-d.openx.net/w/1.0/ Frame 9887 0
0 89ms
81ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://genieeintl-d.openx.net/w/1.0/pd
Requested by: Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v8.52.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 151
content-type: text/html
date: Tue, 26 Nov 2024 21:14:06 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET /
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame F6D8 0
0

GET
H2 200 usync.html
eus.rubiconproject.com/ Frame C2B0 0
0 14ms
3ms Document
text/html 23.2.37.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v8.52.1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.2.37.82 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-2-37-82.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 224
content-type: text/html; charset=UTF-8
date: Tue, 26 Nov 2024 21:14:07 GMT
etag: "2052a-10d-6142d69a886c0"
last-modified: Thu, 21 Mar 2024 15:32:19 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2

200

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=1272385036004987266&gdpr=0&gdpr_consent=

43 B
329 B

89ms
89ms

Image
image/gif

23.106.50.39
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=1272385036004987266&gdpr=0&gdpr_consent=
Protocol: H2
Server: 23.106.50.39 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: no-cache,no-store
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Tue, 26 Nov 2024 21:14:06 GMT
pragma: no-cache
content-type: image/gif

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=1272385036004987266&gdpr=0&gdpr_consent=
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: -1
access-control-allow-origin: *
content-length: 0
date: Tue, 26 Nov 2024 21:14:07 GMT
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET

dcm
aax-eu.amazon-adsystem.com/s/
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fdcm%3Fpid%3Df7a5db36-1d5c-4c26-81b6-b4d0807faffb%26id%3D...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=4594752745451248294&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=4594752745451248294&gdpr=0&gdpr_consent=&dcc=t

0
0

GET
H2

200

gjIEMT18
sync-tm.everesttech.net/ct/upi/pid/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=...

85 B
171 B

3ms
2ms

Image
image/png

151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Z0Y6HwAHseRzEAAX
Protocol: H2
Server: 151.101.66.49 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

x-robots-tag: noindex
cache-control: no-cache
x-timer: S1732655647.280328,VS0,VE0
age: 3395
pragma: no-cache
via: 1.1 varnish
accept-ranges: bytes
x-cache: HIT
content-length: 85
date: Tue, 26 Nov 2024 21:14:07 GMT
content-type: image/png
x-served-by: cache-nrt-rjtf7700024-NRT
server: Jetty(9.4.35.v20201120)
x-cache-hits: 5193

Redirect headers

x-robots-tag: noindex
cache-control: no-cache
location: https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Z0Y6HwAHseRzEAAX
x-timer: S1732655647.115327,VS0,VE162
pragma: no-cache
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
content-length: 0
date: Tue, 26 Nov 2024 21:14:07 GMT
x-served-by: cache-nrt-rjtf7700024-NRT
server: Jetty(9.4.35.v20201120)
x-cache-hits: 0

GET
H2

200

redir
rtb-csync.smartadserver.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1
https://rtb-csync.smartadserver.com/redir?partneruserid=AAJaFE7OjHQAABYCouWpiA&partnerid=127&gdpr=0

43 B
334 B

215ms
90ms

Image
image/gif

23.106.50.39
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir?partneruserid=AAJaFE7OjHQAABYCouWpiA&partnerid=127&gdpr=0
Protocol: H2
Server: 23.106.50.39 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: no-cache,no-store
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Tue, 26 Nov 2024 21:14:07 GMT
pragma: no-cache
content-type: image/gif

Redirect headers

strict-transport-security: max-age=2592000; includeSubDomains
location: https://rtb-csync.smartadserver.com/redir?partneruserid=AAJaFE7OjHQAABYCouWpiA&partnerid=127&gdpr=0
Content-Length: 0
Date: Tue, 26 Nov 2024 21:14:07 GMT
Server: gunicorn
Connection: keep-alive

GET
H2

200

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=jk93B9FwyALU&ev=1&pid=560288&gdpr_consent=&gdpr=0

43 B
346 B

88ms
88ms

Image
image/gif

23.106.50.39
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=jk93B9FwyALU&ev=1&pid=560288&gdpr_consent=&gdpr=0
Protocol: H2
Server: 23.106.50.39 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: no-cache,no-store
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Tue, 26 Nov 2024 21:14:07 GMT
pragma: no-cache
content-type: image/gif

Redirect headers

cache-control: private, max-age=0, no-cache, no-store
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=jk93B9FwyALU&ev=1&pid=560288&gdpr_consent=&gdpr=0
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-54cfdf9fc4-mwh7v
expires: -1
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: ja-JP
server: Jetty(10.0.14)

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 2ms
1ms Preflight
application/json 182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 26 Nov 2024 21:14:07 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 176641
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET loaduser
traid.jixie.io/api/ 0
0

GET
H2 200 newid Show response
traid.jixie.io/api/ 52 B
451 B 251ms
84ms XHR
application/json 43.129.34.52

General

Check archive.org

Show headers Download Go to

Full URL

https://traid.jixie.io/api/newid?accountid=Vi245MSErQ

Requested by

Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxpublisher_3_1.nb.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.129.34.52 -, , ASN (),

Reverse DNS

Software

Resource Hash

7527ca0fcdbd5330c52837734fa79bd8e0638ea08d83f6ee980badba9571c1ae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	Deny
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self'
cache-control: private, max-age=31536000
content-encoding: gzip
etag: 5fddbcf0-ac3b-11ef-9f6b-e3c545acf153
access-control-allow-credentials: false
x-content-type-options: nosniff
access-control-allow-origin: *
date: Tue, 26 Nov 2024 21:14:08 GMT
x-xss-protection: 1
content-type: application/json; charset=utf-8
vary: Origin, Accept-Encoding
x-frame-options: Deny

GET
H2 200 usync.html
eus.rubiconproject.com/ Frame 761F 0
0 0ms
0ms Document
text/html 23.2.37.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.2.37.82 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-2-37-82.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 224
content-type: text/html; charset=UTF-8
date: Tue, 26 Nov 2024 21:14:07 GMT
etag: "2052a-10d-6142d69a886c0"
last-modified: Thu, 21 Mar 2024 15:32:19 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AF57 0
0 4ms
3ms Document
text/html 23.32.224.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158361
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/grumi-ip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.224.239 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-224-239.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=82772
content-encoding: gzip
content-length: 6694
content-type: text/html
date: Tue, 26 Nov 2024 21:14:08 GMT
expires: Wed, 27 Nov 2024 20:13:40 GMT
last-modified: Wed, 13 Nov 2024 05:14:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 pbsync.html
js.adscale.de/ Frame 0B85 0
0 48ms
9ms Document
text/html 2600:9000:221d:9800:f:4f64:8940:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/pbsync.html
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:221d:9800:f:4f64:8940:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 1144
cache-control: max-age=7200, stale-while-revalidate=86400
content-encoding: gzip
content-type: text/html
date: Tue, 26 Nov 2024 20:55:05 GMT
etag: W/"093414ce71e32cba0aa5d32e70ce697c"
last-modified: Tue, 26 Nov 2024 04:53:11 GMT
server: AmazonS3
vary: accept-encoding
via: 1.1 760c3075e858fc85fefc742f771b3ba6.cloudfront.net (CloudFront)
x-amz-cf-id: x_RK_-jOdvqi-hc2aw7qqDusRipgOk0BTtjxVlZEYJD-9xS9qH04mw==
x-amz-cf-pop: KIX50-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: jzJGTyZCWccZHyi40mVm8exglrY.O_K_
x-cache: Hit from cloudfront

GET
H2 200 /
onetag-sys.com/usync/ Frame A6D6 0
0 69ms
69ms Document
text/html 51.79.154.29
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1732655648336

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.79.154.29 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip29.ip-51-79-154.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
content-type: text/html
strict-transport-security: max-age=15552000

GET
H2 200 isyn
prebid.a-mo.net/ Frame 22E5 0
0 73ms
73ms Document
text/html 131.153.206.102

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/isyn?&gpp=&gpp_sid=
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 131.153.206.102 -, , ASN (),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-length: 655
content-type: text/html; charset=utf-8
date: Tue, 26 Nov 2024 21:14:07 GMT
server: envoy
vary: accept-encoding
x-envoy-upstream-service-time: 4

OPTIONS
H2 204 idsyncv2
traid.jixie.io/api/ Frame 0
0 83ms
83ms Preflight 43.129.34.52

General

Check archive.org

Show headers Download Go to

Full URL: https://traid.jixie.io/api/idsyncv2?accountid=Vi245MSErQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.129.34.52 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://paddyofegans.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:08 GMT
vary: Origin, Access-Control-Request-Headers

POST
H2 200 idsyncv2 Show response
traid.jixie.io/api/ 67 B
573 B 89ms
87ms XHR
application/json 43.129.34.52

General

Check archive.org

Show headers Download Go to

Full URL

https://traid.jixie.io/api/idsyncv2?accountid=Vi245MSErQ

Requested by

Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxpublisher_3_1.nb.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.129.34.52 -, , ASN (),

Reverse DNS

Software

Resource Hash

920a7c4de2e2bbb157365aaa62c4e6c170b503bf960ca46eabc28ac93bb37256

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	Deny
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://paddyofegans.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self'
content-encoding: gzip
etag: W/"43-X+BCaR5BDbwzgZpGqH88FtEtZ54"
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:08 GMT
x-xss-protection: 1
content-type: application/json; charset=utf-8
vary: Origin, Accept-Encoding
x-frame-options: Deny

OPTIONS
H2 200 rid
match.adsrvr.org/track/ Frame 0
0 15ms
5ms Preflight 35.71.131.137

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=xuz42kb&fmt=json
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://paddyofegans.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
access-control-allow-origin: https://paddyofegans.com
content-length: 25
date: Tue, 26 Nov 2024 21:14:08 GMT
server: Kestrel
vary: Origin

OPTIONS
H2 204 prod
traid.jixie.io/sync/ Frame 0
0 84ms
84ms Preflight 43.129.34.52

General

Check archive.org

Show headers Download Go to

Full URL: https://traid.jixie.io/sync/prod
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.129.34.52 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://paddyofegans.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:08 GMT
vary: Origin, Access-Control-Request-Headers

GET
H2 200 rid Show response
match.adsrvr.org/track/ 108 B
698 B 12ms
5ms XHR
application/json 35.71.131.137

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=xuz42kb&fmt=json
Requested by: Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxpublisher_3_1.nb.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: Kestrel /
Resource Hash: 6140a514714dc6a999613e4083bdab165775b52a39e8ad800f0129e536a8d160

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://paddyofegans.com/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
expires: Thu, 26 Dec 2024 21:14:08 GMT
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:08 GMT
content-type: application/json
vary: Origin, Accept-Encoding
server: Kestrel
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept

POST
H2 200 upkiejson Show response
accounts.tokopedia.com/ 127 B
2 KB 284ms
213ms XHR
application/json 23.33.32.129

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.tokopedia.com/upkiejson
Requested by: Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxpublisher_3_1.nb.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.33.32.129 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 97b23944412235f5fed2e7054f35851203cccdc9438c37de62845ce8a582efbd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-tkp-srv-id: accountsapp-10-41-84-238
access-control-allow-origin: https://paddyofegans.com
content-length: 127
date: Tue, 26 Nov 2024 21:14:08 GMT
content-type: application/json
x-tkpd-origin-match: origin-accounts.tokopedia.com
server: nginx

POST
H2 204 prod Show response
traid.jixie.io/sync/ 0
300 B 86ms
85ms XHR
text/plain 43.129.34.52

General

Check archive.org

Show headers Download Go to

Full URL

https://traid.jixie.io/sync/prod

Requested by

Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxpublisher_3_1.nb.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.129.34.52 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	Deny
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://paddyofegans.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self'
cache-control: private
etag: 5fddbcf0-ac3b-11ef-9f6b-e3c545acf153
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://paddyofegans.com
date: Tue, 26 Nov 2024 21:14:08 GMT
x-xss-protection: 1
vary: Origin
x-frame-options: Deny

GET
H2 200 pd
adasia-d.openx.net/w/1.0/ Frame 8B48 0
0 44ms
41ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://adasia-d.openx.net/w/1.0/pd
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/1326/prebid_2024_11_25_7_25_20.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 151
content-type: text/html
date: Tue, 26 Nov 2024 21:14:08 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 204 user-sync.html
ms-cookie-sync.presage.io/ Frame E86E 0
0 47ms
5ms Document
text/plain 52.196.7.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ms-cookie-sync.presage.io/user-sync.html?gdpr_consent=&source=prebid&gpp=&gpp_sid=
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/1326/prebid_2024_11_25_7_25_20.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.196.7.28 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-196-7-28.ap-northeast-1.compute.amazonaws.com
Software: / Express
Resource Hash

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
date: Tue, 26 Nov 2024 21:14:09 GMT
expires: 0
pragma: no-cache
surrogate-control: no-store
x-powered-by: Express

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/dmp/ Frame 4EA7 0
0 32ms
2ms Document
text/html 151.101.65.108

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/1326/prebid_2024_11_25_7_25_20.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 55769
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 26 Nov 2024 21:14:09 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 17 May 2024 08:31:56 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 3679464, 229671
X-Served-By: cache-lga21993-LGA, cache-nrt-rjtf7700048-NRT
X-Timer: S1732655649.177295,VS0,VE0

GET
H2 200 usync.html
eus.rubiconproject.com/ Frame BA59 0
0 0ms
0ms Document
text/html 23.2.37.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/1326/prebid_2024_11_25_7_25_20.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.2.37.82 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-2-37-82.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 224
content-type: text/html; charset=UTF-8
date: Tue, 26 Nov 2024 21:14:07 GMT
etag: "2052a-10d-6142d69a886c0"
last-modified: Thu, 21 Mar 2024 15:32:19 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 syncframe
gum.criteo.com/ Frame 306E 0
0 3ms
3ms Document
text/html 2406:2600:4::b
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=criteoPrebidAdapter&topUrl=paddyofegans.com&gpp=

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/1326/prebid_2024_11_25_7_25_20.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://paddyofegans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 26 Nov 2024 21:14:08 GMT
server: Kestrel
server-processing-duration-in-ticks: 824902
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2

200

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=jk93B9FwyALU&ev=1&pid=560288&gdpr_consent=&gdpr=0

43 B
346 B

88ms
88ms

Image
image/gif

23.106.50.39
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=jk93B9FwyALU&ev=1&pid=560288&gdpr_consent=&gdpr=0
Protocol: H2
Server: 23.106.50.39 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: no-cache,no-store
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Tue, 26 Nov 2024 21:14:08 GMT
pragma: no-cache
content-type: image/gif

Redirect headers

cache-control: private, max-age=0, no-cache, no-store
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=jk93B9FwyALU&ev=1&pid=560288&gdpr_consent=&gdpr=0
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-54cfdf9fc4-mwh7v
expires: -1
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: ja-JP
server: Jetty(10.0.14)

GET
H2

200

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%2...
https://eu-u.openx.net/w/1.0/cm?cc=1&id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D...
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=97be54d9-0d8c-0447-399e-97cb727bd704&gdpr=0&gdpr_consent=

43 B
387 B

89ms
88ms

Image
image/gif

23.106.50.39
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=97be54d9-0d8c-0447-399e-97cb727bd704&gdpr=0&gdpr_consent=
Protocol: H2
Server: 23.106.50.39 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: no-cache,no-store
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Tue, 26 Nov 2024 21:14:09 GMT
pragma: no-cache
content-type: image/gif

Redirect headers

location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=97be54d9-0d8c-0447-399e-97cb727bd704&gdpr=0&gdpr_consent=
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 26 Nov 2024 21:14:08 GMT
content-type: image/gif
vary: Accept, Accept-Encoding
server: OXGW/0.0.0

GET
H2

200

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://cs.admanmedia.com/e09bad714a425a93d6dea503dcf9c528.gif?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D130%26partneruserid%3D%5BUID%5D%26gdpr%3D%5BGDPR%5...
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=81039b2f-f3a5-4084-b5da-baf089a56c6f&gdpr=0&gdpr_consent=[GDPR_CONSENT]

43 B
428 B

92ms
91ms

Image
image/gif

23.106.50.39
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=81039b2f-f3a5-4084-b5da-baf089a56c6f&gdpr=0&gdpr_consent=[GDPR_CONSENT]
Protocol: H2
Server: 23.106.50.39 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: no-cache,no-store
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Tue, 26 Nov 2024 21:14:09 GMT
pragma: no-cache
content-type: image/gif

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=81039b2f-f3a5-4084-b5da-baf089a56c6f&gdpr=0&gdpr_consent=[GDPR_CONSENT]
Pragma: no-cache
Connection: keep-alive
Expires: 0
Content-Length: 0
Date: Tue, 26 Nov 2024 21:14:09 GMT
Server: nginx

GET

user_sync.html
ads.pubmatic.com/AdServer/js/
Redirect Chain

https://s.ad.smaato.net/c/?adExInit=p
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156177&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1001750%26dspCookie%3DPM_UID%26gdpr%3D0...

0
0

GET
H2

200

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=8d80cec9-4bea-4703-af87-5385ec5d496e&gdpr=0&gdpr_consent=

43 B
386 B

88ms
88ms

Image
image/gif

23.106.50.39
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=8d80cec9-4bea-4703-af87-5385ec5d496e&gdpr=0&gdpr_consent=
Protocol: H2
Server: 23.106.50.39 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: no-cache,no-store
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Tue, 26 Nov 2024 21:14:08 GMT
pragma: no-cache
content-type: image/gif

Redirect headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=8d80cec9-4bea-4703-af87-5385ec5d496e&gdpr=0&gdpr_consent=
pragma: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 916130
expires: Tue, 26 Nov 2024 00:00:00 GMT
x-errorlevel: 0
content-length: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date: Tue, 26 Nov 2024 21:14:08 GMT
server: Kestrel

GET
H2

200

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=0b462005004f9ea021cb5cfb&gdpr=0&gdpr_consent=

43 B
415 B

90ms
88ms

Image
image/gif

23.106.50.39
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=0b462005004f9ea021cb5cfb&gdpr=0&gdpr_consent=
Protocol: H2
Server: 23.106.50.39 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

cache-control: no-cache,no-store
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Tue, 26 Nov 2024 21:14:09 GMT
pragma: no-cache
content-type: image/gif

Redirect headers

location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=0b462005004f9ea021cb5cfb&gdpr=0&gdpr_consent=
keep-alive: timeout=5
content-length: 0
date: Tue, 26 Nov 2024 21:14:09 GMT
x-powered-by: Express
vary: Origin
access-control-allow-credentials: true

GET
H2

204

match
ssp-sync.criteo.com/user-sync/
Redirect Chain

https://x.bidswitch.net/sync?ssp=criteo&custom_data=6zAl-F9QdDVRWEp5eTVqNllNWkFGRUlxUFpKMkdVQ09SNUdMTDlWOHM0akVWbzM0JTNE&gpp=&gpp_sid=&gdpr=0&gdpr_consent=&us_privacy=&cr_user_id=k-vpfdiYOja_z7CT1p...
https://x.bidswitch.net/ul_cb/sync?ssp=criteo&custom_data=6zAl-F9QdDVRWEp5eTVqNllNWkFGRUlxUFpKMkdVQ09SNUdMTDlWOHM0akVWbzM0JTNE&gpp=&gpp_sid=&gdpr=0&gdpr_consent=&us_privacy=&cr_user_id=k-vpfdiYOja_...
https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dcriteo%26user_id%3D%40%40CRITEO_USERID%40%40
https://x.bidswitch.net/sync?dsp_id=462&ssp=criteo&user_id=k-vpfdiYOja_z7CT1pgUmlhEG6eBDSAn7oJjDngA&gdpr=0&gdpr_consent=
https://ssp-sync.criteo.com/user-sync/match?p=6zAl-F9QdDVRWEp5eTVqNllNWkFGRUlxUFpKMkdVQ09SNUdMTDlWOHM0akVWbzM0JTNE&u=a791fe51-a8fb-4aaf-9d63-d64f446f2c91

0
142 B

13ms
3ms

Image
text/plain

2406:2600:4::2c

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssp-sync.criteo.com/user-sync/match?p=6zAl-F9QdDVRWEp5eTVqNllNWkFGRUlxUFpKMkdVQ09SNUdMTDlWOHM0akVWbzM0JTNE&u=a791fe51-a8fb-4aaf-9d63-d64f446f2c91

Protocol

Server

2406:2600:4::2c -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-store,max-age=0
date: Tue, 26 Nov 2024 21:14:08 GMT
cross-origin-resource-policy: cross-origin
server: Kestrel

Redirect headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
location: //ssp-sync.criteo.com/user-sync/match?p=6zAl-F9QdDVRWEp5eTVqNllNWkFGRUlxUFpKMkdVQ09SNUdMTDlWOHM0akVWbzM0JTNE&u=a791fe51-a8fb-4aaf-9d63-d64f446f2c91
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 21:14:09 GMT

GET
H2

204

match
ssp-sync.criteo.com/user-sync/
Redirect Chain

https://secure.adnxs.com/getuid?https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dEB-L-F84Z1NCSkpaTGpENk5kQVJUZnNtYlljWW1LbTFyT0xmczdkTDZUVGhlS0NzJTNE%26u%3d%24UID&gdpr=0&gdpr_consent=
https://ssp-sync.criteo.com/user-sync/match?p=EB-L-F84Z1NCSkpaTGpENk5kQVJUZnNtYlljWW1LbTFyT0xmczdkTDZUVGhlS0NzJTNE&u=2885398955105823811&gdpr=0&gdpr_consent=

0
141 B

3ms
3ms

Image
text/plain

2406:2600:4::2c

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssp-sync.criteo.com/user-sync/match?p=EB-L-F84Z1NCSkpaTGpENk5kQVJUZnNtYlljWW1LbTFyT0xmczdkTDZUVGhlS0NzJTNE&u=2885398955105823811&gdpr=0&gdpr_consent=

Protocol

Server

2406:2600:4::2c -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://paddyofegans.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-store,max-age=0
date: Tue, 26 Nov 2024 21:14:08 GMT
cross-origin-resource-policy: cross-origin
server: Kestrel

Redirect headers

cache-control: no-store, no-cache, private
location: https://ssp-sync.criteo.com/user-sync/match?p=EB-L-F84Z1NCSkpaTGpENk5kQVJUZnNtYlljWW1LbTFyT0xmczdkTDZUVGhlS0NzJTNE&u=2885398955105823811&gdpr=0&gdpr_consent=
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 146.70.201.215; 146.70.201.215; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: ec9c165e-dd59-48d6-9a75-709b7935d6e6
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Tue, 26 Nov 2024 21:14:09 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

POST
H2 200 events Show response
track.us.org/ 19 B
603 B 806ms
270ms XHR
text/javascript 185.59.208.177
VSHOSTING VSHosti...

General

Check archive.org

Show headers Download Go to

Full URL: https://track.us.org/events?u=https%3A%2F%2Fpaddyofegans.com%2F
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.208.177 , Czech Republic, ASN43541 (VSHOSTING VSHosting s.r.o., CZ),
Reverse DNS: webgarden-track-lb-ha.vshosting.cz
Software: nginx /
Resource Hash: 821c1c64f99ec314ce0d4b557ce5b2465f44d4f2798e64af7908a17d49b86c64

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://paddyofegans.com/

Response headers

access-control-max-age: 1
cache-control: post-check=0, pre-check=0; max-age=0, no-cache, must-revalidate, proxy-revalidate, private
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
expires: Tue, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin: https://paddyofegans.com
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
date: Tue, 26 Nov 2024 21:14:10 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: nginx
last-modified: Tue, 26 Nov 2024 21:14:10 GMT
access-control-allow-headers: X-Requested-With,origin,content-type,accept,accept-encoding,accept-language

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.viva.co.id
URL: https://www.viva.co.id/asset-viva/responsive-web/fonts/barlow/7cHqv4kjgoGqM7E3_-gs51os.woff2?v=2.85

Domain: www.viva.co.id
URL: https://www.viva.co.id/asset-viva/responsive-web/fonts/barlow/7cHqv4kjgoGqM7E3t-4s51os.woff2?v=2.85

Domain: www.viva.co.id
URL: https://www.viva.co.id/asset-viva/responsive-web/fonts/barlow/7cHqv4kjgoGqM7E3j-ws51os.woff2?v=2.85

Domain: www.viva.co.id
URL: https://www.viva.co.id/asset-viva/responsive-web/fonts/awesome5/fa-solid-900.woff2

Domain: www.viva.co.id
URL: https://www.viva.co.id/asset-viva/responsive-web/fonts/awesome5/fa-solid-900.woff

Domain: www.viva.co.id
URL: https://www.viva.co.id/asset-viva/responsive-web/fonts/awesome5/fa-solid-900.ttf

Domain: prebid-eu.creativecdn.com
URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids

Domain: prebid-eu.creativecdn.com
URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids

Domain: prebid-eu.creativecdn.com
URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids

Domain: hb.adscale.de
URL: https://hb.adscale.de/dsh

Domain: r2b2-apac.adnxs.com
URL: https://r2b2-apac.adnxs.com/ut/v3/prebid

Domain: prebid-eu.creativecdn.com
URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids

Domain: prebid-eu.creativecdn.com
URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids

Domain: hb.adscale.de
URL: https://hb.adscale.de/dsh

Domain: prebid-eu.creativecdn.com
URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids

Domain: prebid-eu.creativecdn.com
URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids

Domain: hb.adscale.de
URL: https://hb.adscale.de/dsh

Domain: prebid-eu.creativecdn.com
URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids

Domain: prebid-eu.creativecdn.com
URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids

Domain: prebid-eu.creativecdn.com
URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids

Domain: prebid-eu.creativecdn.com
URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids

Domain: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Domain: cdn.contextads.live
URL: https://cdn.contextads.live/publishers/v3/paddyofegans.com/cads-paddyofegans.com.min.js

Domain: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Domain: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Domain: paddyofegans.com
URL: blob:https://paddyofegans.com/6dccbf26-4653-4600-9af9-4c299df92bc1

Domain: paddyofegans.com
URL: blob:https://paddyofegans.com/378230d1-2261-4fe3-b33d-b097f7e961c1

Domain: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Domain: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Domain: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Domain: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/gen_204?id=plmetrics&cls=0.000&mls=0.000&nls=0&cas=0.000&nas=0&was=0.000&wls=0.000&tls=0.000&lcp=0&lcps=0&cbt=74&mbt=74&nlt=1&nif=0&ifi=1&eid=31089148%2C31086809%2C95340253%2C95340255&top=0&pvsid=1346930639944590&gpt=1

Domain: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Domain: www.google.com
URL: https://www.google.com/recaptcha/api2/aframe

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/gen_204?id=plmetrics&cls=0.000&mls=0.000&nls=0&cas=0.000&nas=0&was=0.000&wls=0.000&tls=0.000&lcp=0&lcps=0&cbt=0&mbt=0&nlt=0&nif=0&ifi=1&eid=31088726%2C31089065%2C83320949%2C31086809%2C95340253%2C95340255&top=0&pvsid=697321191536253&gpt=1

Domain: www.google.com
URL: https://www.google.com/recaptcha/api2/aframe

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202411180101&jk=4255252775906676&bg=!pqWlperNAAaIaF9IqGg7ADQBe5WfOBInDiTxfTgoNgnK-jYSBj7Wh4sgey_pwUyIYEM7Y_8-Ut6gymkh7s3zc3t93qWUAgAAADVSAAAAA2gBB34ANl6V2VbgEU1Rt48Hmh5cCFWnSL9slQwdRhGDRmz-RE85hjm6Tle7PgezbGHKv0AkozOwrsgQJ5kCkJCRG6ufM7NgjVbKqYxsd4EWM_qRRg9Ug37ENf5KuEfMPxnl_bU8aEjzZKuyO4vkotmMgnsifythOJTuX8BHGGnNqtOFbipfpiFyO3cExXNNPdoFnTaowu5_xhFCgadgNRFYc9FcDPOrfKO6eFd2HWN7DZSo08xYMcGPzaGdANbTqJQvEJrp8TQt7nhCh7WhD1T8bvcw0PcvQDHgISWRl99Bwjjp6oTJn4XcCCdhGvnoJ8wTkE1kBu9DCSRDJFrMgMHhR85oP6wDEWHNRZRfd7rBDLDisX-vejbVnqoUyXBEevGv8nxzroKXEWGj-1p80KfSV_dmJveVeU88YtYEa5AbScBM-V__8uoX_df_euoMmogPpH0R7D1tcE6uZMYuO_84xy-RVcrYqJ8XrTqx2y-tGsuRdswD3BiZqUtYu6jhz7I1AnqDfIkB4l9q6vmFSSKYl5hT9GznbOSVfKrKBnKR1nCARzjtw2K2ZI7sKeqGGU04yes-EBDYv1T8Ea3O1G1_pJlt1LF-jMUAeIVEr1hQE1_IoVNCTVkO6GPqbf4NqrFJZLXXOM9xpTYW7m7ynmKwFxopks2rFkM24eefmM6DuNvwCfKmDtUQsT4b1zSvNNJ9UwuYFzpRAim04jaknMMfnAbp1SFAVs18gCe_HP2OgTMJQZq9GQXsWHpHoRarEIiGu2MWGGDqcYR3xqS-Ioye48TW6AA8cTwt0prkUF6sMUnZ5r9xCDF0BBhYZYTjix_P628_zh3LKGO68lg4mbOpPC3znNMg2AxVVaaZKXVzaKFw5aKVEH1smtgWg61K05dwmdhwuwZUxgPXtAx9YZzq89yXVBgSWM8J6a6MTyBXzXGbKTYd5-55IoxklIy_

Domain: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=5475310752

Domain: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=4594752745451248294&gdpr=0&gdpr_consent=&dcc=t

Domain: traid.jixie.io
URL: https://traid.jixie.io/api/loaduser?old_client_id=none&accountid=Vi245MSErQ

Domain: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156177&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1001750%26dspCookie%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D

Verdicts & Comments Add Verdict or Comment

226 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

121 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
widgets.outbrain.com/nanoWidget/externals/cookie	1970-01-21 01:17:39	Name: thirdparty Value: yes
.mgid.com/	1970-01-21 01:17:37	Name: __cf_bm Value: 1bpsH4I3Jehr72Xqe8i8_JgqNHH.NHUnzw0x889oO3w-1732655642-1.0.1.1-kCwCL.V2KB6pRMs9J4w_Lp.rbBZNdEnDHvEIwVRLpVH1KriOpiPZpDPBQSXmm.JBGnu41u4X.kvuucPfbV8tyg
.izooto.com/	1970-01-21 10:53:35	Name: IZCID Value: 6790b119-c313-485a-b6c5-55bd139dcfb2
.dailymotion.com/	1970-01-21 10:46:23	Name: ts Value: 982200
.dailymotion.com/	1970-01-21 10:46:23	Name: v1st Value: 8feedfe0-a94c-28e2-5c0f-e7aa93c0fca0
.dailymotion.com/	1969-12-31 23:59:59	Name: _TEST_ Value: 1
www.clarity.ms/	1970-01-21 10:03:11	Name: CLID Value: 5ad824b09da1479bbc9999f902edf1db.20241126.20251126
.paddyofegans.com/	1970-01-21 10:03:11	Name: _clck Value: 1rsioxd%7C2%7Cfr7%7C0%7C1791
.doubleclick.net/	1970-01-21 10:53:35	Name: IDE Value: AHWqTUlGmVmAs1WG_obOANcBELIf7RH4lBmJMAQt1tB9eDUEiyxMO30EIUdzMQ6X3xU
.openx.net/	1970-01-21 10:03:11	Name: receive-cookie-deprecation Value: 1
.paddyofegans.com/	1970-01-21 10:39:11	Name: __gads Value: ID=dbbe56b4ca227fd8:T=1732655642:RT=1732655642:S=ALNI_MaNvc7n5WPIwW4pE9AbonYAJ01dMQ
.paddyofegans.com/	1970-01-21 10:39:11	Name: __gpi Value: UID=00000f9fbd5dd2c6:T=1732655642:RT=1732655642:S=ALNI_Max6heCYM-rPYz9Sw4K0jkby7EHIA
.adnxs.com/	1970-01-21 10:53:35	Name: receive-cookie-deprecation Value: 1
.rubiconproject.com/	1970-01-21 10:03:11	Name: khaos Value: M3YYFMH3-S-BCSS
.smartadserver.com/	1970-01-21 10:03:11	Name: pbw Value: %24b%3d16999%3b%24o%3d99999
.smartadserver.com/	1970-01-21 10:03:11	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 05:36:47	Name: receive-cookie-deprecation Value: 1
.smartadserver.com/	1970-01-21 01:19:02	Name: sasd Value: %24qc%3D1500047271%3B%24ql%3DHigh%3B%24qpc%3D162-0843%3B%24qt%3D36_1721_129814t%3B%24dma%3D0%3B%24qo%3D3
.smartadserver.com/	1970-01-21 03:25:55	Name: pid Value: 4594752745451248294
.smartadserver.com/	1970-01-21 01:19:02	Name: sasd2 Value: q=%24qc%3D1500047271%3B%24ql%3DHigh%3B%24qpc%3D162-0843%3B%24qt%3D36_1721_129814t%3B%24dma%3D0%3B%24qo%3D3&c=1&l&lo&lt=638682524429534240&o=1
.adnxs.com/	1970-01-21 03:27:11	Name: XANDR_PANID Value: 9Y1ja7v_JJ0nNwkFTYcOCl_b_WAnvvEJNZIBSmraskU9NTfjHw-QQuZ0C6FAZWwAhhWxEJuBrFHBuFxxQyiqYxEk_Pp4uKgG0oYLs1rkLhc.
.adnxs.com/	1970-01-21 03:27:11	Name: uuid2 Value: 2885398955105823811
.outbrain.com/	1970-01-21 03:27:11	Name: obuid Value: 7e1116eb-3016-4a6d-8d6b-f4cc78298608
.adsrvr.org/	1970-01-21 10:03:11	Name: TDID Value: defa4cd9-d6c9-44bb-a46f-4da027977005
.im-apps.net/	1970-01-21 10:53:35	Name: imid_secure Value: pJE_F9IqQzS-2Sbrh6eH4w
.im-apps.net/	1970-01-21 10:53:35	Name: imid_created_secure Value: 1732655643
.agkn.com/	1970-01-21 10:03:11	Name: ab Value: 0001%3ADfxExEYuIKK0MD45t9JKjhmkC%2BlWtCL4
.demdex.net/	1970-01-21 05:36:47	Name: demdex Value: 56804112936701964923229049249343314094
.dpm.demdex.net/	1970-01-21 05:36:47	Name: dpm Value: 56804112936701964923229049249343314094
.eyeota.net/	1970-01-21 10:03:11	Name: mako_uid Value: 1936a52fb7e-2ad0000010e4b47
.eyeota.net/	1970-01-21 01:17:36	Name: SERVERID Value: 19271~DM
.paddyofegans.com/	1970-01-21 01:19:02	Name: _clsk Value: iuwny%7C1732655643534%7C1%7C0%7Ck.clarity.ms%2Fcollect
.paddyofegans.com/	1970-01-21 02:00:47	Name: _pubcid Value: 44dc169e-9f3b-41ad-b511-0017602b9b3b
.paddyofegans.com/	1970-01-21 02:00:47	Name: _pubcid_cst Value: zix7LPQsHA%3D%3D
.rubiconproject.com/	1970-01-21 10:03:11	Name: khaos_p Value: M3YYFMH3-S-BCSS
.rubiconproject.com/	1970-01-21 03:27:11	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 10:39:11	Name: uid Value: 8d80cec9-4bea-4703-af87-5385ec5d496e
.criteo.com/	1970-01-21 10:39:11	Name: receive-cookie-deprecation Value: 1
.casalemedia.com/	1970-01-21 10:03:11	Name: CMID Value: Z0Y6GxdaRF8AABPDDi9buQAA
.casalemedia.com/	1970-01-21 03:27:11	Name: CMPS Value: 5404
.casalemedia.com/	1970-01-21 03:27:11	Name: CMPRO Value: 5404
.kargo.com/	1970-01-21 10:03:11	Name: ktcid Value: 775ec981-ab3e-063c-5d3b-dd6edf9fec5f
.pippio.com/	1970-01-21 10:03:11	Name: did Value: mj33qne_aOOVyIPa
.pippio.com/	1970-01-21 10:03:11	Name: didts Value: 1732655643
.pippio.com/	1970-01-21 02:43:59	Name: nnls Value:
.pippio.com/	1970-01-21 02:43:59	Name: pxrc Value: CAA=
.paddyofegans.com/	1970-01-21 05:36:47	Name: __eoi Value: ID=6f15a1cafde1785c:T=1732655643:RT=1732655643:S=AA-AfjZyN65wLa4AXlJPAfZsmqCi
.smaato.net/	1970-01-21 01:47:50	Name: SCM Value: 0dc2570778
.smaato.net/	1970-01-21 01:47:50	Name: SCMo Value: 0dc2570778
.zemanta.com/	1970-01-21 10:03:11	Name: zuid Value: Chq4UgIyRpGCOen19jXF
.zemanta.com/	1970-01-21 10:03:11	Name: obuid Value: ba3U5O_aydFqWkuD18MSxNXaWIg2RzaNplmBi6TVKRjuKH59JGjAMvI-BCFUJwj8
.adnxs.com/	1970-01-21 03:27:11	Name: icu Value: ChgIjspkEAoYAiACKAIwnPSYugY4AkACSAIQnPSYugYYAQ..
.bing.com/	1970-01-21 10:39:11	Name: MUID Value: 24B3639FCC3A6B7722A776DCCD406AD8
.c.bing.com/	1970-01-21 01:27:40	Name: MR Value: 0
.360yield.com/	1970-01-21 03:27:11	Name: tuuid Value: 4a13c836-2ea5-4fdb-bc1b-e75f099c00a3
.360yield.com/	1970-01-21 03:27:11	Name: tuuid_lu Value: 1732655644
.exelator.com/	1970-01-21 04:10:23	Name: EE Value: "639891e75a947bad7c736d28d87a36d9"
.adfarm1.adition.com/	1970-01-21 03:27:11	Name: UserID1 Value: 7441699326219516272
paddyofegans.com/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1006337%22%3A%7B%22page%22%3A1%7D%7D
.creativecdn.com/	1970-01-21 10:03:11	Name: g Value: AeoQC3CU5sRC12SbgmC2_1732655644140
.creativecdn.com/	1970-01-21 10:03:11	Name: ts Value: 1732655644
.sitescout.com/	1970-01-21 10:03:11	Name: ssi Value: 10174b11-8fd8-4d30-bf58-aab7b208246a#1732655644250
.rlcdn.com/	1970-01-21 10:03:11	Name: rlas3 Value: LyUcse8u75VoUDeAXzPBvq/WN48vWdM5/S9r7c7iYxg=
.rlcdn.com/	1970-01-21 02:43:59	Name: pxrc Value: CJv0mLoGEgUI6AcQABIFCOhHEAASBgiKuisQAQ==
.sitescout.com/	1970-01-21 02:00:47	Name: _ssuma Value: eyI4MSI6MTczMjY1NTY0NDM1OX0
.yahoo.com/	1970-01-21 10:03:33	Name: A3 Value: d=AQABBBw6RmcCEMrj-L-Kebvyl9IUYsL-HkQFEgEBAQGLR2dQZ2ChyyMA_eMAAA&S=AQAAApDs-5bjtxp4hLO0VH5zK9Q
.quantserve.com/	1970-01-21 10:47:50	Name: mc Value: 67463a1c-7eefa-e2ed7-97a4d
.quantserve.com/	1970-01-21 03:27:11	Name: sp Value: CgkIvOwGEgMQ_g0=
.exelator.com/	1970-01-21 04:10:23	Name: ud Value: "eJxrXxzq6XKLQcHM2NLC0jDV3DTR0sQ8KTHFPNnc2CzFyCLFwjwRyLBcXJZatGBpaXFqStKhJRU5JTlNq8viQx3j3Rx9PX0ilzlnFOXnpq4AC4W5Bi02NDZckl%252BUmb7IK2BxUUoaw6KS4lPBJ7dqAgCKJSoN"
.rtbsystem.com/	1970-01-21 01:17:35	Name: ut-112-0 Value: 0F6340B1E547621D3FA1F3403B1D63D802B9978E83125A655CCE3CFAD783D1A94A5A42D76DB079DE70BCF890CA897EA620E2C39FEBEB31352DEF1405A193C830E54EF9C2BC390A8ABE3A2BE5281021AEB601653BDFF5DBD39891C14085AF0D4C
.rtbsystem.com/	1970-01-21 01:17:35	Name: ut-0-112 Value: 02C648C97B1E1C7C956EC4704049170267460F34FE7C2BECB2867B8199E099F0F15CB5D8324E33DE441B03A1B75047D514F698BB3DD822AEDB4A8B7D76AB6095
.analytics.yahoo.com/	1970-01-21 10:03:11	Name: IDSYNC Value: 195n~2m1x
.contextweb.com/	1970-01-21 02:00:47	Name: ccpa Value: 1---
.contextweb.com/	1970-01-21 09:55:59	Name: V Value: jk93B9FwyALU
.contextweb.com/	1970-01-21 09:55:59	Name: VP Value: part_jk93B9FwyALU
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 1696a3f6b9fc30f1
.sharethrough.com/	1970-01-21 02:00:47	Name: stx_user_id Value: ad759dbb-6102-4299-8b46-e7b496bbb442
.mediago.io/	1970-01-21 10:03:11	Name: __mguid_ Value: e94ce74f9ebde26e2ksran00m3yyfnui
.media.net/	1970-01-21 10:03:11	Name: visitor-id Value: 3756572441272791000V10
.ladsp.com/	1970-01-21 01:17:39	Name: cr Value: 1
.ladsp.com/	1970-01-21 10:53:35	Name: smn_uid Value: IeMuY1fjiLGOYJUHJq41UCDgdz4te10
.ladsp.com/	1970-01-21 10:53:35	Name: lum Value: CLmCzNK2MhIFCB4Q0AU
.adentifi.com/	1970-01-21 10:53:35	Name: adtheorent[cuid] Value: cuid_5dd9fdb5-ac3b-11ef-b261-123fb0542741
.exelator.com/	1970-01-21 04:10:23	Name: udo Value: "gAAAAAQAAAYSKLUv%252FWASBaUdAJazvUcAjcwDqaqqEvI6AbGyAAFQTXLTKApp6PQGyAdQM%252BHzPwyBLvo7bnXEk1Qz3oykkCPozi8hFOwwKBZcJOcWgW0BwOJBIXPSUqoAqACsAOvJuykCv3OH3PJaiZpWX5JnqeQmnocBQ5G1VD2e7leRaQJ7uVYhEbX7kXu61rbeWEWOmEKnaPT4keRpHPqZmdJ1ROokX%252Bh5l%252B%252F7bKFxVTvqQeTMPKNOetN6kr6XpqdLGOwT7uzCaDkY3dYlKsN4QkFiwgDya5UAgGCDAks%252FXdiVju89ErBTUlJSdoK9d1eyUTzotkY%252Fs9QqfmkcUqQsDZW9R8jzTEHc0nUsYaZio%252FCTVIekZcmWcq1m%252BVWZNHqK1kJU8hxxcTu%252F4NaLqnC%252F65XjFgVhwrr%252Bif1vfLqt5ejmgYhbucIbd24iJiOKGTDUfB1mOoY7UK8aBFnJO%252BnHMh1LbO0rnmkkbixXtPAbv9oKDQZslZhpv33XjKc9w1SCVFsru59DZO2dnnr1JIEgS8szTcfvmpnSbpbrSHZIKu6dV38W6VCeoN7JEX7SJvwkadACshAhYBkGUAbyYRq5D62rN0sVt%252BDCkxLRbd6JAIlZTkBA3kR9KVQ7sE%252FA%252FGzDqvAhecjO5aRFI8v8cEQJoBcrBZXWzKrTcuHRt5CCqTPja4xgqmjz8VdHBgUP6%252FF9F0nhP0XYKCupYzxQ9ezqhfs8D%252BSEI6OIix9o8XmghaexyGC%252BDyp6%252Bowx9fQNVc%252Fwm436aZYph82EX7NhNyCbCTUoDftPGgzni5r242w4Abu1d4jd7c27ETFLzCLCsk2wKbjOwa1V%252FQGjZjkOjlOdk2W2LlCpbFR2Ze8doLJR4LL3bkBgG9jd7iob%252B8LbfBkM9nTxeSoZg%252BNi3Sjuy9Zf%252BNVpWbLhQm4cCw%252BDwoPPcoB%252BLp%252F1wRyNIT%252BSaqrZ9bZwuQ6VrKLlVH7GLCcen8fyy%252BZhxAxt48IuHu7qs7ePWk52%252FdYl3b9CtbBMMjo7vpMd705aKVnMcsIGTyhwApFBY%252FURQEgImZkZCzTKdvjluEiuL1nv%252BNa3sa8jYf5VyUO0y9p3LCSCQygFA21WBihCKWctg6VRNe7%252BAB0EDu2iGY%252BA6Dr%252BY%252FLBIHGVvLKeHDpAIBpo%252FC3ZEDHwRnwNyHCZnRo0hXut5B4onaXiYPh9bCcpdUCgPMtr5cG5puDV2fxwoOFwLjtVX0BqsKeOk05Ghd0YxsMaSCWRBauOxjYgNhOyqMZiAEMYhCl%252B8zJ6at8y%252Bp0rZA%253D%253D"
.pxl.iqm.com/	1970-01-21 02:00:47	Name: outbrain Value: MTczMzg2NTI0NTA4NA==
.pxl.iqm.com/	1970-01-21 01:39:11	Name: iqm.retarget.uid Value: 1e2e3546-b165-4c73-a76d-cc94efc0370e
.temu.com/	1970-01-21 01:17:37	Name: __cf_bm Value: aEF5xtO5UQ9wxaDqKhflXERqqAUOvNXBz04HDRz.rXc-1732655645-1.0.1.1-H0onwIs8xmG54q6mM4PCAhZLoRWt75VEDDZfJyHWO4c7VSoB6QqIGNcVv_JELdiQ6pAJDeqZ6aILzMPsSrQhIg
sync.srv.stackadapt.com/	1970-01-21 10:03:11	Name: sa-user-id Value: s%3A0-5c249495-7bfa-57e9-5cc9-755216a69690.IxH8hPuMUSGV5lNWxXETTM20Gu3f0EJntfqbZMVKe%2F0
.srv.stackadapt.com/	1970-01-21 10:03:11	Name: sa-user-id Value: s%3A0-5c249495-7bfa-57e9-5cc9-755216a69690.IxH8hPuMUSGV5lNWxXETTM20Gu3f0EJntfqbZMVKe%2F0
sync.srv.stackadapt.com/	1970-01-21 10:03:11	Name: sa-user-id-v2 Value: s%3AXCSUlXv6V-lcyXVSFqaWkJJGydc.tyXD4XT0FPdVxbynbTX9jJHsi5lfYvGsmBAV%2FE8%2Fvuk
.srv.stackadapt.com/	1970-01-21 10:03:11	Name: sa-user-id-v2 Value: s%3AXCSUlXv6V-lcyXVSFqaWkJJGydc.tyXD4XT0FPdVxbynbTX9jJHsi5lfYvGsmBAV%2FE8%2Fvuk
sync.srv.stackadapt.com/	1970-01-21 10:03:11	Name: sa-user-id-v3 Value: s%3AAQAKIKx7mLsGqbWCNr5XzHNe3yO66gfxPOOO6qZOWroNl84mEGcYBCCd9Ji6BjABOgSAOSS3QgTiOCjP.%2BT5PuhDU7h%2BzU2aXUex6z8p7wq%2BGs2wbaO50mVjPZac
.srv.stackadapt.com/	1970-01-21 10:03:11	Name: sa-user-id-v3 Value: s%3AAQAKIKx7mLsGqbWCNr5XzHNe3yO66gfxPOOO6qZOWroNl84mEGcYBCCd9Ji6BjABOgSAOSS3QgTiOCjP.%2BT5PuhDU7h%2BzU2aXUex6z8p7wq%2BGs2wbaO50mVjPZac
.admanmedia.com/	1970-01-21 01:37:42	Name: admtr Value: 81039b2f-f3a5-4084-b5da-baf089a56c6f
.admanmedia.com/	1970-01-21 01:37:42	Name: ac_r Value: CS26
.csync.loopme.me/	1970-01-21 03:30:04	Name: viewer_token Value: 60c7bfb4-fbbd-4905-bd9f-c2d632075354
.c.bing.com/	1970-01-21 10:39:11	Name: SRM_B Value: 24B3639FCC3A6B7722A776DCCD406AD8
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 10:39:11	Name: MUID Value: 24B3639FCC3A6B7722A776DCCD406AD8
.c.clarity.ms/	1970-01-21 01:27:40	Name: MR Value: 0
.c.clarity.ms/	1970-01-21 01:17:36	Name: ANONCHK Value: 0
.criteo.com/	1970-01-21 10:39:11	Name: cto_bundle Value: rP2iV19NZURIZWYlMkYzdkFrVktWeTNLa1NVNnlmSElESTFMTGxPVERERGIzbmwxUmJvWUx0VVJNMHRjJTJCdTRGTVNtSkdLMzFSRUhyb0tSNnNTTkRjdUZCbkNIcnZ3VSUyRkd1Q0tEeFZROWF1Tlk2Um9LdXZaUmZLTjZGS0R2a09lUlNOcjY0RUhoQ2NVMnBZNFhCeG5KdFZZSFlTbXclM0QlM0Q
.paddyofegans.com/	1970-01-21 10:39:44	Name: cto_bundle Value: BWFm9F9SdlVVTTIxQ3E2RDdZNUVYMVU1UTdQMWNSTVg0clpWeXN0RlA2a0xEMFB4RUdnSUhqREslMkZYVGpieTBpalhlR2R0YzhJUWNBQ2xMV0ZzcUJOYjJidENSdlpEUk5xYlU5RHg4bWRyWmwxMnV0d2NxUERNbUUzOE1GSWh0MjVYUCUyRkdmV0RiWTdTaml2cTB3JTJCOU9RV21PcVElM0QlM0Q
.paddyofegans.com/	1970-01-21 10:39:44	Name: cto_bidid Value: P6QloF9KMmRWNEh5MGUzOUVRcUJpWEo3bDBKRjdVMWNXS1VPb0JmQUN1TyUyRjJsTG8lMkZ4QWJ3c2U5JTJCd2NhN2VwY0REYUZudW9rYlkya1laZFRYcU9VMm9CbjBSeHZHaFBzb29rY24lMkZ3MjRITTJoMnpwNVppRmlENHJhVzdjOE1pVTdWUVpE
.bidr.io/	1970-01-21 10:46:05	Name: bito Value: AAJaFE7OjHQAABYCouWpiA
.bidr.io/	1970-01-21 10:46:05	Name: bitoIsSecure Value: ok
.adform.net/	1970-01-21 02:00:47	Name: C Value: 1
.adform.net/	1970-01-21 02:43:59	Name: uid Value: 1272385036004987266
.contextweb.com/	1970-01-21 10:03:11	Name: pb_rtb_ev Value: 3-1uzs\|7GB.0.1\|8jE.0.1
.contextweb.com/	1970-01-21 10:03:11	Name: pb_rtb_ev_part Value: 3-1uzs\|7GB.0.1\|8jE.0.1
.adsrvr.org/	1970-01-21 10:03:11	Name: TDCPM Value: CAESFgoHcnViaWNvbhILCIaKjb6pmsc9EAUYBSACKAIyCwjUseTEv5rHPRAFOAE.
.smartadserver.com/	1970-01-21 03:27:11	Name: csync Value: 22:1272385036004987266\|92:jk93B9FwyALU
.tapad.com/	1970-01-21 02:43:59	Name: TapAd_TS Value: 1732655647822
.tapad.com/	1970-01-21 02:43:59	Name: TapAd_DID Value: b308980a-e032-45b3-8956-6222d2f3e6e3
.linkedin.com/	1970-01-21 10:03:11	Name: bcookie Value: "v=2&77a7da63-26a1-4171-8a00-e5c5faaef59c"
.linkedin.com/	1970-01-21 01:19:02	Name: lidc Value: "b=VGST04:s=V:r=V:a=V:p=V:g=3395:u=1:x=1:i=1732655647:t=1732742047:v=2:sig=AQEbwkMvk4yWrne3ZF1va15495pd74eH"
.tapad.com/	1970-01-21 02:43:59	Name: TapAd_3WAY_SYNCS Value:
.rubiconproject.com/	1970-01-21 10:03:11	Name: audit_p Value: 1\|WD0cx+9RTMLdxawLT5xK3dQsTMtKIwatCHeurum2pjKmrQqLaAw352/Oio59GgTuvXbgdwJeoVfggJ3pD4CYmwAJUqDOzhHS+WbVps3Kg00JrHenJgWdLQ==
.rubiconproject.com/	1970-01-21 10:03:11	Name: audit Value: 1\|WD0cx+9RTMLdxawLT5xK3dQsTMtKIwatCHeurum2pjKmrQqLaAw352/Oio59GgTuvXbgdwJeoVfggJ3pD4CYmwAJUqDOzhHS+WbVps3Kg00JrHenJgWdLQ==
.amazon-adsystem.com/	1970-01-21 06:30:04	Name: ad-id Value: A87xV7AufUmihaAsJQDTm9E\|t
.ipredictive.com/	1970-01-21 10:03:11	Name: cu Value: b5d168f8-e4d7-4ccc-9166-5bba69d44c55\|1732655648087

33 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://paddyofegans.com/ Message: Access to font at 'https://www.viva.co.id/asset-viva/responsive-web/fonts/barlow/7cHqv4kjgoGqM7E3j-ws51os.woff2?v=2.85' from origin 'https://paddyofegans.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.viva.co.id/asset-viva/responsive-web/fonts/barlow/7cHqv4kjgoGqM7E3j-ws51os.woff2?v=2.85 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://paddyofegans.com/ Message: Access to font at 'https://www.viva.co.id/asset-viva/responsive-web/fonts/barlow/7cHqv4kjgoGqM7E3t-4s51os.woff2?v=2.85' from origin 'https://paddyofegans.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.viva.co.id/asset-viva/responsive-web/fonts/barlow/7cHqv4kjgoGqM7E3t-4s51os.woff2?v=2.85 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://paddyofegans.com/ Message: Access to font at 'https://www.viva.co.id/asset-viva/responsive-web/fonts/barlow/7cHqv4kjgoGqM7E3_-gs51os.woff2?v=2.85' from origin 'https://paddyofegans.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.viva.co.id/asset-viva/responsive-web/fonts/barlow/7cHqv4kjgoGqM7E3_-gs51os.woff2?v=2.85 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://paddyofegans.com/ Message: Access to font at 'https://www.viva.co.id/asset-viva/responsive-web/fonts/awesome5/fa-solid-900.woff2' from origin 'https://paddyofegans.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.viva.co.id/asset-viva/responsive-web/fonts/awesome5/fa-solid-900.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://paddyofegans.com/ Message: Access to font at 'https://www.viva.co.id/asset-viva/responsive-web/fonts/awesome5/fa-solid-900.woff' from origin 'https://paddyofegans.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.viva.co.id/asset-viva/responsive-web/fonts/awesome5/fa-solid-900.woff Message: Failed to load resource: net::ERR_FAILED
security	warning	URL: https://delivery.r2b2.io/js/7.24.0/online/public/bundle.6b7b9433e47f9a4bfe93.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript	error	URL: https://paddyofegans.com/ Message: Access to font at 'https://www.viva.co.id/asset-viva/responsive-web/fonts/awesome5/fa-solid-900.ttf' from origin 'https://paddyofegans.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.viva.co.id/asset-viva/responsive-web/fonts/awesome5/fa-solid-900.ttf Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://mweb-hb.presage.io/api/header-bidding-request Message: Failed to load resource: the server responded with a status of 400 ()
security	warning	URL: https://rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/grumi-ip.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/grumi-ip.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/grumi-ip.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/grumi-ip.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/grumi-ip.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/grumi-ip.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://cengineapi.contextads.live/client?url=https%3A%2F%2Fpaddyofegans.com%2F&device=desktop&product=cads Message: Failed to load resource: the server responded with a status of 406 ()
security	warning	URL: https://rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/grumi-ip.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/grumi-ip.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/grumi-ip.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
rendering	warning	URL: https://paddyofegans.com/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0E01C001C3A0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
security	warning	URL: https://rumcdn.geoedge.be/67ce64f4-66b0-4b66-b891-5a288dd77eb0/grumi-ip.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://paddyofegans.com/favicon-32x32.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://paddyofegans.com/favicon-16x16.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://paddyofegans.com/favicon-48x48.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://paddyofegans.com/favicon-96x96.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://paddyofegans.com/favicon-144x144.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://paddyofegans.com/favicon-192x192.png Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://paddyofegans.com/ Message: The resource https://i4.ytimg.com/vi/3DOGTFjTGFg/hqdefault.jpg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0149f852a20148c48665bbfb5d8cb3f1.safeframe.googlesyndication.com
022d54c880901c78833bc7e5a486d0b8.safeframe.googlesyndication.com
0895f0aa2c467178304330755a52a8b5.safeframe.googlesyndication.com
124e66e75d2bbd3ab7884a0aaef82fd2.safeframe.googlesyndication.com
258900d3f0256004d783bfc403da5710.safeframe.googlesyndication.com
488e4f192ad925b4a575ad2fc52cc3d3.safeframe.googlesyndication.com
523d35f3b6d84a8f23c17db7b4f92b4b.safeframe.googlesyndication.com
711849abfba5b159000eb2dbe19c976f.safeframe.googlesyndication.com
79c873eb841a3c001651f4050b696596.safeframe.googlesyndication.com
8eae539367dce3dd3a72a46447c5a1ba.safeframe.googlesyndication.com
a298434c674fa411777e4938d023c5f6.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
accounts.tokopedia.com
acdn.adnxs.com
adasia-d.openx.net
ads.pubmatic.com
advertnative.com
ajax.googleapis.com
anymind360.com
api-rengine-stg.viva.id
api.popin.cc
bh.contextweb.com
bidder.criteo.com
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
c.mgid.com
c1.adform.net
c3b1732374ca94e347ee8dc574bf7695.safeframe.googlesyndication.com
cdn.contextads.live
cdn.izooto.com
cdn.jsdelivr.net
cdn.mgid.com
cdn.prod.uidapi.com
cdn.taboola.com
ced-ns.sascdn.com
ced.sascdn.com
cengineapi.contextads.live
click.advertnative.com
config.aps.amazon-adsystem.com
cpt.geniee.jp
creative-p.undertone.com
cs.admanmedia.com
data-rengine.viva.co.id
delivery.r2b2.io
dis.criteo.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fzgrpqktmq.com
genieeintl-d.openx.net
geo.dailymotion.com
grid-bidder.criteo.com
gum.criteo.com
hb.360yield.com
hb.adscale.de
i.postimg.cc
i4.ytimg.com
ib.adnxs.com
js.adscale.de
js.content-rec.com
jsc.mgid.com
k.clarity.ms
log.outbrainimg.com
match.adsrvr.org
match.prod.bidr.io
mcdp-wndc1.outbrain.com
micro.rubiconproject.com
ms-cookie-sync.presage.io
mug.criteo.com
mv.outbrain.com
mweb-hb.presage.io
onetag-sys.com
openbid.pubmatic.com
pa.openx.net
paddyofegans.com
pagead2.googlesyndication.com
pbjs.e-planning.net
pebed.dm-event.net
prebid-eu.creativecdn.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.ad.smaato.net
prg-apac.smartadserver.com
r2b2-apac.adnxs.com
rtb-csync.smartadserver.com
rtb.openx.net
rumcdn.geoedge.be
scripts.jixie.media
secure.adnxs.com
securepubads.g.doubleclick.net
servicer.mgid.com
shb.richaudience.com
sso.thevivanetworks.com
ssp-sync.criteo.com
static.criteo.net
sync-tm.everesttech.net
sync.adotmob.com
sync.richaudience.com
sync6.im-apps.net
tcheck.outbrainimg.com
td.doubleclick.net
tokojelly.xyz
topics.authorizedvault.com
track.us.org
traid.jixie.io
widget-pixels.outbrain.com
widgets.outbrain.com
www.clarity.ms
www.google.com
www.viva.co.id
www18.smartadserver.com
x.bidswitch.net
yads.c.yimg.jp
aax-eu.amazon-adsystem.com
ads.pubmatic.com
cdn.contextads.live
ep1.adtrafficquality.google
ep2.adtrafficquality.google
hb.adscale.de
paddyofegans.com
pagead2.googlesyndication.com
prebid-eu.creativecdn.com
r2b2-apac.adnxs.com
sync.richaudience.com
traid.jixie.io
www.google.com
www.viva.co.id
103.253.24.61
103.43.90.149
103.43.90.179
104.19.129.76
104.238.220.6
119.63.193.220
13.200.1.252
13.249.153.39
131.153.206.100
131.153.206.102
133.186.12.49
139.99.126.163
139.99.126.164
142.250.196.130
142.250.196.98
142.251.42.196
15.168.174.130
151.101.1.55
151.101.129.44
151.101.195.52
151.101.3.52
151.101.65.108
151.101.66.132
151.101.66.49
163.181.129.201
172.175.38.6
172.179.183.128
172.67.135.246
172.67.140.193
172.67.189.45
172.67.21.210
172.67.68.240
18.65.100.35
18.65.154.135
182.161.74.11
182.161.74.16
182.22.16.251
184.27.209.254
185.184.8.90
185.59.208.177
185.84.60.20
188.65.124.59
192.229.237.180
207.65.34.79
23.106.127.161
23.106.127.34
23.106.50.39
23.2.37.82
23.32.224.239
23.32.225.140
23.33.32.129
23.51.131.10
23.52.168.23
2404:6800:4004:80c::2001
2404:6800:4004:820::200e
2404:6800:4004:822::200a
2404:6800:4004:823::2002
2404:6800:4004:825::2001
2406:2600:4::1
2406:2600:4::12
2406:2600:4::2c
2406:2600:4::b
2406:2600:4::c
2600:140b:400::172d:33d9
2600:9000:2047:9400:1:420f:ab00:93a1
2600:9000:2047:a800:10:b8e:a980:93a1
2600:9000:2218:a600:4:b37b:9440:93a1
2600:9000:221d:9800:f:4f64:8940:93a1
2600:9000:26a9:6c00:a:e047:754:f4a1
2606:4700::6810:8041
2606:4700::6810:ff40
2620:1ec:bdf::46
2620:1ec:c11::237
2a02:6ea0:d300::33
2a04:4e42:200::485
3.163.218.21
34.1.195.200
34.36.214.49
34.98.64.218
35.156.62.221
35.213.7.90
35.227.252.103
35.71.131.137
43.129.34.52
45.137.176.88
46.4.218.122
51.79.154.29
52.196.7.28
52.231.230.148
54.249.189.79
64.120.110.137
65.0.226.243
69.173.158.65
69.173.158.92
74.214.196.131
80.77.87.161
01bd8dcd3f61f1438b9ba8f843becef83654f348f8b8ac1615afafdedf9c6a40
045838b85586d86b92e5fc283b5860f674ea570dd820d1298f3b6fc3b1d21415
061f5690b7e72017c3d342e199fe828105e68dc1e358ed13bb704a9121b5fc7a
0690cdb8cabe8c505724d88b23d74064a3e7032dfae6fb8f5f748a91813c08b0
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06f4b9aed040f5fced1d658a8f4dec96ed90424558ff433c169b583aca0a9c9b
083c6b672b316f3a046bde98a0c176f0cb3584534b3e74904cb32b0ca1f226df
0bd7e38fa131eefd39c6cde5d57033885ea634641cac32ee964fb56eeb3fc636
0e139380dd2c09212a6030d38c32a2fb679c3203181052241e25fa34513d1899
0e40fbdfb7a492514bea027d03dcf78a40d3dea6500413a79aa85df804aa549c
0e52f4ec0cf643b8c59da7d18ac189447d5c5eb1e127dcf0fca48f2ede840db3
0edb44addee932f385b574cbb74236e48f5132344f6ff73a6961ed78390aea08
119b8cfd9e92a16c0010266291c977994af672c7aa80ed2c4a33c0e1e8848585
1431dd7ff023b4fa93cb835f91e3adfe780e5c1bdcfaf984a73f6c1a9c9e8389
18dc789f2bad7f30369899fd861232ba5cefe0e97d9851bac4dfa4f930dfdf4a
195f79d24a870e61cf1a315744117e31656cd898bcaa3392d80cd72b449af656
197e9bb0f9f3a4ffd839cd317a7069237f2063571dc5555a169683422b04f25d
19a2c3304531b50550fa9626f5387557cb2c8b6014eba624ef22e485416280ce
1b8e6dbb3d4656f18c5b50c7da8f863ce8677bcf66ef7e4032178e4f90c603a9
1cd9396d5168a107731760e10db796f6a7aa3d24ca386e6895cbdac7abf052cf
1d8d74554f2f341a5e947319730a585096a9ca40f9bb1061b75dcf2c5c3385fe
1e84ea1595ae336d42aa95123c16585099b126008768a993d1b48aba91b5c891
1ed30a08f678fc876f1768744378a70ffa5d63100a3177428a1c6d5c9ef172f6
1f04d2504027f2dc825a14e606e9b4b6edf012bf94b4bd18f43aedf209b57d50
1fb6b8cd8d1e887bd714862d4711d08bf8a280ce06414cfab848bbadf4cd1f5e
1fef9ba15f338c524b74e773f3b7fd4fde6635f7041582b911d0aaf25f13309a
23a7a772f258be3aec21ea1617a951c1f8a8867c69f446740826d0f6709b2129
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26ba9e82aa0e5f921153ece4fdb4ac3dda4d14e5583af7d694b35c7fef5d5c9d
273057259a519b357ba80d39e6d9494c10a6e34fa2f32521027632311cd1c32d
2aeabedf81a09caa32835518eef0cad17d2e8e3ac58e1898e72b665cd1c371c8
2af13d01e84f02dbf639ade1e6fe16464763b30660aadb5d89525cd3066c8546
2e6f61b601048c47236663abddd0117acc51b91b7796e8de4dc0e6cc423418bb
2ebed5842b2d65b31b69a4176986f54c7997f20f902134a5dc4ea29ef4dcdc82
30116cde2669653a67274caf3afa4717fa7074aa6c8b9db7f4048723f98f2b38
326d3ca73f150a2ffc51fef708885bd7198bd9120d3690ed38544da7b023bd7d
331b630c02c679387d8ad27d215690e546ce696be367b6b0c386a9c2e6285c7a
3635f7f326b9ba59aa28a435a0845e6e2a2e93578aae6c2abf454e0096004b73
36fbee1e12169a5af2b7d16da2cd8af67339ba34f7e6db358e2328b13e2ce102
3723dbd5db50ef5b2304a07b2012f7af1259d813f30c29714ef6fe4781e7a531
3899e9e56c442324cd90be0bb8db62ec0ef2e8e853de8518e63186a3822ff28d
3b6365915c2f81b09abd7b3749f5e61e3d65451800201413827014728932ffc9
3bf4f940a69cf7d1af0797f0371ddae937a8274190b22ebe165f0f7223b0e670
3c958c27c30ca5cb798719c52355a13ea7abcac9bc3b4d6f20fcdb8841eae4da
3d2606c09d798d3b7a1582e079804e4e5488fbb14d4e312664a1adcfebd112e8
42320209450988feacdafe4ae776d99717419eb11a69133e90b7b8caf6bda121
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47d6cf8be68847551bef6fec32605b0cd9bb296c0cdf282c6580b63fcba77154
4810b8d81284695b488aa86277d3e08f3e4ef1f920a516beb2e768843f707162
49821ff86d7c7a501316e75f5d7b1a0247d2dba9fc209a9221451d784bce7f19
4a2bfab16edf4d89800782d6414b98e4d71260d3b39d352586e551dc8f708a3f
4c25763c777e259235f4e23bd621cc39dedc55faaeba4444f7d7711cc9da36a2
4c42526f8a9ad1fd7555b693e73b0e257d10244f41fa34303b47db3c5d8ef8d9
4c442a2bcf874e0fc722993b45bb631e51ea585307748d4adacaea630631202e
4dd9a4397ee301f4bf6edf04482a581c583536b2d1fa82dc70600598b4755f10
4e16f5fa2706f39dfa3fe3cb1a85e0a763d1f8a14515a7a84e99f915fe404954
4f6ee0f7bf816084278b1799fbf5a1916cc3054785ea76d7e8c2dde88db44c0e
52186228098ee37f0a8c59ae4fc724901f8caca245e9622610e317e4b019457a
52aba0a0ae3870e9dfb83eb4017c1b2eaa853dea094e9961cb99d0e1a188bc2e
52f5eba066acb06ee1fcc174c92f6b0e0e2fbf04fcfc6272c8d50ade7e92e8ec
5608e528fba224b2aac12b4533d56f744555d9d1cf044a3ab0453edd332c11fe
5646e62d6808b7325b68722ba8bc9c8b31684ff4929e920a1f4b7b8b6658f66c
57791b16a202f661684de6f2653dcdbc564caa178d9bfcc3d8555118b6269760
579735b18b6f2fb2876b8504462522781b75dc81473c46dc58a6d469efbaca0a
579d84eefe1448dd6eb43d22fd3a8ee54aa21867c1f7604d08bef1251e4a568f
5b5c8da3805d9d11c3d3c7bfe3aa7906285fdb7ef1a7f18a11ed5953e6baa66a
5cd78e7d225f3516a3530ef8044df661d4431d9990b3f53d579005a4afb217e9
5d7be6f59fe99ff493b48c1ff9bb7cad6d8d13b5abf62a009e8f08fb07ad45d2
5e26deda781c7f90d076ae7dd7224f198fbaa638a8558351d16998cf8d19c026
5edf849f5f1cec616ec21c058bf501b3287185ccfe4375a35649763d371c7812
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6140a514714dc6a999613e4083bdab165775b52a39e8ad800f0129e536a8d160
61ee5fef28d2e392ccbacd1a2f0f3a3f54b898e024c234ddbd35d0a0045c51dd
62991453b120bf813af5fb5480859bd77cf3c8b5a3aa1b69b94c45bf418954b8
62e9a2d90981412507e62bb2d22400a41d76d187fbc81f702f9bed24fa77922d
63ce28a6a9a33b78c0e3f5ec191fff6314038d1c49889d67ee3018bcd64b8d97
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
679200d4f85b43c2bb416009d7af328f911bf6f55ec077baea8c2a5e7fb166bf
6a055f0efa5fff6c762484d52fe1774db8b5a963c750220a233d3a6c75f84224
708a8077fa186892d91cc20cbe1a979c625ffebbd354e37b1df612dd23664ebd
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
71fd4cf6fa2ca8cdb38b91a10abb4d45a4dc5f91c56f0cb3d670ccc5b1e7bd44
73c9826149fbc179a44b956c2786961340734aa6cdc1dc3c160d342c17cdc0bf
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7461269a772933886deeb7f2681d2a50e870cdd52ee7631bbab897db3438ecdd
7527ca0fcdbd5330c52837734fa79bd8e0638ea08d83f6ee980badba9571c1ae
76098890aa9c07f04a65c8b8611cfc2abafde4a13d11d76d8cc8bd38d592e816
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7a9ce12caa7711c118b895afea409ac2364c1bbebbac564aad00c0888021f9a8
7b2452d9d547bc1cd220699aff6b3e050e5b9d3b6e4d3e28ce9f020c8098ee82
7d86937a158a8feae1eb3e3a71f66e16c245f74467b765464b1b782a290687f7
808017caa663b06be775557aa150a78f82c5570d5ad682c4fd6fd9fdfcb7c67f
8167d5ab20163d258f8898f332c1bb28b4e18a5166ce57fbf955e725dd37439d
821c1c64f99ec314ce0d4b557ce5b2465f44d4f2798e64af7908a17d49b86c64
836609f7382201c8ab41d229e67f5c1c911576caa23017e9fa441a2724152896
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
85fc9d5de7a76ff51e5561182705a1896af5a561fb3b99dfe2f3ceda7707d125
8600f274e0ea725ea9cd1b51edc978fff752395a800a00138cc4eb1eed295164
89b4a8e04bfd713dbc1390064d3c144b049aa454d8263481d05651e4951ca25b
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a05260a66955e8bf718069b2618e4c533932f99f42360140bb785d1c8dfaa2f
8b33ba930beeefa30ecceffb521fc61d48d6f533d2004415195eab682dc07050
8b64d0e7aba46a94cfe25ce238945742d8bca02db181f2b29cb89b950fe30669
8e3242e4d38c7e2679cb0b2c107a03be5bcaefbc6a12df662d9cda1e182600dc
8eb8d561b2af70e27b34fc94cfdf0bd734ac464fd245267c305c75d5dcbc2c1d
8ef03aa2821420856419cdecde8ffd2a6e1b78e6a16b3009bae7b9b64079d15d
8f8c21b41a2752e07384e694c93706a81775d53ba0033fcb35545f396cc37add
8f9fb965aba36fce47193b875d52483910dcc233aba8d80fe873779aaa458de5
918ab98299ed3e657af5f5d5d625f8480d1592ae2bc9d05bc623c5dc27332411
920a7c4de2e2bbb157365aaa62c4e6c170b503bf960ca46eabc28ac93bb37256
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
94ded7db412385b9e12b1943ce44b491961c6594db3e77e484f52ae8e040a44d
95916e3c376c55b7d1540b54af0e8cd45d764de4a50a3993687e268b0a0c69d4
97b23944412235f5fed2e7054f35851203cccdc9438c37de62845ce8a582efbd
997b4c667a087650b5d478cced3909e5ff2447d46e8a1c44cb41d6cb95c7502e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99f94b5e179c32e6a375c7df32c224fad6786034ca17f29c276e17ec21a55668
9d0d7fb17d15de0f1660c969421465f9274e3de25f31947fd5a82811666e04fd
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a571605e34597742b2e316f4d25828053eb2e841413ba6cf8ae58a487b692c7d
a67d9e9e9338d73bd1575e3f219948a095b8b97fb3554311b28653b01f889afb
a89306d44791afa482b05eca81136304a9b63e0b2be0967b2cda0a3f64af5df0
a9b0999f439d6fc07e37171f45a1cef5a75c419dcfcc28321ec6f2ce12011b07
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
acbb301b1aa6571b9833e81a8cb088797d66155893ce02093f751f345d956206
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
af005746e99b6b5e3721759fc55588fddcb000a054990ad799ea309adffa5a04
af1c96930872ef7bd98415af1b1871b85d99688893990adb4be584af0f72af6c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b21ff791cd4707c26603327e2c2467b38ef48bf0af02c9d92730908c9a7dcde4
b36cbc26fff216753d23ddb64c13cc99dcd0aadf165faac09185ffe97964c345
b3df88dd1ca48b06286060417c08940fad65cfd74d3720221d7635537c701605
b449bbf84168dd9d957e44708e79703e21d9cf8bda1333169a6d7eb8525f609a
b51348dd72cd443ce9226af2878a89ded9ccef65b28e0221a8e26af937ef2724
b5243d74b256db276e67b1c4b152af430f1f235c248c71a9c781858676174712
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b7b2adf8cd9d70a6c1264232c5ecb7ea9d2a989e38834481c364fd91869dd968
b7c7ee513f1f4e3f302811198a415bd2c3db3526892c5fbeb75eb1b3ef477004
b8d673259d0bfc678aacef4e63f8ea06ec4b8694faa22927ec51e4a79ee5976c
b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062
b9fa211ae08032eed28cc81798fcdb9ea315f57c827b8e7e003bb7843157bb3a
bde4c886e89be6e665305b4d83f2932800ce6889429166c6c38cae3da651292d
bdf60e2359d50891838d3415e1f67c9ad5a8456bc653c5685eb25d9f83df8430
be2538b4cc7a24872e2d4b15b4e0848f03bef80066ea8ca278ebe7b21aac48e0
be3ce27aecff1097ed5af3844c9d06af60eeea861645a2b5a06a88d2d76133ee
bed8d5f6ff0c7dd595b50e0d158e24b9920ca10b1744d15bdcf28688a8b00646
bf8cfa06c78d1b9b145322f73be40e48199dc5dbf391e4d55a8c267a4f13b4b3
c290582c983f1ef5467109295dc614860386964d58698efeed84a33b9159ab26
c2b215356659df270766ba263e9009d9dbbccf6da53a9ae645b40e15f66c6aaa
c2cc8efbcd5a3597dde376a162b5cfed0d3fe5b35d36c0b004289245872bdf61
c42635bf22941628df3170bcd65c32130a2e57a3d0e236902f43150f15edfb1e
c48b3ea62716a485b054d83771276f69dfab80d53009dd347d9b49f2e4b7ae65
c4f8c51ea1251511dd5eb30a5f491759ee90968ac38eac3f59dcdb5620f5e60a
c523ad1b1cc5f13be226e0075e7b98bc719d85314aa1e9e5ad843dfc4b96bb3b
c898e6c17b6d36c822386603c83c4f6cb56481fdbaee31d9edfc34a70df6c06c
c8cd0945166d683e390b543c8c5c8ecce33f7119ff5835bc2446b36bd10b74a6
cc050811a0094195e8e37f5bc2c15573d781be915efc38919a78c8d83caecb58
cc572e35bf38de1f32a49b3c7037db837c19a9f8649fb9de3fe9c96a5a76009e
cde8b6a5f5fb1895f68d6fcc846070360a5ee4c391ed0d2c8696c9ff795d9c57
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff4b7b64f17b817c98df04b453c976d45b5c0d14a6f13665c526eda2346d017
d00ab33f6c576c5e36dbb9b17b106daecfc4968dd26bfc5de61ae48f52765158
d1a435737d207bb8a6286f7cc55eeaee8268ac83b3b94e3b3c5115b0952ac8e6
d28f242b8e512a757c7b579119f3ad6eca1af24f013dfb6b9887f9af8dcd897d
d489b05b1b921c5843ee5c59ca5e49cf9e9a4a551f3b89db68e5c3e80437b878
d50241eb01f1a558d4291b0a3b576a2904fe8f6add1599a4c9172ab8897c1033
d5e62fff7eaf370fbed188432f6ea7cfb63ca0ee68a91a7ee86c8befc180c77b
d65426fa7754d57f738550542301db572a825d92eb264e9c1c9a85b40df2d468
d68741fa7391792ece329749d6a2f2621a22e6cd5d32a35995ddb2839cb2793b
d8a8b2593298285e71e198536b28ae3dd80ff119782a10a6f5bc9c98f6a90cd3
db787c2c73ad2f3be8bffc511bae84670c56adf3dfed13bd33c3a03624b365bc
dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044
dd0c6bfc24e3ae1b4757c1d7b1cdaaef4e185f771279983524fa5d5a65579cc7
e147a75b08439cda03886851d5de1d5b5d7163b13ae8f638697f2dc4489cf572
e29dcde844b6d66ec6151e53486a87d44d82c819bbc43c178ad08a34eb1e1b92
e2cb916303431f6fca1769b804ef807d6dbf0bc63b4f4117ccc538d77c78a5ea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44c51c44d98e56e70bfdd2a2a9fe73171015812ac7cdb4ce599b66f92b8fde1
e504f36e9c0aa264956f6d46e49fc7a6ed7f118529e286412f13a9a4225c0c87
e579cdf4d7652ca013120fa529cea04864bb4e0d120afb716a5fa6fb3ef01517
e5fdf55811d35f693f9b36cb154943ebed52a607dba3e47b7841092d3c2ac92a
e662e79fe56f239788e49aee2a9804b11f57cace615943dc6953edeee1d2f2d2
e8a1366618012b338623a64297e330fc920a50c59d17776758341ed9e52f13b3
eab9b5898ef60613d8c1ad893d2e8f58083910374eaa2462f0a1c146fa250cb0
eb8a18c337c3710d459aef28c0d4942069eab765bf4fe8e5f0e3a8a9530c97fc
efd34c830d1191562765ac8319c6b20522b276dbe4d01cf9570d2fed97358ef2
f1f249590152335f7f5b5985558d6093e27624bb3198b0ef712294c89306ddd4
f42f8bb439bceb4ef395118f2d81a8cf454fdd013fac6f187ec3ea5f9c70943f
f50921b4bb2395bd54fead36e59b0178fa9a670908b62d0dd6c42e93ccd817b8
f74b05e616a39a7b047b9961fd961f79502cca71d36ded5e12e4d29e60f9287f
f7762cdba021a747f751b3e765df1828eebbaa96b5c7fd6b950bd39ee582c363
faf6f9c8ccfc463d9808bda5efb26ece37498c3cd0a73f737883c23646fdd0ce
fb7907cec135f0e9ec513cdb19f31a581752984e0eb2166150b5f23ea10fe835
fb797f6a1bf5afea405b836d26ed891f66331cd929db748fd6590f31c9646a27
fbf0af2030686af9c2b66c8db72742c57530aae9b91b7ae8e3700a24e32578b0
fcd770e2cb9546ed1ab2b570a67ce45ba388bee12ab2f031c1824353cbefd3e1
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

paddyofegans.com Open in urlscan Pro 15.168.174.130 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

462 Requests

88 %HTTPS

23 %IPv6

66 Domains

117 Subdomains

89 IPs

13 Countries

3431 kBTransfer

15933 kBSize

121 Cookies

15 Outgoing links

Redirected requests

462 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

paddyofegans.com Open in urlscan Pro
15.168.174.130 Public Scan

Screenshot
Live screenshot

Full Image

462
Requests

88 %
HTTPS

23 %
IPv6

66
Domains

117
Subdomains

89
IPs

13
Countries

3431 kB
Transfer

15933 kB
Size

121
Cookies

462 HTTP transactions
0 data transactions