urlscan.io logo urlscan.io
SecurityTrails logo

pastelink.net Open in urlscan Pro
89.35.29.15  Public Scan

Go To Rescan Add Verdict Report
URL: https://pastelink.net/o3zyl3g7
Submission: On February 28 via manual from RU — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 77 IPs in 10 countries across 104 domains to perform 409 HTTP transactions. The main IP is 89.35.29.15, located in London, United Kingdom and belongs to BANDWIDTH-AS, GB. The main domain is pastelink.net. The Cisco Umbrella rank of the primary domain is 128169.
TLS certificate: Issued by R3 on January 31st 2023. Valid for: 3 months.
This is the only time pastelink.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 89.35.29.15 25369 (BANDWIDTH-AS)
2 2404:6800:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 2606:4700:303... 13335 (CLOUDFLAR...)
2 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
4 2404:6800:400... 15169 (GOOGLE)
1 208.95.112.2 53334 (TUT-AS)
23 2404:6800:400... 15169 (GOOGLE)
4 2404:6800:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
14 13.250.192.86 16509 (AMAZON-02)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 54.64.5.129 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 185.106.140.18 7979 (SERVERS-COM)
1 145.40.73.4 54825 (PACKET)
4 8 104.254.148.251 29990 (ASN-APPNEX)
11 18.159.227.187 16509 (AMAZON-02)
3 203.195.121.141 7979 (SERVERS-COM)
2 2404:6800:400... 15169 (GOOGLE)
36 2404:6800:400... 15169 (GOOGLE)
5 2404:6800:400... 15169 (GOOGLE)
21 2404:6800:400... 15169 (GOOGLE)
4 2406:2600:4::13 55569 (CRITEO-AS...)
4 2406:2600:7:1... 55569 (CRITEO-AS...)
3 2406:2000:e4:... 56173 (YAHOO-SG3...)
3 52.220.128.212 16509 (AMAZON-02)
14 37 52.74.162.2 16509 (AMAZON-02)
11 2406:2000:98:... 38032 (YAHOO-HK2...)
24 2406:2600:7:1... 55569 (CRITEO-AS...)
4 182.161.73.132 55569 (CRITEO-AS...)
3 74.125.24.149 15169 (GOOGLE)
6 2406:2600:7:1... 55569 (CRITEO-AS...)
6 172.253.118.155 15169 (GOOGLE)
3 2404:6800:400... 15169 (GOOGLE)
1 1 2406:2600:7:1... 55569 (CRITEO-AS...)
1 3 182.161.73.146 55569 (CRITEO-AS...)
1 2 185.184.8.90 204995 (RTB-HOUSE...)
1 11 2406:da18:929... 16509 (AMAZON-02)
2 2 2620:116:800e... 16509 (AMAZON-02)
7 7 35.213.12.39 15169 (GOOGLE)
2 2 124.146.215.50 2514 (INFOSPHER...)
4 4 103.229.206.240 30419 (MEDIAMATH...)
1 52.221.14.40 16509 (AMAZON-02)
11 12 74.125.24.154 15169 (GOOGLE)
1 2 2620:1ec:c11:... 8068 (MICROSOFT...)
8 8 52.223.40.198 16509 (AMAZON-02)
5 10 103.231.98.197 62713 (AS-PUBMATIC)
7 14 103.231.98.194 62713 (AS-PUBMATIC)
1 2 67.199.150.85 62713 (AS-PUBMATIC)
4 18 139.5.84.243 27381 (CASALE-MEDIA)
2 5 185.84.60.29 198622 (ADFORM)
7 9 35.71.178.8 16509 (AMAZON-02)
4 4 63.251.14.14 14744 (INTERNAP-...)
4 4 35.244.159.8 15169 (GOOGLE)
2 2 69.173.158.64 26667 (RUBICONPR...)
2 2 52.220.85.221 16509 (AMAZON-02)
2 8 184.51.136.24 16625 (AKAMAI-AS)
2 2 52.220.243.118 16509 (AMAZON-02)
6 184.51.241.105 16625 (AKAMAI-AS)
1 2 52.46.130.91 ()
3 3 2001:df2:a300... 6336 (TURN-US-ASN)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 1 104.254.150.241 ()
2 2 13.115.235.137 16509 (AMAZON-02)
2 2 151.101.130.49 54113 (FASTLY)
2 3 34.124.209.251 396982 (GOOGLE-CL...)
1 96.17.189.202 16625 (AKAMAI-AS)
1 2600:9000:21e... 16509 (AMAZON-02)
2 2600:1f18:e8a... ()
5 66.225.223.95 ()
1 199.232.46.132 ()
1 2 13.250.187.106 ()
1 23.223.18.115 ()
1 44.225.201.131 ()
1 54.192.18.100 ()
6 7 18.141.109.184 ()
1 1 18.142.65.187 ()
3 3 122.248.250.113 ()
1 1 2001:df2:a300... ()
1 13.228.34.179 ()
1 2400:52e0:150... ()
1 3 2406:2600:7:1... ()
1 2606:4700:303... ()
2 182.161.73.136 ()
1 184.51.240.199 ()
1 2606:4700:303... ()
1 1 23.41.65.80 ()
2 23.75.85.227 ()
2 184.51.240.213 ()
2 96.17.188.24 ()
1 67.199.150.81 ()
1 1 18.138.18.111 ()
1 1 172.104.45.159 ()
1 1 52.220.229.2 ()
1 2 35.186.193.173 ()
4 4 145.40.73.5 ()
2 2 2a02:fa8:c411... ()
409 77
12    89.35.29.15 (London, United Kingdom)

ASN25369 (BANDWIDTH-AS, GB)
PTR: 15.29.35.89.baremetal.zare.com
pastelink.net
2    2404:6800:4003:c0f::5f (Singapore)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
7    2606:4700:3035::6815:5d0e (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.adligature.com
2    2404:6800:4003:c04::67 (Singapore)

ASN15169 (GOOGLE, US)
www.google.com
2    2404:6800:4003:c06::61 (Singapore)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2404:6800:4003:c05::5e (Singapore)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    2404:6800:4003:c11::5e (Singapore)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    208.95.112.2 (United States)

ASN53334 (TUT-AS, US)
pro.ip-api.com
23    2404:6800:4003:c03::9b (Singapore)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
4    2404:6800:4003:c05::66 (Singapore)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
14    13.250.192.86 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    54.64.5.129 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-64-5-129.ap-northeast-1.compute.amazonaws.com
g2.gumgum.com
1    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
2    185.106.140.18 (Netherlands)

ASN7979 (SERVERS-COM, US)
rtb.adxpremium.services
1    145.40.73.4 (Queenstown Estate, Singapore)

ASN54825 (PACKET, US)
tag.1rx.io
8    104.254.148.251 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
11    18.159.227.187 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-227-187.eu-central-1.compute.amazonaws.com
d.vidoomy.com
a-prebid.vidoomy.com
a.vidoomy.com
3    203.195.121.141 (Singapore)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    2404:6800:4003:c04::9d (Singapore)

ASN15169 (GOOGLE, US)
adservice.google.com.sg
adservice.google.com
36    2404:6800:4003:c04::9a (Singapore)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
www.googletagservices.com
5    2404:6800:4003:c0f::84 (Singapore)

ASN15169 (GOOGLE, US)
3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com
21    2404:6800:4003:c03::84 (Singapore)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2406:2600:4::13 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.jp2.as.criteo.com
4    2406:2600:7:100::15 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ads.as.criteo.com
3    2406:2000:e4:1409::2000 (Taiwan)

ASN56173 (YAHOO-SG3 internet content provider, SG)
pn.ybp.yahoo.com
3    52.220.128.212 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-128-212.ap-southeast-1.compute.amazonaws.com
prod-m-node-2113.ssp.yahoo.com
37    52.74.162.2 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
service.idsync.analytics.yahoo.com
ups.analytics.yahoo.com
11    2406:2000:98:800::e6 (Taiwan)

ASN38032 (YAHOO-HK2-AP internet content provider, HK)
cdn.js7k.com
s.yimg.com
beap-bc.yahoo.com
24    2406:2600:7:100::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
4    182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
cat.sg1.as.criteo.com
3    74.125.24.149 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f149.1e100.net
ad.doubleclick.net
6    2406:2600:7:100::f (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
csm.as.criteo.net
6    172.253.118.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f155.1e100.net
googleads4.g.doubleclick.net
3    2404:6800:4003:c11::95 (Singapore)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2406:2600:7:100::10 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ssp-sync.criteo.com
3    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
11    2406:da18:929:5a01:aca1:9a76:84d1:4d91 (Singapore)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    2620:116:800e:21:6c50:dbee:bef5:203d (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
7    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
2    124.146.215.50 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
4    103.229.206.240 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    52.221.14.40 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-221-14-40.ap-southeast-1.compute.amazonaws.com
onevideosync.uplynk.com
12    74.125.24.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f154.1e100.net
cm.g.doubleclick.net
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
8    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
10    103.231.98.197 (Japan)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
14    103.231.98.194 (Japan)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
2    67.199.150.85 (Singapore)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
18    139.5.84.243 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
5    185.84.60.29 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
9    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
4    63.251.14.14 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)
ap.lijit.com
4    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
2    69.173.158.64 (Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    52.220.85.221 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-85-221.ap-southeast-1.compute.amazonaws.com
ads.yieldmo.com
8    184.51.136.24 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-136-24.deploy.static.akamaitechnologies.com
contextual.media.net
2    52.220.243.118 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-243-118.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
6    184.51.241.105 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-241-105.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
2    52.46.130.91 (None, )

ASN- ()
s.amazon-adsystem.com
3    2001:df2:a300:bbbb::135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    104.254.150.241 (None, )

ASN- ()
secure.adnxs.com
2    13.115.235.137 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-115-235-137.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    34.124.209.251 (Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 251.209.124.34.bc.googleusercontent.com
um.simpli.fi
1    96.17.189.202 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a96-17-189-202.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
1    2600:9000:21e1:4200:1a:ba5c:3900:93a1 (United States)

ASN16509 (AMAZON-02, US)
rock.defybrick.com
2    2600:1f18:e8a:cd04:9b88:a313:d24d:af44 (None, )

ASN- ()
flint.defybrick.com
5    66.225.223.95 (None, )

ASN- ()
log.outbrainimg.com
sync.outbrain.com
1    199.232.46.132 (None, )

ASN- ()
odb.outbrain.com
2    13.250.187.106 (None, )

ASN- ()
dpm.demdex.net
1    23.223.18.115 (None, )

ASN- ()
sync-jp.im-apps.net
1    44.225.201.131 (None, )

ASN- ()
beacon.krxd.net
1    54.192.18.100 (None, )

ASN- ()
aa.agkn.com
7    18.141.109.184 (None, )

ASN- ()
ps.eyeota.net
1    18.142.65.187 (None, )

ASN- ()
i.w55c.net
3    122.248.250.113 (None, )

ASN- ()
pm.w55c.net
1    2001:df2:a300:bbbb::136 (None, )

ASN- ()
d.turn.com
1    13.228.34.179 (None, )

ASN- ()
sync.crwdcntrl.net
1    2400:52e0:1500::868:1 (None, )

ASN- ()
cheqzone.b-cdn.net
3    2406:2600:7:100::9 (None, )

ASN- ()
gum.criteo.com
1    2606:4700:3037::ac43:9a47 (None, )

ASN- ()
id.a-mx.com
2    182.161.73.136 (None, )

ASN- ()
mug.criteo.com
1    184.51.240.199 (None, )

ASN- ()
acdn.adnxs.com
1    2606:4700:3031::6815:5dd2 (None, )

ASN- ()
adxbid.info
1    23.41.65.80 (None, )

ASN- ()
secure-assets.rubiconproject.com
2    23.75.85.227 (None, )

ASN- ()
eus.rubiconproject.com
2    184.51.240.213 (None, )

ASN- ()
ads.pubmatic.com
2    96.17.188.24 (None, )

ASN- ()
cs.media.net
1    67.199.150.81 (None, )

ASN- ()
image6.pubmatic.com
1    18.138.18.111 (None, )

ASN- ()
cm.ambientdsp.com
1    172.104.45.159 (None, )

ASN- ()
gocm.c.appier.net
1    52.220.229.2 (None, )

ASN- ()
cm-supply-web.gammaplatform.com
2    35.186.193.173 (None, )

ASN- ()
ipac.ctnsnet.com
4    145.40.73.5 (None, )

ASN- ()
sync.1rx.io
sync.targeting.unrulymedia.com
2    2a02:fa8:c411:12::1080 (None, )

ASN- ()
pubmatic-match.dotomi.com
Apex Domain
Subdomains		 Transfer
70 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 834
pn.ybp.yahoo.com — Cisco Umbrella Rank: 1034
prod-m-node-2113.ssp.yahoo.com — Cisco Umbrella Rank: 62680
service.idsync.analytics.yahoo.com — Cisco Umbrella Rank: 919
ups.analytics.yahoo.com — Cisco Umbrella Rank: 265
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 439
beap-bc.yahoo.com — Cisco Umbrella Rank: 780
47 KB
45 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 140
235 KB
44 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
ad.doubleclick.net — Cisco Umbrella Rank: 171
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 319
cm.g.doubleclick.net — Cisco Umbrella Rank: 202
319 KB
30 criteo.net
static.criteo.net — Cisco Umbrella Rank: 625
csm.as.criteo.net — Cisco Umbrella Rank: 14296
186 KB
29 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 623
image2.pubmatic.com — Cisco Umbrella Rank: 846
image4.pubmatic.com — Cisco Umbrella Rank: 938
ads.pubmatic.com
image6.pubmatic.com
simage2.pubmatic.com
34 KB
21 criteo.com
rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 18072
ads.as.criteo.com — Cisco Umbrella Rank: 14011
cat.sg1.as.criteo.com — Cisco Umbrella Rank: 14518
ssp-sync.criteo.com — Cisco Umbrella Rank: 934
dis.criteo.com — Cisco Umbrella Rank: 686
gum.criteo.com
mug.criteo.com
82 KB
18 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 431
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531
15 KB
17 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 183
620 KB
12 pastelink.net
pastelink.net — Cisco Umbrella Rank: 128169
219 KB
11 vidoomy.com
d.vidoomy.com — Cisco Umbrella Rank: 10532
a-prebid.vidoomy.com
a.vidoomy.com
3 KB
11 media.net
prebid.media.net — Cisco Umbrella Rank: 1219
contextual.media.net — Cisco Umbrella Rank: 563
cs.media.net
18 KB
10 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 203
secure.adnxs.com
acdn.adnxs.com
27 KB
9 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1404
widget-pixels.outbrain.com — Cisco Umbrella Rank: 3312
odb.outbrain.com
sync.outbrain.com Failed
83 KB
9 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 338
3 KB
8 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 296
4 KB
7 eyeota.net
ps.eyeota.net
4 KB
7 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 277
4 KB
7 adligature.com
cdn.adligature.com — Cisco Umbrella Rank: 64878
172 KB
6 js7k.com
cdn.js7k.com — Cisco Umbrella Rank: 891
91 KB
5 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 313
pixel-us-east.rubiconproject.com Failed
secure-assets.rubiconproject.com
eus.rubiconproject.com
12 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 590
cm.adform.net Failed
2 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
205 KB
4 w55c.net
i.w55c.net
pm.w55c.net
3 KB
4 outbrainimg.com
tcheck.outbrainimg.com — Cisco Umbrella Rank: 9335
log.outbrainimg.com
1 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 755
d.turn.com
2 KB
4 openx.net
us-u.openx.net — Cisco Umbrella Rank: 422
746 B
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 589
2 KB
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 459
2 KB
4 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1349
sync.1rx.io
2 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
20 KB
3 defybrick.com
rock.defybrick.com — Cisco Umbrella Rank: 9500
flint.defybrick.com
22 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 730
1 KB
3 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 271
222 KB
3 yimg.com
s.yimg.com — Cisco Umbrella Rank: 466
96 KB
3 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1528
cache.betweendigital.com Failed
2 KB
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1886
mp.4dex.io — Cisco Umbrella Rank: 2011
25 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 73
2 KB
2 dotomi.com
pubmatic-match.dotomi.com
744 B
2 ctnsnet.com
ipac.ctnsnet.com
673 B
2 demdex.net
dpm.demdex.net
2 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 591
641 B
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 524
1 KB
2 amazon-adsystem.com
s.amazon-adsystem.com
2 KB
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 518
483 B
2 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 645
887 B
2 bing.com
c.bing.com — Cisco Umbrella Rank: 237
841 B
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 958
2 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 654
920 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 535
706 B
2 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 8596
3 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44
144 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
2 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com
527 B
1 gammaplatform.com
cm-supply-web.gammaplatform.com
642 B
1 appier.net
gocm.c.appier.net
396 B
1 ambientdsp.com
cm.ambientdsp.com
653 B
1 adxbid.info
adxbid.info
3 KB
1 a-mx.com
id.a-mx.com
784 B
1 b-cdn.net
cheqzone.b-cdn.net
5 KB
1 crwdcntrl.net
sync.crwdcntrl.net
270 B
1 agkn.com
aa.agkn.com
657 B
1 krxd.net
beacon.krxd.net
339 B
1 im-apps.net
sync-jp.im-apps.net
252 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 2039
420 B
1 uplynk.com
onevideosync.uplynk.com — Cisco Umbrella Rank: 2773
196 B
1 google.com.sg
adservice.google.com.sg — Cisco Umbrella Rank: 26706
531 B
1 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1394
944 B
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 5645
208 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 195
1 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 693
30 KB
0 sportradarserving.com Failed
a.sportradarserving.com Failed
0 semasio.net Failed
uipglob.semasio.net Failed
0 deepintent.com Failed
match.deepintent.com Failed
0 loopme.me Failed
csync.loopme.me Failed
0 iprom.net Failed
core.iprom.net Failed
0 tribalfusion.com Failed
a.tribalfusion.com Failed
0 adgrx.com Failed
cm.adgrx.com Failed
0 cinarra.com Failed
dps.jp.cinarra.com Failed
0 stackadapt.com Failed
sync.srv.stackadapt.com Failed
0 ad-m.asia Failed
sync-dsp.ad-m.asia Failed
0 ck-ie.com Failed
as.ck-ie.com Failed
0 sonobi.com Failed
sync.go.sonobi.com Failed
0 rfihub.com Failed
p.rfihub.com Failed
0 adhigh.net Failed
px.adhigh.net Failed
0 otm-r.com Failed
sync.dmp.otm-r.com Failed
0 admedo.com Failed
pool.admedo.com Failed
0 adtelligent.com Failed
idrs.adtelligent.com Failed
0 opera.com Failed
t.adx.opera.com Failed
0 id5-sync.com Failed
id5-sync.com Failed
0 mediago.io Failed
trace.mediago.io Failed
0 contextweb.com Failed
bh.contextweb.com Failed
0 sitescout.com Failed
pixel-sync.sitescout.com Failed
0 rlcdn.com Failed
id.rlcdn.com Failed
idsync.rlcdn.com Failed
0 technoratimedia.com Failed
sync.technoratimedia.com Failed
0 smartadserver.com Failed
ssbsync.smartadserver.com Failed
0 smaato.net Failed
s.ad.smaato.net Failed
0 360yield.com Failed
ice.360yield.com Failed
0 emxdgt.com Failed
cs.emxdgt.com Failed
0 twitter.com Failed
analytics.twitter.com Failed
0 geistm.com Failed
id.geistm.com Failed
0 kargo.com Failed
crb.kargo.com Failed
0 mfadsrvr.com Failed
rtb.mfadsrvr.com Failed
0 zemanta.com Failed
b1sync.zemanta.com Failed
0 pippio.com Failed
pippio.com Failed
409 104
Domain Requested by
34 ups.analytics.yahoo.com 14 redirects pastelink.net
service.idsync.analytics.yahoo.com
widgets.outbrain.com
24 static.criteo.net ads.as.criteo.com
23 securepubads.g.doubleclick.net cdn.adligature.com
securepubads.g.doubleclick.net
pastelink.net
www.googletagservices.com
21 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com
ad.doubleclick.net
19 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
ad.doubleclick.net
www.googletagservices.com
pastelink.net
17 www.googletagservices.com 3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
pn.ybp.yahoo.com
www.googletagservices.com
pastelink.net
14 c2shb.pubgw.yahoo.com cdn.adligature.com
13 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
12 cm.g.doubleclick.net 11 redirects pastelink.net
12 pastelink.net pastelink.net
11 pr-bh.ybp.yahoo.com 1 redirects pastelink.net
ssum-sec.casalemedia.com
ads.pubmatic.com
10 simage2.pubmatic.com 4 redirects ads.pubmatic.com
10 image8.pubmatic.com 5 redirects ads.pubmatic.com
9 eb2.3lift.com 7 redirects pastelink.net
8 contextual.media.net 2 redirects cdn.adligature.com
contextual.media.net
ads.pubmatic.com
eus.rubiconproject.com
8 match.adsrvr.org 8 redirects
8 d.vidoomy.com cdn.adligature.com
8 ib.adnxs.com 4 redirects cdn.adligature.com
pastelink.net
acdn.adnxs.com
ads.pubmatic.com
7 ps.eyeota.net 6 redirects widgets.outbrain.com
7 x.bidswitch.net 7 redirects
7 cdn.adligature.com pastelink.net
cdn.adligature.com
securepubads.g.doubleclick.net
6 googleads4.g.doubleclick.net ad.doubleclick.net
6 csm.as.criteo.net ads.as.criteo.com
6 cdn.js7k.com pastelink.net
pn.ybp.yahoo.com
5 widgets.outbrain.com securepubads.g.doubleclick.net
widgets.outbrain.com
5 c1.adform.net 2 redirects pastelink.net
service.idsync.analytics.yahoo.com
ads.pubmatic.com
5 ssum-sec.casalemedia.com 2 redirects service.idsync.analytics.yahoo.com
ssum-sec.casalemedia.com
5 3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 us-u.openx.net 4 redirects
4 ap.lijit.com 4 redirects
4 image2.pubmatic.com 3 redirects ads.pubmatic.com
4 sync.mathtag.com 4 redirects
4 cat.sg1.as.criteo.com ads.as.criteo.com
4 ads.as.criteo.com 3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com
4 rtb.jp2.as.criteo.com pastelink.net
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 fonts.gstatic.com fonts.googleapis.com
3 sync.1rx.io 3 redirects
3 gum.criteo.com 1 redirects contextual.media.net
3 pm.w55c.net 3 redirects
3 log.outbrainimg.com widgets.outbrain.com
3 um.simpli.fi 2 redirects widgets.outbrain.com
3 ad.turn.com 3 redirects
3 dis.criteo.com 1 redirects pastelink.net
widgets.outbrain.com
3 s0.2mdn.net pastelink.net
3 ad.doubleclick.net www.googletagservices.com
3 s.yimg.com pastelink.net
3 service.idsync.analytics.yahoo.com pastelink.net
3 prod-m-node-2113.ssp.yahoo.com pastelink.net
3 pn.ybp.yahoo.com pastelink.net
3 ads.betweendigital.com cdn.adligature.com
ads.betweendigital.com
2 pubmatic-match.dotomi.com 2 redirects
2 ipac.ctnsnet.com 1 redirects ads.pubmatic.com
2 cs.media.net contextual.media.net
2 ads.pubmatic.com contextual.media.net
ads.pubmatic.com
2 eus.rubiconproject.com contextual.media.net
eus.rubiconproject.com
2 a-prebid.vidoomy.com
2 mug.criteo.com
2 dpm.demdex.net 1 redirects widgets.outbrain.com
2 sync.outbrain.com widgets.outbrain.com
ads.pubmatic.com
2 flint.defybrick.com rock.defybrick.com
2 beap-bc.yahoo.com cdn.js7k.com
2 sync-tm.everesttech.net 2 redirects ads.pubmatic.com
2 match.prod.bidr.io 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 match.sharethrough.com 2 redirects
2 ads.yieldmo.com 2 redirects
2 pixel.rubiconproject.com 2 redirects
2 image4.pubmatic.com 1 redirects ads.pubmatic.com
2 c.bing.com 1 redirects widgets.outbrain.com
2 tg.socdm.com 2 redirects
2 cms.quantserve.com 2 redirects
2 creativecdn.com 1 redirects pastelink.net
2 rtb.adxpremium.services cdn.adligature.com
adxbid.info
2 script.4dex.io cdn.adligature.com
script.4dex.io
2 www.googletagmanager.com pastelink.net
www.googletagmanager.com
2 www.google.com pastelink.net
tpc.googlesyndication.com
2 fonts.googleapis.com pastelink.net
1 sync.targeting.unrulymedia.com 1 redirects
1 cm-supply-web.gammaplatform.com 1 redirects
1 gocm.c.appier.net 1 redirects
1 cm.ambientdsp.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 secure-assets.rubiconproject.com 1 redirects
1 a.vidoomy.com
1 adxbid.info cdn.adligature.com
1 acdn.adnxs.com cdn.adligature.com
1 id.a-mx.com cdn.adligature.com
1 cheqzone.b-cdn.net rock.defybrick.com
1 sync.crwdcntrl.net widgets.outbrain.com
1 d.turn.com 1 redirects
1 i.w55c.net 1 redirects
1 aa.agkn.com widgets.outbrain.com
1 beacon.krxd.net widgets.outbrain.com
1 sync-jp.im-apps.net widgets.outbrain.com
1 odb.outbrain.com widgets.outbrain.com
1 rock.defybrick.com widgets.outbrain.com
1 widget-pixels.outbrain.com pastelink.net
1 tcheck.outbrainimg.com widgets.outbrain.com
1 secure.adnxs.com 1 redirects ads.pubmatic.com
1 s.company-target.com 1 redirects
1 onevideosync.uplynk.com pastelink.net
1 ssp-sync.criteo.com 1 redirects
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.com.sg securepubads.g.doubleclick.net
1 tag.1rx.io cdn.adligature.com
1 mp.4dex.io cdn.adligature.com
1 g2.gumgum.com cdn.adligature.com
1 prebid.media.net cdn.adligature.com
1 pro.ip-api.com cdn.adligature.com
1 www.gstatic.com www.google.com
1 cdnjs.cloudflare.com pastelink.net
1 code.jquery.com pastelink.net
0 a.sportradarserving.com Failed ads.pubmatic.com
0 uipglob.semasio.net Failed ads.pubmatic.com
0 idsync.rlcdn.com Failed ads.pubmatic.com
0 match.deepintent.com Failed ads.pubmatic.com
0 csync.loopme.me Failed ads.pubmatic.com
0 core.iprom.net Failed ads.pubmatic.com
0 a.tribalfusion.com Failed ads.pubmatic.com
0 cm.adgrx.com Failed ads.pubmatic.com
0 dps.jp.cinarra.com Failed ads.pubmatic.com
0 sync.srv.stackadapt.com Failed ads.pubmatic.com
0 sync-dsp.ad-m.asia Failed ads.pubmatic.com
0 as.ck-ie.com Failed adxbid.info
0 sync.go.sonobi.com Failed contextual.media.net
0 p.rfihub.com Failed contextual.media.net
0 cache.betweendigital.com Failed ads.betweendigital.com
0 px.adhigh.net Failed ads.betweendigital.com
0 sync.dmp.otm-r.com Failed ads.betweendigital.com
0 pool.admedo.com Failed ads.betweendigital.com
0 cm.adform.net Failed
0 idrs.adtelligent.com Failed cdn.adligature.com
0 t.adx.opera.com Failed widgets.outbrain.com
0 id5-sync.com Failed widgets.outbrain.com
cdn.adligature.com
0 trace.mediago.io Failed widgets.outbrain.com
0 bh.contextweb.com Failed widgets.outbrain.com
0 pixel-sync.sitescout.com Failed widgets.outbrain.com
0 id.rlcdn.com Failed widgets.outbrain.com
0 sync.technoratimedia.com Failed widgets.outbrain.com
0 ssbsync.smartadserver.com Failed widgets.outbrain.com
0 s.ad.smaato.net Failed widgets.outbrain.com
0 ice.360yield.com Failed widgets.outbrain.com
0 cs.emxdgt.com Failed widgets.outbrain.com
0 analytics.twitter.com Failed widgets.outbrain.com
0 pixel-us-east.rubiconproject.com Failed widgets.outbrain.com
0 id.geistm.com Failed widgets.outbrain.com
0 crb.kargo.com Failed widgets.outbrain.com
0 rtb.mfadsrvr.com Failed widgets.outbrain.com
contextual.media.net
0 b1sync.zemanta.com Failed widgets.outbrain.com
contextual.media.net
0 pippio.com Failed widgets.outbrain.com
409 151
Subject Issuer Validity Valid
pastelink.net
R3		 2023-01-31 -
2023-05-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-25 -
2023-12-26		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-12-27 -
2023-06-21		 6 months crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
gumgum.com
Amazon RSA 2048 M01		 2023-02-14 -
2023-10-05		 8 months crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2022-08-26 -
2023-08-05		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-07-29		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-01 -
2023-10-02		 a year crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-13 -
2024-02-13		 a year crt.sh
*.google.com.sg
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.jp2.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-24 -
2023-03-26		 3 months crt.sh
*.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-24 -
2023-05-24		 3 months crt.sh
*.pbp.bf2.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-02-08 -
2023-05-10		 3 months crt.sh
ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-02-22 -
2023-05-24		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-02-21 -
2023-08-16		 6 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-02-27 -
2023-04-19		 2 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-13 -
2023-04-15		 3 months crt.sh
*.sg1.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-27 -
2023-05-25		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.as.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-19 -
2023-04-16		 3 months crt.sh
onevideosync.uplynk.com
DigiCert SHA2 High Assurance Server CA		 2023-02-22 -
2023-05-24		 3 months crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-11		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
*.outbrainimg.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
rock.defybrick.com
Amazon RSA 2048 M01		 2023-02-21 -
2023-06-07		 4 months crt.sh
*.defybrick.com
ZeroSSL ECC Domain Secure Site CA		 2023-01-16 -
2023-04-16		 3 months crt.sh
*.im-apps.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-10 -
2023-06-11		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-20 -
2023-10-19		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-09-06 -
2023-09-21		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-04 -
2023-03-31		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
*.b-cdn.net
Sectigo RSA Domain Validation Secure Server CA		 2022-11-07 -
2023-11-11		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh

This page contains 55 frames:

Primary Page: https://pastelink.net/o3zyl3g7
Frame ID: AC373234B602F3F65BA1AF5F92D64FEB
Requests: 85 HTTP requests in this frame

Frame: https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B3B1AF15B67A8307BB763D3117AC6E33
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CD9C7579E78917155B5EAB2803FBF3A0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F800020006F25657A8453F7B88B2A0D5
Requests: 2 HTTP requests in this frame

Frame: https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1193CDD057B65E2B32DACA6BF7B22219
Requests: 9 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_2HaAALaY4KaM8EAA5HaBA-3LGLBVhqYTcpzA&u=%7CUKt1300XUf6k%2BL44jS1uCLkHP45dmV7azRkKIUS7leQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2FeT-DQ8f6hYCLXxbRAsQQkXFNAtexRdGEEhufCpMWqN_hB3HDpSvT1uav1RsdIXOxSPHdaaBJcAyiDZmeS5lAceDpfSdDUVJQnlpRpBbJI0-2dfO5pXWTJkStzfzFXEMpiFj3FoLgHvj11NCqmN-gOZm7oWCAbk0uATz0AYdPxXri3W5AVvylyVfXyUhEkO9czK4j24-CkJNOa7HrVNTA652noXVjx_b9EShAbXOTdMZp6qRme-dfULQYsxqdlDe4Jd_rElr0luJICzJ5-KpT9Xq1MUvyPV7abBUUA7EzILINpj0sUmynKB4JxWh6j0ScNjYZjyBQ7YPD7o1Xo4cc3_GLhw27V5U9HZr0oMxmXy20dfl8mIkl4bzACPcub3Qi3v_Y_oy7n9DQh23KWaq7WfYyu2gehLg-AJ1rPhpNS9vR4Dn0dM0EkCKNlpTtb9-aj8OvxW_sH3qcLxJCVmwJC5SQvN-CZ_c7nzIaSh-oZNX0s3Qtz9xGBxo4KqrAzuuPIeZmf5UTjQXPPNS3rm6v4dRFm-qfDeaNHMZjsoG-4wxgMbBkKLEw5RMdtSnJDFqyMkICZXriaLU3_pBkYjFiN&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-dr7aIf9Y47TLYSeowPojrn4D73U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJ4AIAqAMBqgT1AU_QzB45TDr4wVysj5EsjiYLRo7GYZXwhUWCiYP6XUVcNkDzEIHBYPjlV8O1ohS1QEbVf0iQsZRdr28KnZWpxpORl1pOXK7ZPax5gv6hsf-1fxAtKo2MzP-CYmq0mXM02TSxmC0AGonr5TfbS8yEN1-59NjQRofLRRiMlFuMraKCEyRkKeRkuGKSjrYZaAwEv9mInIcW69K66oU0k3FO7MXEMOc00wlgGb7a9TXIo5MMoRW3l2zYcIgHAIYwblnlFyKpOWklRdFA7XoaFx7hIxF6efAf7X7SuNpdfQpzH3weGYwC5Qunp9fykRLu7XwPO4xgSnA24AQBgAain6y69qaCkmOgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lqwHOGTT7Kz15vpq_nb3E8hj1Mw%26client%3Dca-pub-9602519502618262%26adurl%3D
Frame ID: 5AB93E6DA23A4413F1ECDCC52251E162
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6qXIhTg8Gz1EGK6AMeick9lSpk2nGYTR_l119q5IP0sf-2JPIQMcm-YsIKLlQtz0s5IViULAtFVtelxAN6bDl-zaoXI4baawte2HOkl5wrHQUZlpZtmX3-2fs0S0RjiBTyjdEuOXYWPw6TNU2Z_tfbxahKxZK1kI1d1S-cZG6vxINA07TBKPsYtyiEYQXWE6onB48QeZde47d48lChnhD_D2o0wVzfww5Z2PsHTTUogEclHMRZwbbEBlkmMPrqbOjYRVwp2SVm4LHFWTQQLc1OaDH38rXEGbPfCimcCL6OTtITUIA0NYZJ66FRKywPZ_bhJ6ZxVjJgL6WJwKhHVGs2RY&sai=AMfl-YT4IqW5m2h1tFW9ABNMPHgvgo6fHLVDPHatJUuK3eLFB4I-EkScQvR_S3FKsufVapPIaiIC93QCmmVyKYBC8nueADesuOE-gS_rZ4mAo_GtHhdXB3YitIdSgBzstubnI4kdd3jjvp9gCgwoROqu&sig=Cg0ArKJSzFJXCiRDBpoIEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 855DCE06D552FB807F2E0DB7D2002C99
Requests: 35 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuPN1mADnD9UfkjU1iiSxFrnSv79MdjQBuL-3Rpoc42DCVCkdqz0sUHl08uTQw0DQDfytLOGY3Yc1rf-tP9e4ssb_PU56LSQ6N7csz1toHhuAvqSUI4v0sWqpNaOSrOtUEH66H_Pgcn2ttp_OJbs8w695eo4pp14tfD0mGi07W2BTLBy8Gmpg7YoaTahacNjQkQDvaab6FSBCNYSZIYXJN5Je7iCoiHXXfhe7tRttEwQCGTb9KNupzc5-y-S3S5hI1k7ap1R-cpVmvuz0cSCDFTi7I1D-ve5TedDtgHPkfVmCksEG3Jppu0Ds5e-TEIGCfSR-OPk6naHuv2-kICUBmG&sai=AMfl-YRJu-xObmpHFvddx1xqVEky332UhHzhVPdTjKPKdMRggA0JuEWQgVWD1VVQNyG7s_VRy_WwWDIRbJA_Ks4bYIJcggipSmEPyeawG_xsyaNMwwIB6bgRf2qNrozeFZ67gSm6mP2cUWlLsFMhT2s&sig=Cg0ArKJSzHtJbzrtSPTBEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 2D0BF58E24E5971F87179580C7B64AFF
Requests: 34 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstVZLuP8PLUGkIMauazFoBLgs_a8A3Xx3iY9Vo_O-n2D-CGMc9zh6pwv99FxmVJEAiNXJvhDpRrjqBHYB8W0GXky8IaLBZSnsbEE0YSboa4hhUgsCb9Jc4VxQ4arI2i7tLgzP_aoe0wen8rFvn36hhDGM2Kxmu7_w1RTEdv-YEiuWLtLRtvjn211XNHDGY5bm0X8EdhADkcYfiK-SE1JPzzM3--1WiGLWUpab31E0aXKwBQoXbg4Ga_j_2SpgEhqAMNeTSb82qWr6BvMhQKK4zv-QtebDwVsRM6sVgV-4t5aHxGaymosyEimixWF0g9nBn698t7DU0twbvXHqo7eSPn&sai=AMfl-YQS8dRS_1pnFBp2DG8YxqgpPD81B1YsGp_JxKiAwwDXQaIkjdTdBzkKSijvUHwYLzyNVVTSUAG_878S_wDHoxBE_e-0WvU35ZQd6i31jZ0cLBEPoyp9nUyQOKB7soRuvKn0-1t0v8X0lfsuaoI&sig=Cg0ArKJSzDb-RuH6j1OLEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6D35637E25A4BB3407ABA90EFB1402DC
Requests: 31 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 63E9D7749008166FAF02AD74A90F35A6
Requests: 3 HTTP requests in this frame

Frame: https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EDD9F5674D6508EFA987B5388B7521D8
Requests: 8 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_2HaQAGxm4KaONFAAdfMiUaNZYpHdvfim7_2A&u=%7CQM%2BOFsbANfpjDlCGQr7QH8PdalNBe%2Fo5aPLBLA9wJOM%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uQoY01BbuO_YWcpTssNRl07V3bvaUTG35PnnPfsSbytuY0OBePIi-_ON8y34rToh8NxF3Ut1OHc8gT3HfGlrsUqvUDfEt8om06PL3B8aKaFwasssAHm3m23hkD_rSKCfXsxWo59e-7SGXEJIZX7dDNBjPxNtiUZiC210X_TCM8JiVGkM3FNliDHen3zh6i8BPhWQuThgsfXh1eJ4wiFP2oIUuQgDEAmUc7Rjez3PMsmdl-5QE6u9Kj6TeHYYF8K6WDoRKHO6DDSWkh0AfxoyJYvCyEtMHh28Jg_KZGN2RJQtUdhFcY5CY9FClyuRAa-XXNBob-zzdU7rSFlV6Gm6n9lCN-7B8ilWk_6ob1kyk7KIRGib4oXhprswAq1xIm1gKgZzSeIrju5G-ryn6QXkTDRVclhu5CuCswMmKG5KK307pvPEOcQIyty7zefyyXx4x4HmWF6dp0Zza_S-NZpSoZK3Uulkt9f9RpqdmI81uyei-875k6S4Ek7khW03iRN5t87blLaT2acmcO8Y78EVZOhpAsJ_42cxAYHAgq5dC_nuGriHlH0fPN8olXDz7Q3L3rtmVFLXzSI4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJoZjaYf9Y-6MG8XGowOyvp3wDb3U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJ4AIAqAMBqgT2AU_QLzgGBueidtGWNjJRcHenh_uAPeR4D76h-hIgkz5g5dKqe6Ln9vbd6fg2biCPSaU4dGwke_FRscLKC5lWOtz4gLG0u42ZYW7IPwzlKuBtEHuacAmMzflz4GjaAM5sk7VwwlRmF5gZkXCoE57tljaskHLFQ8Wtp0ImP3Yg2tozgccfKWmihFUAhOmWu7HOYw7zPvev88qOcMipvZdCZjrWuUwIvnFe-mcn3M-pOzzmQkN3w1W4shKwKIe3mfdV8ScfiUdYT2x1tEsreIOQ5vYQrJm1jNVph1Sg7dLjES9NfNIIk-mEg9VW8VMKbwjrjb198mKFwOAEAYAGop-suvamgpJjoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3466K0vFS_v8TEudGogMFHBXEkvQ%26client%3Dca-pub-9602519502618262%26adurl%3D
Frame ID: 32EABF57D507897465457EDD5FCA8341
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D&s=175407&C=1
Frame ID: 3AA9DF59008C55CDA25196C5F08CC6E1
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D&s=175407&C=1
Frame ID: DDC9E7AA564B023FA7E704E9D9B5B719
Requests: 10 HTTP requests in this frame

Frame: https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4CC6257CC0B5E216F0BB41280C874FE2
Requests: 8 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_2HaQAJYVkKaL1IAAbiSUaPxU6tckZbRiKYLQ&u=%7CQM%2BOFsbANfqNmS00sUH%2FVo7RjCCrXBcnJlPD0b%2Fqjuw%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1b-HgoKGHcDU0erJYQXuDDktRIjkjFqfWyKMJGk5gDpy6sljjR310IIxBqHD1trGK9Wa5Jc5W_xceYVpKRzgYVEDx3kUeGG_dzUZb1ctxNWBe1R_W1pV6atajQVHAo_qdXPbhoEi-FlUaZGASykmylGl5XpfITfDy1ll9CkdXMGYALl5hqgQbRk0BUZGEEIgZYIC6heCIoJjIY40VY3a-8jM6FSM_hMn44mivCqLHH7eGQkER2BMqp3y9NbFEhz7iHh0RqdsZs4FVjYE5j-rTNAj_lZbWDZo9ArUCwSZijdvqWNLliJ3-PQG1F32pduuRuvJggcsRJZk8cG3wQDC_S6qBIw_9sk-r5xcbjTLS21cYJzR2jr9e39IVJDlJFNoP1HLqd9y1PeEwEotZkP23mAjR_yDoyKRCm9u67wGR4D2SUPoYZnpHrpI00Q_hiFopFBVDuWkol50CpEO2cZ7Ii1PROSw9wbhBSVkIk_rrvfczlicAfWPJh9DhANaas6l5z5xR32GuTQcygfGMa7VFUgxv4K_rBaLKLgOFs-bPx1ld6me4OZOanIJzNbCi_beaC&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmC1kaYf9Y9nCJcj6ogPJxJvIA73U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi0xNzUwODU2MjM5MjA0NDE0yAEJ4AIAqAMBqgTvAU_QSslvZVDWJZ_SKJ3KOsJGsPGoC4SUXER94IB4TmpsyYv7Zs4Gk0wCPvEfzeKmLMEIG3nseBvk50XgcZSh279UBhjMUBVkNEf_nWCNUlT5-mXhVJU9doQeFEPL44DF8kN0bBFGaNYNAvJeFNKAQ8ai9lBNc9vBFV6eAR_PBtnLx04bW941_hb-_kFvgVip8BL01rlRwjZrzCeP8zYcM1z8fphzDeGAcUlIfwnJEsW4cTGtYvD8uap_m9liRyWCM0TJ5Tbv_PtudYbGNh0O2mISH94pBLaYCNaofsp-gV3-MAjJFa5anxKUuMnvLH134AQBgAain6y69qaCkmOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Qi7_CJ_jiEP057_nwdMY9YVj4DQ%26client%3Dca-pub-1750856239204414%26adurl%3D
Frame ID: 831611BFABAFD20205D77D0AAC80F9DC
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFjvNjqWaBjo8_eibxRnkERK94DMuTZrNjbPd2_tWNaz8MvVtvMYE74MX-PWrf5KvZv3Bg2JuRHrg6KFtY4AxCnqVeVRalBXbL-SetGsnRsnYYseYOSxqg5VdaFP3WGyIrX3roTAHFfDcRTC8k2Wn_j2V4Y9Zz5dq0A8QpnjA-DT0H1IsIo-wt6ElV6QvQC_CqOlyhBuJnCdwsSQ7yLMXbFNR2Ev37cHUjRUyZhYrqXNPpF-thPeymuMsfloev-0C0yzpi0HLGlMVjumN5ccSZhrzvFQNe5svyssUug2CsmIb-jpf-B55x6LgBzHVzCp-dqmpVaccmJTEGlO_cvQ&sai=AMfl-YQl2o7m58Zy1YnweVF3Dw4SnW1UEx8SwVTzoVwYdNu_V34U-i13fDZISiI-Jg5ab_1BdV_tQXBRHGajUsozaQK5bdCgSJKWc8Ktm-vPwRjvZEQ_nyrn-l4TAoRl7EJ0n0v4IKGZhH7UrCQxEjM&sig=Cg0ArKJSzDPaSJkgkGdBEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 28583367AE2EDB1B61F2235C458BD917
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 683697A436007BB83B1D19F017B51E21
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AA63EAF7010B6D7B6C78FEE6E9E60F8B
Requests: 3 HTTP requests in this frame

Frame: https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 325F1C91188793839C8B5320BC7BDF51
Requests: 9 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_2HaQAO_ZUKaOkGAAGkaV4jMFizxAMdo8COmA&u=%7C6FcdCPACiwMbFixTyOVCArDnBg3VTiuGCbKgwxakNSg%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHFVqzVo_Eqe-eoQewzSOrrC24WLdcTehYhuzs-jGO9Ot3KO6NhQEI1OUgJZ8KNcvd7kUVqMbFKiKheImZ_xGe-pmAgzAwRONZOpeSTxvnm9rVwEWjajZo24ImpumRsrmUdORKcUhn1GcyHgog844tM4gBWaZdEoC350bdP_h6SfE_DjQ244pii5zQWhGOy8veHKkFOf02ABL32PtviryzFaL-zc9ITXGXFB8m7adt2sFJom3IPEGRFLh0q2ehF9_qP_UNuWQWK4p3NLM3cB3-Ioi_ivyIvvzNhOQvYOswZr7VoOI0kZfrQmFwLiXxv17kzykE5Q53-asyA5XqdUJUe501g08JILIL12MJGbQecBztGv6qKiTCOfSMIoGreegdk1NmMfviW9D5-wzkBw1s4IFtWWkC3fYmwG6wTHLTWrSEDnLLVhr3elGtUJuQP2G3AO6bO5SywEJEUJSwP_ITtVh_-_dezwIu2xnQcmY5pjyuSPunUMHug2V_akzb0is9upyRbWa3LbvHGL-OqgxyxrEzQVuA2iwI10VNwLEHMqKFNbpa5uu3Dx5ARW_IHjmpE0i2Gw9ypOpjWHqNlWu6mUnvHyPgSZhd6&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZccPaYf9Y5X7O4bSowPpyIa4Ab3U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJ4AIAqAMBqgTrAU_Q_eqpCbdzc3NfNiK6LZURdxCkta5GKRzhVspvyGnpeGZvnw38wWQksPxzfOkkUJ0NgThWJfeBzhopuqQ8u6zsQsbjT30xjtZ1VYM8mmVJteFUOTByh13o9d_yM3FMbUrn8gOeO-wpd0QZr99wCcPACHhM8JRq73olCSVtAjKAmYU6cPMuyIuLyUKGmF3MvjlV6GPQSRlePRhulowyKuA4hSkH0gmB66syXxeU2KJHQFCirVR2IRsOEfTl19GsdUpkk_gmkfMVaJr_T9xMiXMt-vXxCJKPNJtxBOxQcUlIvdwPyElYuDmS9HbgBAGABqKfrLr2poKSY6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3BzqZIosiaUFdiSiQsPqkJlBbrjQ%26client%3Dca-pub-9602519502618262%26adurl%3D
Frame ID: 6E8B350AC20508D2A3DA08A52CE7F338
Requests: 10 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obUserFrame/test.html?lsd=176b62de-65b5-446e-84cc-4e18121a1a1f
Frame ID: 2A05ED5C6E7942B9ECA2B41FD7A36DD5
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: 4D7B0A5BBBCA94E176B707D2FD5A0CF9
Requests: 2 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: 479A56ECB09385EA91EB2E7341E41DBF
Requests: 37 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: DC959D6B91AB214B630E2EE23C71BC2E
Requests: 2 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 608D6361ACA007278F5D3F26F7869B7F
Requests: 5 HTTP requests in this frame

Frame: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Frame ID: A584B4B1587AFD3EF5E4FF38EA36386F
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU658616&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C2067%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: EDBECC9044163C41529ED3C0B5615BA7
Requests: 11 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=96d11292-0b59-543b-8c07-8202effa0565&CACHEBUSTER=599319
Frame ID: DBB5CFDB98268BD4B2122B18C14E974E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 3D6925A2AC9255CB05F98B6670843DEF
Requests: 3 HTTP requests in this frame

Frame: https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3205612588092160000V10%26type%3Drkt%26refUrl%3D%26vid%3D75596597793205612588092160000V10%26ovsid%3D%7Buserid%7D
Frame ID: FA89B5479236A92810F8787431E43C71
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3205612588092160000V10%26type%3Dpba%26refUrl%3D%26vid%3D75596597793205612588092160000V10%26ovsid%3DPM_UID
Frame ID: BEC617F6A372473F6AB30927691BC4E7
Requests: 13 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1C19B134-CD28-4161-A2B4-3CBE3D8A7DF1&gdpr=0&gdpr_consent=
Frame ID: FDF8B6E78D56E754BA180CAA37A16BF8
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: F2FB5A4E5440DC10476C60DBE381474F
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: C5098252EABA0E15744C841DF506A3A1
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 7D4FA9450AB6B7D17EF1CC2CB7F23868
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
Frame ID: 47762C71ECF872EDF77A5FA4CCCF2864
Requests: 1 HTTP requests in this frame

Frame: https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N&gdpr=0&initiator=ob&gdpr_consent=&us_privacy=1---&uid=1C19B134-CD28-4161-A2B4-3CBE3D8A7DF1
Frame ID: 44B5A7CE6F430F6B53BEC825B04330C6
Requests: 1 HTTP requests in this frame

Frame: https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N&gdpr=0&initiator=ob&gdpr_consent=&us_privacy=1---&uid=1C19B134-CD28-4161-A2B4-3CBE3D8A7DF1
Frame ID: F4D79060A7F1B88E25A00F12887C51D2
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=Ydf6CgF-DImETTYQbIf9Yw
Frame ID: 852DD4E3E9061EC8D955CEA080A8251B
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 3D4101F2EB7595F8E4D13B37AB22A5EB
Requests: 1 HTTP requests in this frame

Frame: https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
Frame ID: 56DC761EF83AC13B0AD423F82955FC6D
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: F734941AD3E6C863160474FCFE83B0E6
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=1C19B134-CD28-4161-A2B4-3CBE3D8A7DF1
Frame ID: ADAB4A0544288D5FC3E002AC222FB70F
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: B7F9910E377E93DB92209873A0EEFDD6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=9e0a550007f34b6b813128b85cb47d25
Frame ID: 9DB1D3095D366FF00463C1864013798B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:0HbQZVuT1PwRTR5&gdpr=0&gdpr_consent=
Frame ID: 4B19A4CEA26C02FACDC57F4602108697
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 6EED225AC957B2D63548AE3A4A7F9EA6
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 3346CAD3AB2C0F1B5124B5949E6B22AF
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 4E61170BBB16AB3F378CFB1713F796EE
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: D068333E84D0684D0ECE417790E66C9B
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Frame ID: 88B1BA91C999BF6F5A5C9D3290EC9106
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: A2357B4C84F9B4D6A37A087D1CB39483
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 364147E3C8D3DEEB15B0536088406B07
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=3205612588092160000V10&type=pba&refUrl=&vid=75596597793205612588092160000V10&ovsid=1C19B134-CD28-4161-A2B4-3CBE3D8A7DF1
Frame ID: 8322599383B85BA977EFD73C833312CC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

What Does Online casino Malaysia Mean? - Pastelink.net

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

409
Requests

69 %
HTTPS

36 %
IPv6

104
Domains

151
Subdomains

77
IPs

10
Countries

2935 kB
Transfer

7119 kB
Size

66
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 122
  • https://ssp-sync.criteo.com/user-sync/redirect?profile=73 HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=12&p=73&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fprofile%3d73%26uid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue&gdpr=&gdpr_consent=
Request Chain 123
  • https://creativecdn.com/cm-notify?pi=aol&_origin=0&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=aol&_origin=0&gdpr=0&gdpr_consent=&tc=1
Request Chain 124
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55936%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26redir2%3Dtrue HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fups.analytics.yahoo.com%252Fups%252F55936%252Fsync%253Fuid%253D%2524UID%2526_origin%253D0%2526redir2%253Dtrue HTTP 302
  • https://ups.analytics.yahoo.com/ups/55936/sync?uid=7998148270748583470&_origin=0&redir2=true HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/msft/csrc/3/7998148270748583470
Request Chain 125
  • https://cms.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=0&uid=BEAmhwpEdtofSyWGAktthgJHedEfFnbWBxIdQPve
Request Chain 126
  • https://x.bidswitch.net/sync?ssp=rmx&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=rmx&gdpr=0&gdpr_consent= HTTP 302
  • https://tg.socdm.com/aux/idsync?proto=bidswitch&bidswitch_ssp_id=rmx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=168&user_id=Y-2HasCo8YMAADfxVEYAAAAA&expires=30&ssp=rmx HTTP 302
  • https://ups.analytics.yahoo.com/ups/55859/sync?uid=e119dc05-085a-4847-8297-b3a8107c30a2&_origin=0&gdpr=&gdpr_consent=
Request Chain 127
  • https://sync.mathtag.com/sync/img?mt_exid=21&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55938%2Fsync%3Fuid%3D%5BMM_UUID%5D%26_origin%3D0%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ups.analytics.yahoo.com/ups/55938/sync?uid=aad563fd-8769-4d00-956a-16a72f02942f&_origin=0&gdpr=0&gdpr_consent=
Request Chain 130
  • https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/adtech/y-b3ibW7JE2uJ1hQE5GzXGbUpuvKQsAF4-~A
Request Chain 131
  • https://c.bing.com/c.gif?Red3=OATHMS_pd HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/msn/31738B20D4EE64140CFC99E6D5EF6524
Request Chain 132
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=aoladtech&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=8617581c-fe7a-45a1-88ea-d9c42be8be2e&_origin=0&gdpr=0&gdpr_consent=
Request Chain 133
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156078&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D156078%26xid%3Dy-8YgTUKpE2uW_NFf98jKNyGDhkZXfnzM-~A%26gdpr%3d0%26gdpr_consent%3d%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fups.analytics.yahoo.com%252Fups%252F58292%252Fsync%253F_origin%253D0%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2523PMUID%2526redir2%253Dtrue HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156078&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D156078%26xid%3Dy-8YgTUKpE2uW_NFf98jKNyGDhkZXfnzM-~A%26gdpr%3d0%26gdpr_consent%3d%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fups.analytics.yahoo.com%252Fups%252F58292%252Fsync%253F_origin%253D0%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2523PMUID%2526redir2%253Dtrue&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUMxOUIxMzQtQ0QyOC00MTYxLUEyQjQtM0NCRTNEOEE3REYx&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&gdpr_consent=&partnerID=156078&pmc=1&pr=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58292%2Fsync%3F_origin%3D0%26gdpr%3D0%26gdpr_consent%3D%26uid%3D1C19B134-CD28-4161-A2B4-3CBE3D8A7DF1%26redir2%3Dtrue&xid=y-8YgTUKpE2uW_NFf98jKNyGDhkZXfnzM-~A HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=0&gdpr=0&gdpr_consent=&uid=1C19B134-CD28-4161-A2B4-3CBE3D8A7DF1&redir2=true HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/pubmatic/1C19B134-CD28-4161-A2B4-3CBE3D8A7DF1&gdpr=0
Request Chain 174
  • https://ssum-sec.casalemedia.com/usermatch?s=175407&cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D&s=175407&C=1
Request Chain 176
  • https://ups.analytics.yahoo.com/ups/58230/sync?_origin=0&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=verizonmedia&uid=y-wi7Y2GpE2uHxhOBQF9tXRG1mKuCKqg--~A&gdpr=0
Request Chain 177
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1kZ25EdndsRTJ1RXo3YnBSajlNdHVqR0xWXzRWcnNDVX5B&gdpr=0&gdpr_consent=&_origin=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=false&gdpr=0&gdpr_consent=&_origin=0
Request Chain 178
  • https://eb2.3lift.com/getuid?&gdpr=0&cmp_cs=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58382%2Fsync%3F_origin%3D0%26ums2%3D0%26redir%3Dtrue%26uid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58382%2Fsync%3F_origin%3D0%26ums2%3D0%26redir%3Dtrue%26uid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ups.analytics.yahoo.com/ups/58382/sync?_origin=0&ums2=0&redir=true&uid=4201761885516150637312&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/sync?px=1&gdpr=0&axid=y-xvKgUANE2uKHkyqQdhV4m1XDgWxRoqgP~A&ums2=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=8617581c-fe7a-45a1-88ea-d9c42be8be2e&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 180
  • https://ap.lijit.com/pixel?a=0&%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58456%2Fsync%3F_origin%3D0%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?a=0&%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58456%2Fsync%3F_origin%3D0%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ups.analytics.yahoo.com/ups/58456/sync?_origin=0&uid=GOvfJLZH5OUScR_HTLiN8b8J
Request Chain 181
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58294%2Fsync%3F_origin%3D0%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58294%2Fsync%3F_origin%3D0%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=0&gdpr=0&gdpr_consent=&uid=fa36b57f-8ad8-4299-88f9-800539bb5880
Request Chain 182
  • https://pixel.rubiconproject.com/exchange/sync.php?p=oath&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=0&uid=LENRPG73-J-9NF0&gdpr=0
Request Chain 183
  • https://ads.yieldmo.com/verizonsync?&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58529/sync?uid=g5fa4fcc65dcdba85831&_origin=0&gdpr=0&gdpr_consent=
Request Chain 184
  • https://contextual.media.net/cksync.php?cs=3&type=vzn&ovsid=y-4I9.3u1E2uF6s3U6HgEwTe853YINtGGe~A&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58222%2Fsync%3F_origin%3D0%26uid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ups.analytics.yahoo.com/ups/58222/sync?_origin=0&uid=3205612588092160000V10&gdpr=0&gdpr_consent=
Request Chain 185
  • https://match.sharethrough.com/fUD7hqXV/v2?_origin=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58280/sync?uid=a0e1a3b3-5507-477b-86a5-c146387d462d&_origin=0
Request Chain 191
  • https://ups.analytics.yahoo.com/ups/58230/sync?_origin=0&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=verizonmedia&uid=y-wi7Y2GpE2uHxhOBQF9tXRG1mKuCKqg--~A&gdpr=0
Request Chain 192
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1kZ25EdndsRTJ1RXo3YnBSajlNdHVqR0xWXzRWcnNDVX5B&gdpr=0&gdpr_consent=&_origin=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=false&gdpr=0&gdpr_consent=&_origin=0
Request Chain 193
  • https://eb2.3lift.com/getuid?&gdpr=0&cmp_cs=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58382%2Fsync%3F_origin%3D0%26ums2%3D0%26redir%3Dtrue%26uid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ups.analytics.yahoo.com/ups/58382/sync?_origin=0&ums2=0&redir=true&uid=4201761885516150637312&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/sync?px=1&gdpr=0&axid=y-xvKgUANE2uKHkyqQdhV4m1XDgWxRoqgP~A&ums2=1 HTTP 302
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDIwMTc2MTg4NTUxNjE1MDYzNzMxMg%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 195
  • https://ap.lijit.com/pixel?a=0&%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58456%2Fsync%3F_origin%3D0%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?a=0&%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58456%2Fsync%3F_origin%3D0%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ups.analytics.yahoo.com/ups/58456/sync?_origin=0&uid=GOvfJLZH4JgXwGfqTMmcn0Ag
Request Chain 197
  • https://ssum-sec.casalemedia.com/usermatch?s=175407&cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D&s=175407&C=1
Request Chain 198
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58294%2Fsync%3F_origin%3D0%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=0&gdpr=0&gdpr_consent=&uid=fa36b57f-8ad8-4299-88f9-800539bb5880
Request Chain 199
  • https://pixel.rubiconproject.com/exchange/sync.php?p=oath&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=0&uid=LENRPG73-J-9NF0&gdpr=0
Request Chain 200
  • https://ads.yieldmo.com/verizonsync?&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58529/sync?uid=g5fa4fcc65dcdba85831&_origin=0&gdpr=0&gdpr_consent=
Request Chain 201
  • https://contextual.media.net/cksync.php?cs=3&type=vzn&ovsid=y-4I9.3u1E2uF6s3U6HgEwTe853YINtGGe~A&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58222%2Fsync%3F_origin%3D0%26uid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ups.analytics.yahoo.com/ups/58222/sync?_origin=0&uid=3205612588092160000V10&gdpr=0&gdpr_consent=
Request Chain 202
  • https://match.sharethrough.com/fUD7hqXV/v2?_origin=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58280/sync?uid=a0e1a3b3-5507-477b-86a5-c146387d462d&_origin=0
Request Chain 233
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y_2Han7pZgUREwcC7NCsAgAAEuYAAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y_2Han7pZgUREwcC7NCsAgAAEuYAAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 234
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y-2Han7pZgUREwcC7NCsAgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELSlelmcnItNefMZb7x3AgA&google_cver=1
Request Chain 235
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y_2Han7pZgUREwcC7NCsAgAAEuYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDXUYOxrSg-s1GjV51qkDWM&google_cver=1
Request Chain 236
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8617581c-fe7a-45a1-88ea-d9c42be8be2e&expiration=1680151658&gdpr=0&gdpr_consent=
Request Chain 237
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2880075393854299393
Request Chain 239
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1693198058&external_user_id=86606a2e-a0c6-46ec-8593-6577f3f86e60
Request Chain 240
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y_2Han7pZgUREwcC7NCsAgAAEuYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y_2Han7pZgUREwcC7NCsAgAAEuYAAAAB
Request Chain 241
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=0&redir2=true&uid=Y_2Han7pZgUREwcC7NCsAgAAEuYAAAAB HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y_2Han7pZgUREwcC7NCsAgAAEuYAAAAB
Request Chain 242
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7998148270748583470
Request Chain 243
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=aad563fd-8769-4d00-956a-16a72f02942f
Request Chain 244
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAE-B07H-w8AACCNFizZLg&expiration=1678769258
Request Chain 245
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y-2HagAAA2yuQQAh HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y-2HagAAA2yuQQAh&_test=Y-2HagAAA2yuQQAh
Request Chain 246
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y-2Han7pZgUREwcC7NCsAgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELSlelmcnItNefMZb7x3AgA&google_cver=1
Request Chain 247
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y_2Han7pZgUREwcC7NCsAgAAEuYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y_2Han7pZgUREwcC7NCsAgAAEuYAAAAB
Request Chain 248
  • https://tg.socdm.com/aux/idsync?proto=index_exchange HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=206&external_user_id=Y-2HasCo8YMAADfxVEYAAAAA
Request Chain 249
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=AB13E9F4CF804DFDB8BB2CF6FA17A233
Request Chain 250
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=0&redir2=true&uid=Y_2Han7pZgUREwcC7NCsAgAAEuYAAAAB HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y_2Han7pZgUREwcC7NCsAgAAEuYAAAAB
Request Chain 302
  • https://idsync.rlcdn.com/420046.gif?partner_uid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CM7RGRJMCkgIARC-ngEaQGFrN2ZSODlkaFh0YzdMS0lpeURaQ0xYNHVSVW91ellGNUU3Z2YyZkFUVEhEU01YeFJUWVdoSmhGdG1jZUFkNE4QABoNCOuO9p8GEgUI6AcQAEIASgA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=0e24e4ec0f6f37114e0b4519acd0939857a974830ee8035af7c1a82ad4d3a763791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAwZTI0ZTRlYzBmNmYzNzExNGUwYjQ1MTlhY2QwOTM5ODU3YTk3NDgzMGVlODAzNWFmN2MxYTgyYWQ0ZDNhNzYzNzkxNDI2YjU0MTdkY2UyMRAAGgwI6472nwYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAwZTI0ZTRlYzBmNmYzNzExNGUwYjQ1MTlhY2QwOTM5ODU3YTk3NDgzMGVlODAzNWFmN2MxYTgyYWQ0ZDNhNzYzNzkxNDI2YjU0MTdkY2UyMRAAGgwI6472nwYSBAgCEABCAEoA&google_gid=CAESEKciHO-ml_pcF8EegefYVpI&google_cver=1
Request Chain 304
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=appnexus&uid=7998148270748583470&obUid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Request Chain 305
  • https://dpm.demdex.net/ibs:dpid=133726&dpuuid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N&gdpr=0&gdpr_pd=1&gdpr_consent=
Request Chain 307
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=ttd&uid=8617581c-fe7a-45a1-88ea-d9c42be8be2e&gdpr=0&gdpr_consent=
Request Chain 310
  • https://rtb.mfadsrvr.com/sync?ssp=outbrain&ssp_user_id=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=outbrain&ssp_user_id=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N
Request Chain 311
  • https://x.bidswitch.net/sync?ssp=outbrain&user_id=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Doutbrain%26bsw_param%3De119dc05-085a-4847-8297-b3a8107c30a2%26gdpr%3D0%26consent%3D%26gdpr_pd%3D1%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=b1513c181bab46b7ad1130098277c525&ssp=outbrain&bsw_param=e119dc05-085a-4847-8297-b3a8107c30a2&gdpr=0&consent=&gdpr_pd=1&expires=7 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=e119dc05-085a-4847-8297-b3a8107c30a2&gdpr=0&gdpr_consent=&gdpr_pd=1&us_privacy=
Request Chain 313
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&google_dbm HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEPnHN6Yx5peaQ2ucuFLMlUw&google_cver=1 HTTP 302
  • https://crb.kargo.com/api/v1/bswsync?bsw_uuid=e119dc05-085a-4847-8297-b3a8107c30a2&dsp_uuid=&dsp_id=&krg_ids=&gdpr=&gdpr_consent=&us_privacy=
Request Chain 314
  • https://dsp.adfarm1.adition.com/cookie/?ssp=25&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7205063872508131479&gdpr=0&gdpr_consent=
Request Chain 315
  • https://ps.eyeota.net/match?bid=1mpn7m0&uid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N HTTP 302
  • https://ps.eyeota.net/match/bounce/?bid=1mpn7m0&uid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MnZjUzZnUDF6MGttN1pMVW9yWHpSZmZMRHQ5Y2lmdUt6TXhfQnczM1JPV3c&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=1mpn7m0& HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=1mpn7m0&google_gid=CAESEFdrshrplJTc6_0sWFScc3I&google_cver=1 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26dc_rc%3D2%26dc_mr%3D5%26dc_orig%3D1mpn7m0%26 HTTP 302
  • https://ps.eyeota.net/match?uid=7998148270748583470&bid=2cr76e1&dc_rc=2&dc_mr=5&dc_orig=1mpn7m0& HTTP 302
  • https://i.w55c.net/ping_match.gif?st=EYEOTA&rurl=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D9sn4omv%26uid%3D_wfivefivec_%26newuser%3D1%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D1mpn7m0%26 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=EYEOTA&rurl=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D9sn4omv%26uid%3D_wfivefivec_%26newuser%3D1%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D1mpn7m0%26 HTTP 302
  • https://ps.eyeota.net/match?bid=9sn4omv&uid=0HbQZVuT1PwRTR5&newuser=1&dc_rc=3&dc_mr=5&dc_orig=1mpn7m0& HTTP 302
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=4&dc_mr=5&dc_orig=1mpn7m0& HTTP 302
  • https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=2880075393854299393&newuser=1&dc_rc=4&dc_mr=5&dc_orig=1mpn7m0& HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/match?uid=8617581c-fe7a-45a1-88ea-d9c42be8be2e&bid=1e2n4ou
Request Chain 317
  • https://creativecdn.com/cm-notify?pi=outbrain&obUid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=e9IEjN0e608AkFlPRvOk&pi=outbrain&obUid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Request Chain 320
  • https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N HTTP 302
  • https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N&xl8blockcheck=1 HTTP 302
  • https://analytics.twitter.com/i/adsct?p_user_id=026502c72fcae0acb1aaae729eed0231&p_id=28539
Request Chain 321
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3Dak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=Y_2Han7pZgUREwcC7NCsAgAAEuYAAAAB&obUid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Request Chain 322
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.outbrain.com%252Fcookie-sync%253Fp%253Dpubmatic%2526obUid%253Dak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N%2526gdpr%253D0%2526initiator%253Dob%2526gdpr_consent%253D%2526us_privacy%253D1---%2526uid%253D%2523PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=-1&gdpr_consent=PM_CONSENT HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=-1&gdpr_consent=PM_CONSENT&piggybackCookie=CAESEFZ0OL3bTePz0Udc5QlY-ZI&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=PM_CONSENT
Request Chain 323
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob%26obUid%3Dak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N%26uid%3D HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=openx&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&obUid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N&uid=64e31ff1-2d5c-452c-b8b1-13a216a36bc2
Request Chain 333
  • https://cms.quantserve.com/pixel/p-cxanv6hYFn1kw.gif?idmatch=0&obUid%3Dak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=quantcast&gdpr=0&initiator=ob&uid=oKwwtK6oYOm7pzO1pqd7taarb-K7-mDlo_4LcD9O
Request Chain 347
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpastelink.net%2F&domain=pastelink.net&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=yIleLXxHQTFhK1IxUkVud1NNTE5seHh6cklwRmE0eG44RWxMYVJoYnRLVko3ditSaEJoQ1htaE4wQ1ljSTBMdTMvVXdpQmU1UytNT0NSMXNQUVowdVBuWWFlYUhiRWxNZzk0WjFaNnU4ekhsVjBPWjlnbDMzSmJ0cTBXV3hEak4zdU9SRGNMZlhzZDFMY3FOMlFtQzA4bnUwWVIvME5Lb0g4RXBZQnkwbEdXRXY5TzRtR1FXR25aaTZPOGJoV21tRHV6blRTdTF0b2FobFlJcS9wZlR4Y0xjTEtYZjIrZkxZSEUrV0ZpVm12Y2JBNnB3PXw&cppv=2
Request Chain 353
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=7998148270748583470
Request Chain 355
  • https://x.bidswitch.net/sync?ssp=vidoomy HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=vidoomy&ssp_user_id=e119dc05-085a-4847-8297-b3a8107c30a2&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-Ax5WEXZE2pmEk859p1.aMGJmRf1qKnvJF8vaqw--~A&expires=5&ssp=vidoomy HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=e119dc05-085a-4847-8297-b3a8107c30a2
Request Chain 356
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=120&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
Request Chain 357
  • https://ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-7NSKkltE2uHr0SU0ke3vx0Pc2xV1C_dzPV4SwjI-~A&gdpr=0
Request Chain 359
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=e119dc05-085a-4847-8297-b3a8107c30a2 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=e119dc05-085a-4847-8297-b3a8107c30a2
Request Chain 362
  • https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS03TlNLa2x0RTJ1SHIwU1Uwa2UzdngwUGMyeFYxQ19kelBWNFN3akktfkE%3D&gdpr=0
Request Chain 365
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 369
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3205612588092160000V10%26type%3Dopx%26refUrl%3D%26vid%3D75596597793205612588092160000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3205612588092160000V10&type=opx&refUrl=&vid=75596597793205612588092160000V10&ovsid=1cde5f69-f9b2-4230-b891-3f611cf73e35
Request Chain 370
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzIwNTYxMjU4ODA5MjE2MDAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEAvHUxmeVZhFdzfhtbKqWVM&google_cver=1
Request Chain 371
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3205612588092160000V10%26type%3Ddxu%26refUrl%3D%26vid%3D75596597793205612588092160000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3205612588092160000V10&type=dxu&refUrl=&vid=75596597793205612588092160000V10&ovsid=0HbQZVuT1PwRTR5
Request Chain 372
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=5cf22069-aa04-4638-b604-6ca9d33707fc
Request Chain 373
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dmedianet%26bsw_param%3De119dc05-085a-4847-8297-b3a8107c30a2&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=aad563fd-8769-4d00-956a-16a72f02942f&expires=30&ssp=medianet&bsw_param=e119dc05-085a-4847-8297-b3a8107c30a2&gdpr=0&gdpr_consent= HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=e119dc05-085a-4847-8297-b3a8107c30a2&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 376
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=8617581c-fe7a-45a1-88ea-d9c42be8be2e
Request Chain 379
  • https://eb2.3lift.com/getuid?limit=50&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID HTTP 302
  • https://rtb.adxpremium.services/setuid?bidder=triplelift&uid=4201761885516150637312
Request Chain 382
  • https://c1.adform.net/serving/cookie/match?party=14&cid=1C19B134-CD28-4161-A2B4-3CBE3D8A7DF1&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1C19B134-CD28-4161-A2B4-3CBE3D8A7DF1&gdpr=0&gdpr_consent=
Request Chain 383
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:aad563fd-8769-4d00-956a-16a72f02942f&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 385
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=z4e4179hvg8 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 387
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-xzmk_UYts7gF-WS_Retkv0bucXgSrbC-E7jVmIf HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3Dak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N%26gdpr%3D0%26initiator%3Dob%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D1C19B134-CD28-4161-A2B4-3CBE3D8A7DF1 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N&gdpr=0&initiator=ob&gdpr_consent=&us_privacy=1---&uid=1C19B134-CD28-4161-A2B4-3CBE3D8A7DF1
Request Chain 388
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3Dak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N%26gdpr%3D0%26initiator%3Dob%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D1C19B134-CD28-4161-A2B4-3CBE3D8A7DF1 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N&gdpr=0&initiator=ob&gdpr_consent=&us_privacy=1---&uid=1C19B134-CD28-4161-A2B4-3CBE3D8A7DF1
Request Chain 389
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=Ydf6CgF-DImETTYQbIf9Yw
Request Chain 392
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=bfvkl9s58b3l HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 395
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=9e0a550007f34b6b813128b85cb47d25
Request Chain 396
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:0HbQZVuT1PwRTR5&gdpr=0&gdpr_consent=
Request Chain 398
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1677559660117 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=8360631824 HTTP 302
  • https://sync.1rx.io/usersync/turn/2880075393854299393?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-2d3c2bc4-bba4-4dca-a344-fe094d534118-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-2d3c2bc4-bba4-4dca-a344-fe094d534118-004 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-2d3c2bc4-bba4-4dca-a344-fe094d534118-004 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 403
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AB13E9F4CF804DFDB8BB2CF6FA17A233&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 405
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=HBmxNM0oQWGitDy-PYp98Q%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 409
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8617581c-fe7a-45a1-88ea-d9c42be8be2e&gdpr=0&gdpr_consent=
Request Chain 410
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=1C19B134-CD28-4161-A2B4-3CBE3D8A7DF1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-8YgTUKpE2uW_NFf98jKNyGDhkZXfnzM-~A&gdpr=0
Request Chain 411
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1349367368919156554
Request Chain 412
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
Request Chain 413
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=1C19B134-CD28-4161-A2B4-3CBE3D8A7DF1&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1521249daa321b1b&is_secure=true&networkId=17100&version=1&nuid=1C19B134-CD28-4161-A2B4-3CBE3D8A7DF1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJoUCuXvgbFwMESW__AAAAAAA&expiration=1677646060&nuid=1C19B134-CD28-4161-A2B4-3CBE3D8A7DF1&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 414
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2880075393854299393&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 415
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Request Chain 417
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LENRPG73-J-9NF0 HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LENRPG73-J-9NF0

409 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request o3zyl3g7
pastelink.net/ 		26 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pastelink.net/o3zyl3g7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
4d080f148635a59fd89ff3aaf08c33b8bea0e220e02e33eb0c1ae7c8be808b9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 28 Feb 2023 04:47:34 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
SAMEORIGIN
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::5f , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ebfd96030683611d9ed054682f1ddf8b9098bc7d10105602b338605b0ae82a9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 28 Feb 2023 04:47:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 04:47:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 28 Feb 2023 04:47:34 GMT
styles.css
pastelink.net/assets/css/ 		121 KB
121 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastelink.net/assets/css/styles.css?q=35
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
db2363029b4f54378ff6662b39bc15138122f515494fc54048fd89a70485fe55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/o3zyl3g7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 06 Jan 2023 14:09:07 GMT
server
nginx
etag
"63b82b83-1e279"
content-type
text/css
accept-ranges
bytes
content-length
123513
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer
https://pastelink.net/
Origin
https://pastelink.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:34 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1677559654.dop238.la3.t,1677559654.cds239.la3.hn,1677559654.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
script.min.js
pastelink.net/assets/js/ 		41 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastelink.net/assets/js/script.min.js?q=35
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
190d542d8e593c755fd16e67ca62583e183957829dfb69cc2e00c7bf67df237d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/o3zyl3g7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 17 Nov 2022 12:00:15 GMT
server
nginx
etag
"6376224f-a225"
content-type
application/javascript
accept-ranges
bytes
content-length
41509
js.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/js-cookie/latest/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/js-cookie/latest/js.cookie.min.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
472558
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
772
last-modified
Mon, 04 May 2020 16:11:49 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec5-6d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xhIrWVgqOUF%2Fa7p%2Bw4kuHxJP%2BaLj%2Bde%2BCGzsNQ%2FsfEfL6u5uzBCeW9Bg%2B6m83wHzqvBVAxesL%2FhJ84RNeJjDWdQlrXzUJTCdSguZ0aey4EfRdbi5buleGnx5FLrybFHniybT4Umi0%2FofW9DWLu4Tdi8q"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7a0685df289d5627-SIN
expires
Sun, 18 Feb 2024 04:47:34 GMT
rules.js
cdn.adligature.com/pl/prod/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adligature.com/pl/prod/rules.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5d0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
670dc66bdd658139d240eedad1274df27975093212b087640ace94fdd41e2038

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4
cf-polished
origSize=29547
x-guploader-uploadid
ADPycduv8M-bhDYt7NBaCzemkEhStphnd9SoJhxBII29e-QpRkko219AWCNYGU98Mdf8XDaU2Q8WIorCi5IcDfj1kYPArirnRe7q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 09 Feb 2023 19:08:54 GMT
server
cloudflare
etag
W/"7543a866e92135abc861c11eeb7b8ee8"
vary
Accept-Encoding
x-goog-generation
1675969734359872
content-type
application/javascript
x-goog-hash
crc32c=rHH5GQ==, md5=dUOoZukhNavIYcEe63uO6A==
cache-control
public, max-age=1800, s-maxage=600, must-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sHWxvSBCgOad5Q0SDmt8PeDiRZ2M5Pv%2FnVKXpxqdVWSR%2FCrVKu%2F8fX6WzZ4dG6xl6jlD4GWFYyGDvzMLxcrqOU8WBH6yv86twfyjce4%2FSxs9nykuBJUCHpfwpQaKgr3ZRHAKMl8DxB6s2rrbkM6BPvs%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
29547
cf-ray
7a0685df286c4637-SIN
expires
Tue, 28 Feb 2023 04:50:43 GMT
css2
fonts.googleapis.com/ 		1 KB
492 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Anonymous+Pro:wght@400&display=swap
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::5f , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bb7d3684cb42a4d70196d25046661222df52254fb53dde71c462d48b5170ee03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 28 Feb 2023 04:47:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 04:47:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 28 Feb 2023 04:47:34 GMT
api.js
www.google.com/recaptcha/ 		909 B
894 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=captchaLoaded
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::67 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6d5a69bf6efbe9bfc9502e641f47f0b06f340727897f1aec897878e35b9cc5c1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
574
x-xss-protection
1; mode=block
expires
Tue, 28 Feb 2023 04:47:34 GMT
gtm.js
www.googletagmanager.com/ 		187 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c06::61 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
41584519b7ae154b9c5d36e2d05a06a6fffd25839f8618cfc994a4ab97984e26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67983
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 28 Feb 2023 04:47:34 GMT
advally-5.6.0.js
cdn.adligature.com/rules.js/ 		109 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adligature.com/rules.js/advally-5.6.0.js
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/rules.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5d0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc512301255515966a31281192fd886494b8ff8a8ce75ecba79d13b1b50e2f96

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3373
cf-polished
origSize=178816
x-guploader-uploadid
ADPycdsdcmMa1ZRrOFUlfdH0ZbTFkIqUgMYHXZFzYFZou1ghScvLabIz-FQR626i1OfJcA1qXSLTFia25GzaFcrpM3Zo1W_vzvZk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 14 Dec 2022 18:36:31 GMT
server
cloudflare
etag
W/"93d406c6937e7a8018d85789ad1193d5"
vary
Accept-Encoding
x-goog-generation
1671042991645353
content-type
application/javascript
x-goog-hash
crc32c=n6grAA==, md5=k9QGxpN+eoAY2FeJrRGT1Q==
cache-control
public, max-age=7200, s-maxage=7200, must-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ccLclcVNQasYzEcBazkdXAMzji8YuBgPN6I2g8P0Agpm9gFFqTA7ByUjYuHoqgEV3%2FqXtTYui67K0zxQPyu%2BlAEwsQatjTfk9TpiLoZVnTqpAvPoG7MvOF6SCHguZ%2FXsC8UqBImJD0IhfcJPuBrDgoc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
178816
cf-ray
7a0685e38e414637-SIN
expires
Tue, 28 Feb 2023 05:51:21 GMT
rules.css
cdn.adligature.com/pl/prod/ 		212 B
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.adligature.com/pl/prod/rules.css
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/rules.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5d0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9deaac5d56e16e3ebabea7074260b0fd928a5f1ed99708ce779fba46a83bcdc8

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
209
x-guploader-uploadid
ADPycduHBSHVvPF3vrF1XXhHgDSUH1GPu4BsB6cKY-Kwq7MK6uDpiD9c-L9TEfkP_Qn9m_wOr2tv-WpaQgHgtKrgCvr-KMRTnOzp
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 09 Feb 2023 19:08:53 GMT
server
cloudflare
etag
W/"6028266d2acabeaa67379ad7bbbb6964"
vary
Accept-Encoding
x-goog-hash
crc32c=mXGApQ==, md5=YCgmbSrKvqpnN5rXu7tpZA==
x-goog-generation
1675969733527635
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BTDh%2FFumDC3ZVkaXxwfrlAyuhkFAj2ghM%2FzE%2FC59aeLqgMmPHExy3%2F%2F1HUU0vKZlKW0p1XTCx7GHQOq3Zox3UERc2k3S2JaLna6JZL4u1rNEfKNS8GRCMOj%2BfIL1KOfCM7xTRK8%2FB8Vn%2BP2HAHpvWbY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=1800, s-maxage=600, must-revalidate
x-goog-stored-content-length
212
cf-ray
7a0685e38e434637-SIN
expires
Tue, 28 Feb 2023 04:50:44 GMT
recaptcha__zh_cn.js
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ 		413 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__zh_cn.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=captchaLoaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
656f9fa258fc711a3ea9dafc2188d05e88139d8756b6c0b98b4d361b22cd2c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Origin
https://pastelink.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 19:00:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
467223
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
167619
x-xss-protection
0
last-modified
Mon, 20 Feb 2023 05:03:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 22 Feb 2024 19:00:31 GMT
debut_light.png
pastelink.net/assets/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/debut_light.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
c24ccee9a35eef9e74411eac871935bdff6bcb895cce80b754b66d3e4292a3ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Oct 2022 11:31:15 GMT
server
nginx
etag
"6347f703-10c8"
content-type
image/png
accept-ranges
bytes
content-length
4296
pastelink-logo.svg
pastelink.net/assets/images/logo/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/logo/pastelink-logo.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
01408f8061623faa6d2c0f015cd23483c3aa363c095e152f613ed94c87a5803d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Oct 2022 11:31:15 GMT
server
nginx
etag
"6347f703-d3d"
content-type
image/svg+xml
accept-ranges
bytes
content-length
3389
truncated
/ 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
13100cd3879e5c1385581d7c88153e60cd7c3e4b0578fe2838daa56da689769b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
arrow-down-blue.svg
pastelink.net/assets/images/ 		239 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/arrow-down-blue.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
50a60e5e5f2e8f10a2f8685031ec9849ba8faff613139f3a402e89f25ccbbabc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Oct 2022 11:31:15 GMT
server
nginx
etag
"6347f703-ef"
content-type
image/svg+xml
accept-ranges
bytes
content-length
239
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 18:42:06 GMT
x-content-type-options
nosniff
age
122728
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 26 Feb 2024 18:42:06 GMT
moon.svg
pastelink.net/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/moon.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
ed6cd01c384db70bedbe24986aa85b0745f994ad71b7e5712f8a60e1ff457d7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Oct 2022 11:31:15 GMT
server
nginx
etag
"6347f703-62e"
content-type
image/svg+xml
accept-ranges
bytes
content-length
1582
public-black.svg
pastelink.net/assets/images/ 		578 B
749 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/public-black.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
57226adbc32c91a8cd4ec9ee08e4f155f3450e79256731c04f81709a58c4c1fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Oct 2022 11:31:15 GMT
server
nginx
etag
"6347f703-242"
content-type
image/svg+xml
accept-ranges
bytes
content-length
578
social-spritesheet.png
pastelink.net/assets/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/social-spritesheet.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
8af24d7350dbdc8eea22e4737deaa35a795b19b0560d7173113bec7e8a3effb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Oct 2022 11:31:15 GMT
server
nginx
etag
"6347f703-70de"
content-type
image/png
accept-ranges
bytes
content-length
28894
logo-bg-90-tl.svg
pastelink.net/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/logo-bg-90-tl.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
1c9e4c65f9d921b1c0829958cc7b2f307a3e22ac7a23e8315b6db4c0954e1107
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Oct 2022 11:31:15 GMT
server
nginx
etag
"6347f703-933"
content-type
image/svg+xml
accept-ranges
bytes
content-length
2355
pastelink-logo-contrast.svg
pastelink.net/assets/images/logo/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/logo/pastelink-logo-contrast.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
3a73b36061944ebbb33696553917d393280f796e212afcd09057b441c1168606
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Oct 2022 11:31:15 GMT
server
nginx
etag
"6347f703-e31"
content-type
image/svg+xml
accept-ranges
bytes
content-length
3633
logo-symbol-non-white-bg.svg
pastelink.net/assets/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/logo-symbol-non-white-bg.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
15f20e02ef301e62ed325d633f971c506dcf1be3458c2371b849b505bb8673dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Oct 2022 11:31:15 GMT
server
nginx
etag
"6347f703-11c0"
content-type
image/svg+xml
accept-ranges
bytes
content-length
4544
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 10:18:56 GMT
x-content-type-options
nosniff
age
152918
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 26 Feb 2024 10:18:56 GMT
rP2Bp2a15UIB7Un-bOeISG3pHls29Q.woff2
fonts.gstatic.com/s/anonymouspro/v21/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/anonymouspro/v21/rP2Bp2a15UIB7Un-bOeISG3pHls29Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Anonymous+Pro:wght@400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
148b358d5c6a32ff44aa901fdd583519210675846edb6ccf8913a402054196a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 05:51:56 GMT
x-content-type-options
nosniff
age
82538
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17528
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:59:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Feb 2024 05:51:56 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Feb 2023 01:20:26 GMT
x-content-type-options
nosniff
age
271628
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Feb 2024 01:20:26 GMT
/
pro.ip-api.com/json/ 		53 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json/?key=ZxSSLwZtxrKxQbv&fields=status,countryCode,region
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-5.6.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
208.95.112.2 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
88aebe77c821689d5497225dda6e0c5ad7b75d71ff3e96430d251bfbc825a63a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 28 Feb 2023 04:47:35 GMT
Content-Length
53
Content-Type
application/json; charset=utf-8
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-5.6.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8c11aae918fb5cca27cc2197dc4b5c25045b8b292fadf7f869d134b52fff962
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26852
x-xss-protection
0
server
sffe
etag
"1496 / 600 of 1000 / last-modified: 1677539157"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 28 Feb 2023 04:47:35 GMT
prebid-7.35.0.js
cdn.adligature.com/pl/prod/ 		339 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-5.6.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5d0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f97f22fde697c9d8c77639fbbca1a74e82708f3c908d9005107cd2fc71033da1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
170
cf-polished
origSize=347853
x-guploader-uploadid
ADPycduMt__nI04Ol_wBXPnSrZEmjZH_edS7A48ff2C8IyH5l94ut2N3wNA3ge21BnYlYCVam_QKsPTwGy9ydOQd0W0GJA8bYRDJ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 09 Feb 2023 19:08:52 GMT
server
cloudflare
etag
W/"2da9bf1e0fca69a19e94f037f85b47f1"
vary
Accept-Encoding
x-goog-generation
1675969732685869
content-type
application/javascript
x-goog-hash
crc32c=S2tX3Q==, md5=Lam/Hg/KaaGelPA3+FtH8Q==
cache-control
public, max-age=900, s-maxage=300, must-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1sJHlzYUk2h0KDEgmKpC4DpSB5qy7XxVWIkYWdVIItcRklbRnlC3BYs3z19t%2FrOt9CPEvu30lLjIGkcdpugbg6PJOAHjYbqbuc6Gsssxe3mfikn5b%2BBuAl1mOcmXUbbZOv4Ow3vJwZM42cZuAZhIH6w%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
347853
cf-ray
7a0685e3dcfa5640-SIN
expires
Tue, 28 Feb 2023 04:49:45 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::66 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 28 Feb 2023 03:27:31 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
4804
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Tue, 28 Feb 2023 05:27:31 GMT
js
www.googletagmanager.com/gtag/ 		222 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c06::61 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6d49f48310a57e3586bd49da220d241c6eaff0df6fdd5a6789321427f13995e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79227
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 28 Feb 2023 04:47:35 GMT
pubads_impl_2023022301.js
securepubads.g.doubleclick.net/gpt/ 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f13c6b3026bf5f9437ea17554965e56be1b5ab25b5cf6f3de7415b5b8bd2f60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 22:46:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
367291
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132695
x-xss-protection
0
last-modified
Thu, 23 Feb 2023 09:36:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 23 Feb 2024 22:46:04 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		73 B
84 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=pastelink.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c64cda3c1c7c935b57b27894caec3b370b98d70011c8e5ea2f31691be13c8fe7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60
x-xss-protection
0
expires
Tue, 28 Feb 2023 04:47:35 GMT
collect
www.google-analytics.com/g/ 		0
169 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-S3DKHVPF03&gtm=45je32m0&_p=1754563963&cid=1573673022.1677559655&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677559655&sct=1&seg=0&dl=https%3A%2F%2Fpastelink.net%2Fo3zyl3g7&dt=What%20Does%20Online%20casino%20Malaysia%20Mean%3F%20-%20Pastelink.net&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::66 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1754563963&t=pageview&_s=1&dl=https%3A%2F%2Fpastelink.net%2Fo3zyl3g7&ul=en-us&de=UTF-8&dt=What%20Does%20Online%20casino%20Malaysia%20Mean%3F%20-%20Pastelink.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1886725496&gjid=253863096&cid=1573673022.1677559655&tid=UA-55088947-2&_gid=538662924.1677559655&_r=1&_slc=1&gtm=45He32m0n8155WHPWQ&z=1245046251
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c05::66 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pastelink.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=1754563963&t=pageview&_s=1&dl=https%3A%2F%2Fpastelink.net%2Fo3zyl3g7&ul=en-us&de=UTF-8&dt=What%20Does%20Online%20casino%20Malaysia%20Mean%3F%20-%20Pastelink.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABAAAAACAAI~&jid=1819513910&gjid=1771316118&cid=1573673022.1677559655&tid=UA-197326395-9&_gid=538662924.1677559655&_r=1&_slc=1&z=1769484616
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c05::66 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pastelink.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa68e17fb13028f96c0d5b38fcf7006182894eb694625f9dedf5824d5066a5f0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
localstore.js
script.4dex.io/ 		483 B
1012 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 28 Feb 2023 04:47:35 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
355243
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5jhVrl5RqHxQnd0KiTROih48ehTCS8aSTbhd1OK4GxbONWWK9XqcnbXBY4AA2gXPMBJ0CYZFtUKW4qS8RuZoOmGCCLP2ovNejcX5Zfio0razqRwmyrkvUP502jE8okWP35ygrLhZuAy7960V"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7a0685e88e8a89b0-SIN
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://pastelink.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://pastelink.net
access-control-max-age
600
age
0
content-length
0
date
Tue, 28 Feb 2023 04:47:35 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://pastelink.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://pastelink.net
access-control-max-age
600
age
0
content-length
0
date
Tue, 28 Feb 2023 04:47:35 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://pastelink.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://pastelink.net
access-control-max-age
600
age
0
content-length
0
date
Tue, 28 Feb 2023 04:47:35 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://pastelink.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://pastelink.net
access-control-max-age
600
age
0
content-length
0
date
Tue, 28 Feb 2023 04:47:35 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://pastelink.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://pastelink.net
access-control-max-age
600
age
0
content-length
0
date
Tue, 28 Feb 2023 04:47:35 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://pastelink.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://pastelink.net
access-control-max-age
600
age
0
content-length
0
date
Tue, 28 Feb 2023 04:47:35 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://pastelink.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://pastelink.net
access-control-max-age
600
age
0
content-length
0
date
Tue, 28 Feb 2023 04:47:35 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
234951acbc9a47f9696dcf836ca48b8d9c313cb941062be122306a0c8e967ee4

Request headers

Referer
https://pastelink.net/
x-openrtb-version
2.5
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 28 Feb 2023 04:47:35 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://pastelink.net
access-control-allow-credentials
true
content-length
3264
bidRequest
c2shb.pubgw.yahoo.com/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
0ec053d7651a067d46aee56c80b0cee3158c6a56e9d4a14decf15ce48717b11b

Request headers

Referer
https://pastelink.net/
x-openrtb-version
2.5
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 28 Feb 2023 04:47:35 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://pastelink.net
access-control-allow-credentials
true
content-length
3265
bidRequest
c2shb.pubgw.yahoo.com/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
8172bba3aba108988b1802890600d6a33bc362ccb9d0c14cb84a983942fcd79b

Request headers

Referer
https://pastelink.net/
x-openrtb-version
2.5
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 28 Feb 2023 04:47:35 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://pastelink.net
access-control-allow-credentials
true
content-length
3262
bidRequest
c2shb.pubgw.yahoo.com/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
ff8935e99942fb1f659c6c0801576ab36350ce5f9a20bc9bd6d440ae6429c13c

Request headers

Referer
https://pastelink.net/
x-openrtb-version
2.5
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 28 Feb 2023 04:47:35 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://pastelink.net
access-control-allow-credentials
true
content-length
3278
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
0f173341da07694e3803f018e983c5e4eab7ae7ac612bc67c374cca3fb47fa02

Request headers

Referer
https://pastelink.net/
x-openrtb-version
2.5
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 28 Feb 2023 04:47:35 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://pastelink.net
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
35c4b73ec6b6696b9fc19693bf337abaaa0363ead5f7b57e610d114923b21fe4

Request headers

Referer
https://pastelink.net/
x-openrtb-version
2.5
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 28 Feb 2023 04:47:35 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://pastelink.net
access-control-allow-credentials
true
content-length
2609
bidRequest
c2shb.pubgw.yahoo.com/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
f057c51ba04e3cb1106b37baa3704f1a73bb1fe9f8effab6efde6a08745a36a0

Request headers

Referer
https://pastelink.net/
x-openrtb-version
2.5
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 28 Feb 2023 04:47:35 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://pastelink.net
access-control-allow-credentials
true
content-length
2076
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU658616
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
fc703cca62391956b6a2caf2393650fb55ed749c05ee8533fbb02af72c34425f

Request headers

Referer
https://pastelink.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:35 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
192
alt-svc
clear
expires
Tue, 28 Feb 2023 04:47:35 GMT
imp
g2.gumgum.com/hbid/ 		400 B
944 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1677559655774&to=0&aun=advally-adhesion-slot&pubcid=467c04e8-26e2-425f-9e43-820cfd6efcda&gpid=%2F22405481091%2Fpastelink.net%2FBottom_adhesion_banner&t=arfs5lnr&pi=2&schain=1.0%2C1!advally.com%2CP58S175%2C1%2C8eec3348-a77d-4304-bfb0-dff3b7622b1c%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fpastelink.net%2Fo3zyl3g7&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.35.0%22%7D&ogu=https%3A%2F%2Fpastelink.net&ns=9626
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.64.5.129 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-64-5-129.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2efaee055a44041ed506b66b86cec9140cb14e934f1abd4c8e2ac14a89ef3a87

Request headers

Referer
https://pastelink.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:35 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
prebid
mp.4dex.io/ 		0
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:35 GMT
x-err
Parsing the Prebid Request. website disabled
x-version
3.0.0-gcp-tyo
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7a0685e8cdc0a081-SIN
expires
0
auction
rtb.adxpremium.services/openrtb2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
496ef1722cd085b9c4343a54d3df522f363f2345ebce8920a0965c5b8e3bfd3e

Request headers

Referer
https://pastelink.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 04:47:36 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://pastelink.net
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2033
Expires
0
mvo
tag.1rx.io/rmp/232868/0/ 		0
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/232868/0/mvo?z=1r&hbv=7.35,2.1
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.40.73.4 Queenstown Estate, Singapore, ASN54825 (PACKET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
pragma
no-cache
date
Tue, 28 Feb 2023 04:47:35 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		19 B
825 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 04:47:36 GMT
AN-X-Request-Uuid
7841a0e6-e927-47ba-867f-98c464575479
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://pastelink.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
209.58.162.217; 209.58.162.217; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=15788&adtype=banner&auc=advally-adhesion-slot&w=728&h=90&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&l=en&dt=1&pid=62178&requestId=44ec88386b6b156&schain=%5Bobject%20Object%5D&bidfloor=0&d=pastelink.net&sp=https%253A%252F%252Fpastelink.net%252Fo3zyl3g7&usp=&coppa=false&videoContext=
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.227.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-227-187.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Tue, 28 Feb 2023 04:47:36 GMT
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=15788&adtype=banner&auc=Top_leaderboard&w=300&h=250&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&l=en&dt=1&pid=62178&requestId=45de34a97c444f9&schain=%5Bobject%20Object%5D&bidfloor=0&d=pastelink.net&sp=https%253A%252F%252Fpastelink.net%252Fo3zyl3g7&usp=&coppa=false&videoContext=
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.227.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-227-187.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Tue, 28 Feb 2023 04:47:36 GMT
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=15788&adtype=banner&auc=AdvallyTag-pl-leadermpu-1&w=300&h=250&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&l=en&dt=1&pid=62178&requestId=46f96e2f97a54fd&schain=%5Bobject%20Object%5D&bidfloor=0&d=pastelink.net&sp=https%253A%252F%252Fpastelink.net%252Fo3zyl3g7&usp=&coppa=false&videoContext=
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.227.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-227-187.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Tue, 28 Feb 2023 04:47:36 GMT
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=15788&adtype=banner&auc=AdvallyTag-pl-leadermpu-2&w=300&h=250&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&l=en&dt=1&pid=62178&requestId=476faa4e91e1b7d&schain=%5Bobject%20Object%5D&bidfloor=0&d=pastelink.net&sp=https%253A%252F%252Fpastelink.net%252Fo3zyl3g7&usp=&coppa=false&videoContext=
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.227.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-227-187.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Tue, 28 Feb 2023 04:47:36 GMT
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=15788&adtype=banner&auc=AdvallyTag-pl-leadermpu-3&w=300&h=250&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&l=en&dt=1&pid=62178&requestId=48b744404300d47&schain=%5Bobject%20Object%5D&bidfloor=0&d=pastelink.net&sp=https%253A%252F%252Fpastelink.net%252Fo3zyl3g7&usp=&coppa=false&videoContext=
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.227.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-227-187.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Tue, 28 Feb 2023 04:47:36 GMT
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=15788&adtype=banner&auc=AdvallyTag-pl-leadermpu-4&w=300&h=250&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&l=en&dt=1&pid=62178&requestId=49722d395586b7b&schain=%5Bobject%20Object%5D&bidfloor=0&d=pastelink.net&sp=https%253A%252F%252Fpastelink.net%252Fo3zyl3g7&usp=&coppa=false&videoContext=
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.227.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-227-187.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Tue, 28 Feb 2023 04:47:36 GMT
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=15788&adtype=banner&auc=AdvallyTag-pl-leadermpu-5&w=300&h=250&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&l=en&dt=1&pid=62178&requestId=50aff162d530f2d&schain=%5Bobject%20Object%5D&bidfloor=0&d=pastelink.net&sp=https%253A%252F%252Fpastelink.net%252Fo3zyl3g7&usp=&coppa=false&videoContext=
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.227.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-227-187.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Tue, 28 Feb 2023 04:47:36 GMT
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=15788&adtype=banner&auc=Sidebar_MPU&w=160&h=600&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&l=en&dt=1&pid=62178&requestId=51a32b6afdeebf7&schain=%5Bobject%20Object%5D&bidfloor=0&d=pastelink.net&sp=https%253A%252F%252Fpastelink.net%252Fo3zyl3g7&usp=&coppa=false&videoContext=
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.227.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-227-187.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Tue, 28 Feb 2023 04:47:36 GMT
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
adjson
ads.betweendigital.com/ 		2 B
909 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.195.121.141 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://pastelink.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
adagio.js
script.4dex.io/ 		74 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 28 Feb 2023 04:47:35 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
PHB2P76V5Q22RMVZ
Age
413891
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
Bq2Mgto6YglIoDehuy61oxy1HgVroDTnBfZVXdiqfqjevbdrm1JT7Jcd19hJYj+wFOu3rylxb34=
Last-Modified
Tue, 22 Nov 2022 09:44:15 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uBDk7vER2EItynMUuKYjhfkEM0UbCAcESzuRSsYMAf1EYghvPWnmKHQBENyowjxx0%2F80EA4X%2BJLr2TVM9YJ1%2BfY%2FmVaKw5HysRJGJiYvrQWq%2FSMa7EWOa0dKdpaY1%2B7DJ9%2FF81dVdVtaMXFs"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
CF-RAY
7a0685e8dff0562c-SIN
integrator.js
adservice.google.com.sg/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.sg/adsid/integrator.js?domain=pastelink.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=pastelink.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		24 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2941814017867890&correlator=2068780864910860&eid=31072020%2C31072028&output=ldjh&gdfp_req=1&vrg=2023022301&ptt=17&impl=fif&iu_parts=22405481091%2Cpastelink.net%2CBottom_adhesion_banner&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=1&adks=759513158&sfv=1-0-40&prev_scp=rand_key%3D58%26hb_format_yahoossp%3Dbanner%26hb_size_yahoossp%3D728x90%26hb_pb_yahoossp%3D0.01%26hb_adid_yahoossp%3D2a19a89afcb3dd%26hb_bidder_yahoossp%3Dyahoossp%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.01%26hb_adid%3D2a19a89afcb3dd%26hb_bidder%3Dyahoossp&eri=1&cust_params=refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1677559656712&lmt=1677559656&dlt=1677559654242&idt=899&adxs=436&adys=1105&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpastelink.net%2Fo3zyl3g7&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=1600&ga_vid=1573673022.1677559655&ga_sid=1677559657&ga_hid=1754563963&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fcd49edd568d0af46903eb9bc06d5db252c1521e395ed52aacb52f435ce9c2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10399
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023022301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
99c85857040001a1faa0f5e1267cdd6575bf28aad5f9f2a96ae32834c9a1682c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11429
x-xss-protection
0
container.html
3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B3B1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Feb 2023 04:47:36 GMT
expires
Wed, 28 Feb 2024 04:47:36 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2941814017867890&correlator=2068780864910860&eid=31072020%2C31072028&output=ldjh&gdfp_req=1&vrg=2023022301&ptt=17&impl=fif&iu_parts=22405481091%2Cpastelink.net%2CTop_leaderboard&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=2&adks=2603746535&sfv=1-0-40&prev_scp=rand_key%3D58%26hb_format_yahoossp%3Dbanner%26hb_size_yahoossp%3D300x250%26hb_pb_yahoossp%3D0.02%26hb_adid_yahoossp%3D3e9ef308facaf9%26hb_bidder_yahoossp%3Dyahoossp%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.02%26hb_adid%3D3e9ef308facaf9%26hb_bidder%3Dyahoossp&eri=1&cust_params=refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1677559656725&lmt=1677559656&dlt=1677559654242&idt=899&adxs=310&adys=313&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpastelink.net%2Fo3zyl3g7&frm=20&vis=1&psz=705x142&msz=705x0&fws=4&ohw=1600&ga_vid=1573673022.1677559655&ga_sid=1677559657&ga_hid=1754563963&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76ffbbe0a327c50bc05feb886774e0ef4a0bfaef4fc937edfa9c7b05979edc80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9894
x-xss-protection
0
google-lineitem-id
6154689593
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412677853
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2941814017867890&correlator=2068780864910860&eid=31072020%2C31072028&output=ldjh&gdfp_req=1&vrg=2023022301&ptt=17&impl=fif&iu_parts=22405481091%2Cpastelink.net%2CInline_banner&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=3&adks=245733266&sfv=1-0-40&prev_scp=rand_key%3D58%26hb_format_yahoossp%3Dbanner%26hb_size_yahoossp%3D300x250%26hb_pb_yahoossp%3D0.01%26hb_adid_yahoossp%3D45b5fba26544e%26hb_bidder_yahoossp%3Dyahoossp%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.01%26hb_adid%3D45b5fba26544e%26hb_bidder%3Dyahoossp&eri=1&cust_params=refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1677559656730&lmt=1677559656&dlt=1677559654242&idt=899&adxs=513&adys=552&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpastelink.net%2Fo3zyl3g7&frm=20&vis=1&psz=665x0&msz=300x0&fws=4&ohw=1600&ga_vid=1573673022.1677559655&ga_sid=1677559657&ga_hid=1754563963&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
69e462b8ebc77b5549058cddc4257d5b06ec246e32a48033ed1a37325f4a1e5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9905
x-xss-protection
0
google-lineitem-id
6152651649
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412688323
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2941814017867890&correlator=2068780864910860&eid=31072020%2C31072028&output=ldjh&gdfp_req=1&vrg=2023022301&ptt=17&impl=fif&iu_parts=22405481091%2Cpastelink.net%2CInline_banner&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=4&adks=719487818&sfv=1-0-40&prev_scp=rand_key%3D58%26hb_format_yahoossp%3Dbanner%26hb_size_yahoossp%3D300x250%26hb_pb_yahoossp%3D0.02%26hb_adid_yahoossp%3D56e7b2db997fcb%26hb_bidder_yahoossp%3Dyahoossp%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.02%26hb_adid%3D56e7b2db997fcb%26hb_bidder%3Dyahoossp&eri=1&cust_params=refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1677559656733&lmt=1677559656&dlt=1677559654242&idt=899&adxs=513&adys=830&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpastelink.net%2Fo3zyl3g7&frm=20&vis=1&psz=665x0&msz=300x0&fws=4&ohw=1600&ga_vid=1573673022.1677559655&ga_sid=1677559657&ga_hid=1754563963&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee4c70732d477083547d0a15c839a5d60d40673a8b98cde650dabb2a0270e96b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9906
x-xss-protection
0
google-lineitem-id
6154689593
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412184187
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		24 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2941814017867890&correlator=2068780864910860&eid=31072020%2C31072028&output=ldjh&gdfp_req=1&vrg=2023022301&ptt=17&impl=fif&iu_parts=22405481091%2Cpastelink.net%2CInline_banner&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=5&adks=2453252592&sfv=1-0-40&prev_scp=rand_key%3D58&eri=1&cust_params=refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1677559656736&lmt=1677559656&dlt=1677559654242&idt=899&adxs=513&adys=1055&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpastelink.net%2Fo3zyl3g7&frm=20&vis=1&psz=665x0&msz=300x0&fws=4&ohw=1600&ga_vid=1573673022.1677559655&ga_sid=1677559657&ga_hid=1754563963&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8a363d7dc06f19dad28b352230a1fc967085b0412b36e7316653e1321de7f4a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10392
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		24 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2941814017867890&correlator=2068780864910860&eid=31072020%2C31072028&output=ldjh&gdfp_req=1&vrg=2023022301&ptt=17&impl=fif&iu_parts=22405481091%2Cpastelink.net%2CInline_banner&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=6&adks=2971478790&sfv=1-0-40&prev_scp=rand_key%3D58%26hb_format_yahoossp%3Dbanner%26hb_size_yahoossp%3D300x250%26hb_pb_yahoossp%3D0.00%26hb_adid_yahoossp%3D7021ab8cd08268%26hb_bidder_yahoossp%3Dyahoossp%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.00%26hb_adid%3D7021ab8cd08268%26hb_bidder%3Dyahoossp&eri=1&cust_params=refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1677559656739&lmt=1677559656&dlt=1677559654242&idt=899&adxs=513&adys=1224&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpastelink.net%2Fo3zyl3g7&frm=20&vis=1&psz=665x0&msz=300x0&fws=4&ohw=1600&ga_vid=1573673022.1677559655&ga_sid=1677559657&ga_hid=1754563963&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c384ac3ddb2d3b6b35f695dfccbe0b69c24a889fef96ffaa4e71a73f99b199af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10398
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2941814017867890&correlator=2068780864910860&eid=31072020%2C31072028&output=ldjh&gdfp_req=1&vrg=2023022301&ptt=17&impl=fif&iu_parts=22405481091%2Cpastelink.net%2CInline_banner&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=7&adks=2193558559&sfv=1-0-40&prev_scp=rand_key%3D58&eri=1&cust_params=refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1677559656742&lmt=1677559656&dlt=1677559654242&idt=899&adxs=513&adys=1483&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpastelink.net%2Fo3zyl3g7&frm=20&vis=1&psz=665x0&msz=300x0&fws=4&ohw=1600&ga_vid=1573673022.1677559655&ga_sid=1677559657&ga_hid=1754563963&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01a0ab39ee5cedddb2902edbfab54e7d303be490bab7018f5d0335036063299b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9739
x-xss-protection
0
google-lineitem-id
6050546567
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138395899325
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		24 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2941814017867890&correlator=2068780864910860&eid=31072020%2C31072028&output=ldjh&gdfp_req=1&vrg=2023022301&ptt=17&impl=fif&iu_parts=22405481091%2Cpastelink.net%2CSidebar_MPU&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&ifi=8&adks=3854452215&sfv=1-0-40&prev_scp=rand_key%3D58%26hb_format_yahoossp%3Dbanner%26hb_size_yahoossp%3D160x600%26hb_pb_yahoossp%3D0.00%26hb_adid_yahoossp%3D8444c0699661ca%26hb_bidder_yahoossp%3Dyahoossp%26hb_format%3Dbanner%26hb_size%3D160x600%26hb_pb%3D0.00%26hb_adid%3D8444c0699661ca%26hb_bidder%3Dyahoossp&eri=1&cust_params=refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1677559656745&lmt=1677559656&dlt=1677559654242&idt=899&adxs=1071&adys=521&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpastelink.net%2Fo3zyl3g7&frm=20&vis=1&psz=168x607&msz=160x-1&fws=4&ohw=1600&ga_vid=1573673022.1677559655&ga_sid=1677559657&ga_hid=1754563963&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f02ead055cee4bab07393741aa400ff5d883b05710407989a6f0e3e5f3b28d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10401
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 28 Feb 2023 04:47:36 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CD9C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
71932
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 27 Feb 2023 08:48:44 GMT
expires
Tue, 27 Feb 2024 08:48:44 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F800 		783 B
918 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::67 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b3f2d9d1877f7feda21921735f1c36c35c6971c991895bbf5ae3af4b7eea2039
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--Gqhgdr6QJyt73pKJJUURQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce--Gqhgdr6QJyt73pKJJUURQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 28 Feb 2023 04:47:36 GMT
expires
Tue, 28 Feb 2023 04:47:36 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js
pagead2.googlesyndication.com/bg/ Frame CD9C 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 01:23:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
185050
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14233
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 26 Feb 2024 01:23:26 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F800 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023022301&jk=2941814017867890&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame CD9C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?wH4uUw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:36 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
container.html
3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1193 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Feb 2023 04:47:36 GMT
expires
Wed, 28 Feb 2024 04:47:36 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 1193 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CjphAaIf9Y47TLYSeowPojrn4D73U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJ4AIAqAMBqgTyAU_QzB45TDr4wVysj5EsjiYLRo7GYZXwhUWCiYP6XUVcNkDzEIHBYPjlV8O1ohS1QEbVf0iQsZRdr28KnZWpxpORl1pOXK7ZPax5gv6hsf-1fxAtKo2MzP-CYmq0mXM02TSxmC0AGonr5TfbS8yEN1-59NjQRofLRRiMlFuMraKCEyRkKeRkuGKSjrYZaAwEv9mInIcW69K66oU0k3FO7MXEMOc00wlgGb7a9TXIo5MMoRW3l2zYcIgHAIYwblnlFyKpOWklRdFA7XoaF1zjAoP7sl1xF9OvCQpyyPI5CHbrEKIadaxviGIALgzC9f_hjuKa4AQBgAain6y69qaCkmOgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi05NjAyNTE5NTAyNjE4MjYyGPrefA&sigh=DUiv1oBT1SU&uach_m=[UACH]&cid=CAQSTADUE5ymaYjPfJpNLccMrmk38HyzfstQntAk3_EFkaT4RwyBXIjLwXpGC9BC9gfV-U-TXZWCh8bFrfllazr3aAhmiD_u2OahONv6_ucYAQ
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 1193 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kMWDFdr-BtgFWuC82V0CAAAAMkIh1OdfyRoQaIf9YwUg-oNPKNWQ-KkAABIAAAoOQVFVQkRRWUJEUUVCRFE&wp=Y_2HaAALaY4KaM8EAA5HaBA-3LGLBVhqYTcpzA
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::13 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:36 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
141204
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 5AB9 		48 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y_2HaAALaY4KaM8EAA5HaBA-3LGLBVhqYTcpzA&u=%7CUKt1300XUf6k%2BL44jS1uCLkHP45dmV7azRkKIUS7leQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2FeT-DQ8f6hYCLXxbRAsQQkXFNAtexRdGEEhufCpMWqN_hB3HDpSvT1uav1RsdIXOxSPHdaaBJcAyiDZmeS5lAceDpfSdDUVJQnlpRpBbJI0-2dfO5pXWTJkStzfzFXEMpiFj3FoLgHvj11NCqmN-gOZm7oWCAbk0uATz0AYdPxXri3W5AVvylyVfXyUhEkO9czK4j24-CkJNOa7HrVNTA652noXVjx_b9EShAbXOTdMZp6qRme-dfULQYsxqdlDe4Jd_rElr0luJICzJ5-KpT9Xq1MUvyPV7abBUUA7EzILINpj0sUmynKB4JxWh6j0ScNjYZjyBQ7YPD7o1Xo4cc3_GLhw27V5U9HZr0oMxmXy20dfl8mIkl4bzACPcub3Qi3v_Y_oy7n9DQh23KWaq7WfYyu2gehLg-AJ1rPhpNS9vR4Dn0dM0EkCKNlpTtb9-aj8OvxW_sH3qcLxJCVmwJC5SQvN-CZ_c7nzIaSh-oZNX0s3Qtz9xGBxo4KqrAzuuPIeZmf5UTjQXPPNS3rm6v4dRFm-qfDeaNHMZjsoG-4wxgMbBkKLEw5RMdtSnJDFqyMkICZXriaLU3_pBkYjFiN&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-dr7aIf9Y47TLYSeowPojrn4D73U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJ4AIAqAMBqgT1AU_QzB45TDr4wVysj5EsjiYLRo7GYZXwhUWCiYP6XUVcNkDzEIHBYPjlV8O1ohS1QEbVf0iQsZRdr28KnZWpxpORl1pOXK7ZPax5gv6hsf-1fxAtKo2MzP-CYmq0mXM02TSxmC0AGonr5TfbS8yEN1-59NjQRofLRRiMlFuMraKCEyRkKeRkuGKSjrYZaAwEv9mInIcW69K66oU0k3FO7MXEMOc00wlgGb7a9TXIo5MMoRW3l2zYcIgHAIYwblnlFyKpOWklRdFA7XoaFx7hIxF6efAf7X7SuNpdfQpzH3weGYwC5Qunp9fykRLu7XwPO4xgSnA24AQBgAain6y69qaCkmOgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lqwHOGTT7Kz15vpq_nb3E8hj1Mw%26client%3Dca-pub-9602519502618262%26adurl%3D
Requested by
Host: 3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com
URL: https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::15 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4f2a2bf13203d4d051acb0edbfb790789ad5c15b0c4a1755ed33e5fdbaf729d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 28 Feb 2023 04:47:36 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=XbdZD0Fj8ZQWIixjQwtOxHpit67jPCAL7oVEIgM_njy1mT834VTfWu-MyajxVOUAaANgGHkClz6uamng7oWu1NeSVL24tf0Xm3eH8ewSusGDT9IKO-sehvfTZceU9FKlh3gwm_7R1IS0tygLxxxZz1PFwAwMI96DfR7TzUUQ17VyBU_tYi0otkGB4ikKc7K6tc50J91mfMkjgNN7a4Jv4BYH_FbBNTtDNzi59tjUj9UXo5Nzy-EsU-N_3JWIDR8QWEUXBw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
6593682
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 1193 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com
URL: https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 23:01:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
20770
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Mar 2023 23:01:26 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 1193 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com
URL: https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 20:48:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
28724
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5959907985313552934
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Mar 2023 20:48:52 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 1193 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com
URL: https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:06:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
477679
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 22 Feb 2024 16:06:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1193 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com
URL: https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
184f7e9267bf77e6df354fcbd8c87029012a59f9aa277fde93f376349ee0f0a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49360
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677501794595172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 28 Feb 2023 04:47:36 GMT
truncated
/ Frame 1193 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67cec954dd3c5a51f526f9a5dd721ea65e23acf4d78c5abc03eac702be1ec550

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 855D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6qXIhTg8Gz1EGK6AMeick9lSpk2nGYTR_l119q5IP0sf-2JPIQMcm-YsIKLlQtz0s5IViULAtFVtelxAN6bDl-zaoXI4baawte2HOkl5wrHQUZlpZtmX3-2fs0S0RjiBTyjdEuOXYWPw6TNU2Z_tfbxahKxZK1kI1d1S-cZG6vxINA07TBKPsYtyiEYQXWE6onB48QeZde47d48lChnhD_D2o0wVzfww5Z2PsHTTUogEclHMRZwbbEBlkmMPrqbOjYRVwp2SVm4LHFWTQQLc1OaDH38rXEGbPfCimcCL6OTtITUIA0NYZJ66FRKywPZ_bhJ6ZxVjJgL6WJwKhHVGs2RY&sai=AMfl-YT4IqW5m2h1tFW9ABNMPHgvgo6fHLVDPHatJUuK3eLFB4I-EkScQvR_S3FKsufVapPIaiIC93QCmmVyKYBC8nueADesuOE-gS_rZ4mAo_GtHhdXB3YitIdSgBzstubnI4kdd3jjvp9gCgwoROqu&sig=Cg0ArKJSzFJXCiRDBpoIEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
latest.js
cdn.adligature.com/prebid/creative/ Frame 855D 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adligature.com/prebid/creative/latest.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5d0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
613efd0497ff39f53123ca22f71747b75f22d7ab9b6996aa1deaab799cefd334

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
594
cf-polished
origSize=26676
x-guploader-uploadid
ADPycdveXD04ldWXBARQIoroDnhbqsIHoaQBTekcZeS-s49tze52XCx8J3f_AXlOKOfn8x5yJfc4y9RtcYHabn0ZjNl84s2A18cN
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 01 Nov 2022 18:38:24 GMT
server
cloudflare
etag
W/"2ae59c013b7f4ee879f45354f6b5ecd7"
vary
Accept-Encoding
x-goog-generation
1667327904512712
content-language
en
content-type
application/javascript
x-goog-hash
crc32c=aFygIg==, md5=KuWcATt/Tuh59FNU9rXs1w==
cache-control
public, max-age=1800, s-maxage=600, must-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQz4AUGGfjgvGHgOl1mLQYTA5CEu0ZycKQmsVR0pU7HPUWSeQ0YaxZW6F6Z8bEraEVPBrlAPDYwtm3TKIROjg4dS6O5HIZA7xs1%2Fi5PkBvlttGgZarR4%2FT9hZuokXzMtB8ue9BdLJpiS%2B8DCvc5UGzw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
26676
cf-ray
7a0685f0ffe05640-SIN
expires
Tue, 28 Feb 2023 04:46:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 855D 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
184f7e9267bf77e6df354fcbd8c87029012a59f9aa277fde93f376349ee0f0a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49360
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677501794595172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 28 Feb 2023 04:47:37 GMT
https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3Dbb80f753eff34505baa5ea465ede6c74%26tid%3D8a96954f01747430358b3ccd...
pn.ybp.yahoo.com/ab/secure/true/imp/cZU6JvX2FJBwTCRvN1P_so0rISp10CRvjHb-4pNTIVuFjs4KnsMNhgsEfRZY9ak8CWKzDfrTrq9i7HJunjMRnhuxl2gTWeQZdpczXllKHaM2PrRlWd1g1jE9TkHEz4lUD-2i_9F9QAEPuJxDkvf8-Yp4GuKPRuilP... Frame 855D 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pn.ybp.yahoo.com/ab/secure/true/imp/cZU6JvX2FJBwTCRvN1P_so0rISp10CRvjHb-4pNTIVuFjs4KnsMNhgsEfRZY9ak8CWKzDfrTrq9i7HJunjMRnhuxl2gTWeQZdpczXllKHaM2PrRlWd1g1jE9TkHEz4lUD-2i_9F9QAEPuJxDkvf8-Yp4GuKPRuilPZRZ7EJgso6DMupIGdEZVih_o0L0wILwgXcwYtByHU6_mwMOJHP68u3oBtSd7_j5joiachpsOQNFFT1M4W6wCW3C7Etlwupk_L2UvDSjqSSqUbG4rv35WHS5ytWVV7L0dcMvoB2RMNHtyigmqtnC7QjstpmWKEbBAXjUU_0pnVet9Cg382cb7SQ-Ijfhjz4lVMIXSQUOAbb1TSNf2r9xv82VQr5cBGGWh92FDzwnMWCUZMkmGtQwU0JlLTpfcVyFWNFXtENaKN4PUV40aYev1Pr-VWeFkRVCCSEnY7WyfKpR1VHeRPI09naGXdV5f-sUs5FY31g7Tbkwl30-eWVa30KAW3P61GvWOOeG6W9Nsetshv9GnBLCgZgsqkjvfThIXfpgF-BRlXfxYT_0LMK_Ua52t-rQvz_9u-EHxl30_9xWXL0P4Dmtyy1tUanU7ygF3u--XdkRo8NQnYfqL_rXQpNSjAasJPCoDYhAeAQEWr-sUyijpk0vBSjRrjLvFYShyIUU1PaKLUQx4waWsb8oz6KQj3SaPh6GEwQuMtOnDPlJl3azWa5NOmo63TmHArOIfm6f5bjASK_jRweAzUTpUaIUp0m-ffc05lEENYoFRGhntJ1K1B4sKvv3x0vUHcGIUkD13CG0PWnY5fl9WWHW-BLLHGX0t84bskf4LqMAXsNzJ0OHgswfRQHrYkbASFNG242F-gNfBk45dOnxNgr2TBpQS5ZhXk07gEek8qtjy9NyQB7qA1hCsO0HWOOw9H8ht5npfDrWZ-GJ24HDuAK3-sJQa2p2GRQfHTOg7eau5r96CzFJ2AF5X1RhllvsKun4RQLeWwOu8hFQ2WRUFIybTXin_6jhNmvvC1urpVpd_qQ-PmH5JLnnoMkqX6IZJy2_XWKAJvPcdo0P6hAuCVGTBlM6gL8A-X9yEJeFcnMNZy5Jkk1KmHg8AIbsXU7ogEXy984L65tNNeD69LNoz851uTZhnIqpJuSvqf-Afc9eV4d-VUh-MNHJ7ZMw43zZsB7CvYW15UsL2nrnQgpcXqIh6l26BH0T4I7LTchekwZVrntW-H-B30X1jUIOxlE6gyjjfMcqppLydduFlXX4diMFR9E7nxPkixmuTmJ020kGF7MBimON1pT2M3Yc6vYRP-x0CKL1mMgs-pI6q_4D9i_CxNO8n9MxnMhpVayenOL1aN6GuDErhFDQv8zrY9cFnhQQMD_xSRLUSWV_JND8tc7YTwdU9tOT2XPb6UOZWByuju7MarSxoUdYayYaXtOAql-QFacdlRE44GXXFHVTBgrxr1XBkDm6OmvntpLjnGd28SX_kXEEFxjXGKA7umXssOWcOg8eNHFBfM4XA6OZnTGGcgyU01WldTLW/wp/0.022918/tr/0.002299/pa/null/pclick/https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3Dbb80f753eff34505baa5ea465ede6c74%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a969df9017979eb7899f132c763008f%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1677559655926%26rts%3D1677559655830%26ari%3Dc4a8f12211b044588dacf865131a0c2c%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3D0c411e1e-c2b7-4c10-891b-a77d1f35a526%26rdm%3D1%26rd%3D
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:2000:e4:1409::2000 , Taiwan, ASN56173 (YAHOO-SG3 internet content provider, SG),
Reverse DNS
Software
ATS /
Resource Hash
7205b49d2e586e72b07d05b9821607eb491b46d9b23e5edc2f9f1c2cdd7c5bcf
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/javascript
expiry
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
content-length
2554
adEvent.do
prod-m-node-2113.ssp.yahoo.com/admax/ Frame 855D 		43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-m-node-2113.ssp.yahoo.com/admax/adEvent.do?tidi=770938897&dcn=8a9694b7017979eb7fb8f131172d008c&posi=1533756&grp=%3F%3F%3F&nl=1677559655928&rts=1677559655830&pix=1&et=1&a=0c411e1e-c2b7-4c10-891b-a77d1f35a526&m=aXAtMTAtMjItMTM5LTIyMw..&p=MC4wMDAwMjI5MTg&b=MTMyNDA7T0FUSDEwNDE1MzAwMDtoaXRhY2hpLmNvbS5zZzs7OztjNGE4ZjEyMjExYjA0NDU4OGRhY2Y4NjUxMzFhMGMyYzs0Mjk2MDE4OTsxNjc3NTU4NjQ5OzswLjAwMDAyMDYxOTswLjEwMDM7MDs7NTA3NzkxNjthODJhMmJkZDg3NGIwYTljNDY0NDZlYWVlODg0OWVlYzc5MGZmZmYzOzE7MTs.&uid=y-539iqrNE2rPUjAteRQS9icyV.1pVgRYTigrsvb_EvUVK%7EA&xdi=Pz8_fEdvb2dsZXxOVCAxMC4wfDE3fERlc2t0b3A.&xoi=MHxTR1A.&hb=true&type=6&bkts=MjIjMTYw&af=2&dety=2
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.220.128.212 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-128-212.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
last-modified
Fri, 24 Feb 2023 18:23:56 GMT
server
nginx
accept-ranges
bytes
content-length
43
content-type
image/gif
pixels
service.idsync.analytics.yahoo.com/sp/v0/ Frame 855D 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=58301,57926,55936,55965,55859,55938&referrer=pastelink.net&limit=12&us_privacy=&js=1&_origin=1&gdpr=0&euconsent=
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.162.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
91a930fb5e49cbd21fc74b32d5a01d37b0dc406174f25ad1c70bbceeb768f80d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
server
ATS/9.1.10.25
age
0
content-type
application/javascript
talon-1.0.40.js
cdn.js7k.com/ix/ Frame 855D 		69 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.js7k.com/ix/talon-1.0.40.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2000:98:800::e6 , Taiwan, ASN38032 (YAHOO-HK2-AP internet content provider, HK),
Reverse DNS
Software
ATS /
Resource Hash
b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:31:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
JXBVDSHQFWAQ0ZB3
age
969
x-amz-server-side-encryption
AES256
content-length
16540
x-amz-id-2
poBp1dm3nat+7WzvSS7suOUUbYiP+uLZJfKclVECWv2upu+Iv/nOCxfiqyHeOifkuiHYkC7ow0I=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Apr 2022 16:08:42 GMT
server
ATS
etag
"adf514fab5c3f95007c73e6c3c901bfe-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=14400
accept-ranges
bytes
adfeedback-1.0.108.js
s.yimg.com/cb/af/ Frame 855D 		129 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/cb/af/adfeedback-1.0.108.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2000:98:800::e6 , Taiwan, ASN38032 (YAHOO-HK2-AP internet content provider, HK),
Reverse DNS
Software
ATS /
Resource Hash
68dd66af3c6e581b9b314bcefa73d9516dcf532e16b6bd55630cafd4eec67ff1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 02:51:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
ED43AKGA295SM15S
age
6989
x-amz-server-side-encryption
AES256
x-amz-id-2
XDEyfgEM5XlWdIBp14aPKcCRqepN7k7ZCJ8XYZc36SORa5s0jF42AFeqkzr2NNx6AnMSjp9LsQc=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 10 Mar 2022 01:19:31 GMT
server
ATS
etag
"dfb006d8a1b6390f06824b94bd8fa5d8-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=14400
accept-ranges
bytes
dcmads.js
www.googletagservices.com/dcm/ Frame 855D 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: pn.ybp.yahoo.com
URL: https://pn.ybp.yahoo.com/ab/secure/true/imp/cZU6JvX2FJBwTCRvN1P_so0rISp10CRvjHb-4pNTIVuFjs4KnsMNhgsEfRZY9ak8CWKzDfrTrq9i7HJunjMRnhuxl2gTWeQZdpczXllKHaM2PrRlWd1g1jE9TkHEz4lUD-2i_9F9QAEPuJxDkvf8-Yp4GuKPRuilPZRZ7EJgso6DMupIGdEZVih_o0L0wILwgXcwYtByHU6_mwMOJHP68u3oBtSd7_j5joiachpsOQNFFT1M4W6wCW3C7Etlwupk_L2UvDSjqSSqUbG4rv35WHS5ytWVV7L0dcMvoB2RMNHtyigmqtnC7QjstpmWKEbBAXjUU_0pnVet9Cg382cb7SQ-Ijfhjz4lVMIXSQUOAbb1TSNf2r9xv82VQr5cBGGWh92FDzwnMWCUZMkmGtQwU0JlLTpfcVyFWNFXtENaKN4PUV40aYev1Pr-VWeFkRVCCSEnY7WyfKpR1VHeRPI09naGXdV5f-sUs5FY31g7Tbkwl30-eWVa30KAW3P61GvWOOeG6W9Nsetshv9GnBLCgZgsqkjvfThIXfpgF-BRlXfxYT_0LMK_Ua52t-rQvz_9u-EHxl30_9xWXL0P4Dmtyy1tUanU7ygF3u--XdkRo8NQnYfqL_rXQpNSjAasJPCoDYhAeAQEWr-sUyijpk0vBSjRrjLvFYShyIUU1PaKLUQx4waWsb8oz6KQj3SaPh6GEwQuMtOnDPlJl3azWa5NOmo63TmHArOIfm6f5bjASK_jRweAzUTpUaIUp0m-ffc05lEENYoFRGhntJ1K1B4sKvv3x0vUHcGIUkD13CG0PWnY5fl9WWHW-BLLHGX0t84bskf4LqMAXsNzJ0OHgswfRQHrYkbASFNG242F-gNfBk45dOnxNgr2TBpQS5ZhXk07gEek8qtjy9NyQB7qA1hCsO0HWOOw9H8ht5npfDrWZ-GJ24HDuAK3-sJQa2p2GRQfHTOg7eau5r96CzFJ2AF5X1RhllvsKun4RQLeWwOu8hFQ2WRUFIybTXin_6jhNmvvC1urpVpd_qQ-PmH5JLnnoMkqX6IZJy2_XWKAJvPcdo0P6hAuCVGTBlM6gL8A-X9yEJeFcnMNZy5Jkk1KmHg8AIbsXU7ogEXy984L65tNNeD69LNoz851uTZhnIqpJuSvqf-Afc9eV4d-VUh-MNHJ7ZMw43zZsB7CvYW15UsL2nrnQgpcXqIh6l26BH0T4I7LTchekwZVrntW-H-B30X1jUIOxlE6gyjjfMcqppLydduFlXX4diMFR9E7nxPkixmuTmJ020kGF7MBimON1pT2M3Yc6vYRP-x0CKL1mMgs-pI6q_4D9i_CxNO8n9MxnMhpVayenOL1aN6GuDErhFDQv8zrY9cFnhQQMD_xSRLUSWV_JND8tc7YTwdU9tOT2XPb6UOZWByuju7MarSxoUdYayYaXtOAql-QFacdlRE44GXXFHVTBgrxr1XBkDm6OmvntpLjnGd28SX_kXEEFxjXGKA7umXssOWcOg8eNHFBfM4XA6OZnTGGcgyU01WldTLW/wp/0.022918/tr/0.002299/pa/null/pclick/https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3Dbb80f753eff34505baa5ea465ede6c74%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a969df9017979eb7899f132c763008f%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1677559655926%26rts%3D1677559655830%26ari%3Dc4a8f12211b044588dacf865131a0c2c%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3D0c411e1e-c2b7-4c10-891b-a77d1f35a526%26rdm%3D1%26rd%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:06:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2469
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6883
x-xss-protection
0
last-modified
Wed, 15 Feb 2023 19:52:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 28 Feb 2023 05:06:28 GMT
inside.js
cdn.js7k.com/rq/iv/ Frame 855D 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.js7k.com/rq/iv/inside.js
Requested by
Host: pn.ybp.yahoo.com
URL: https://pn.ybp.yahoo.com/ab/secure/true/imp/cZU6JvX2FJBwTCRvN1P_so0rISp10CRvjHb-4pNTIVuFjs4KnsMNhgsEfRZY9ak8CWKzDfrTrq9i7HJunjMRnhuxl2gTWeQZdpczXllKHaM2PrRlWd1g1jE9TkHEz4lUD-2i_9F9QAEPuJxDkvf8-Yp4GuKPRuilPZRZ7EJgso6DMupIGdEZVih_o0L0wILwgXcwYtByHU6_mwMOJHP68u3oBtSd7_j5joiachpsOQNFFT1M4W6wCW3C7Etlwupk_L2UvDSjqSSqUbG4rv35WHS5ytWVV7L0dcMvoB2RMNHtyigmqtnC7QjstpmWKEbBAXjUU_0pnVet9Cg382cb7SQ-Ijfhjz4lVMIXSQUOAbb1TSNf2r9xv82VQr5cBGGWh92FDzwnMWCUZMkmGtQwU0JlLTpfcVyFWNFXtENaKN4PUV40aYev1Pr-VWeFkRVCCSEnY7WyfKpR1VHeRPI09naGXdV5f-sUs5FY31g7Tbkwl30-eWVa30KAW3P61GvWOOeG6W9Nsetshv9GnBLCgZgsqkjvfThIXfpgF-BRlXfxYT_0LMK_Ua52t-rQvz_9u-EHxl30_9xWXL0P4Dmtyy1tUanU7ygF3u--XdkRo8NQnYfqL_rXQpNSjAasJPCoDYhAeAQEWr-sUyijpk0vBSjRrjLvFYShyIUU1PaKLUQx4waWsb8oz6KQj3SaPh6GEwQuMtOnDPlJl3azWa5NOmo63TmHArOIfm6f5bjASK_jRweAzUTpUaIUp0m-ffc05lEENYoFRGhntJ1K1B4sKvv3x0vUHcGIUkD13CG0PWnY5fl9WWHW-BLLHGX0t84bskf4LqMAXsNzJ0OHgswfRQHrYkbASFNG242F-gNfBk45dOnxNgr2TBpQS5ZhXk07gEek8qtjy9NyQB7qA1hCsO0HWOOw9H8ht5npfDrWZ-GJ24HDuAK3-sJQa2p2GRQfHTOg7eau5r96CzFJ2AF5X1RhllvsKun4RQLeWwOu8hFQ2WRUFIybTXin_6jhNmvvC1urpVpd_qQ-PmH5JLnnoMkqX6IZJy2_XWKAJvPcdo0P6hAuCVGTBlM6gL8A-X9yEJeFcnMNZy5Jkk1KmHg8AIbsXU7ogEXy984L65tNNeD69LNoz851uTZhnIqpJuSvqf-Afc9eV4d-VUh-MNHJ7ZMw43zZsB7CvYW15UsL2nrnQgpcXqIh6l26BH0T4I7LTchekwZVrntW-H-B30X1jUIOxlE6gyjjfMcqppLydduFlXX4diMFR9E7nxPkixmuTmJ020kGF7MBimON1pT2M3Yc6vYRP-x0CKL1mMgs-pI6q_4D9i_CxNO8n9MxnMhpVayenOL1aN6GuDErhFDQv8zrY9cFnhQQMD_xSRLUSWV_JND8tc7YTwdU9tOT2XPb6UOZWByuju7MarSxoUdYayYaXtOAql-QFacdlRE44GXXFHVTBgrxr1XBkDm6OmvntpLjnGd28SX_kXEEFxjXGKA7umXssOWcOg8eNHFBfM4XA6OZnTGGcgyU01WldTLW/wp/0.022918/tr/0.002299/pa/null/pclick/https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3Dbb80f753eff34505baa5ea465ede6c74%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a969df9017979eb7899f132c763008f%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1677559655926%26rts%3D1677559655830%26ari%3Dc4a8f12211b044588dacf865131a0c2c%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3D0c411e1e-c2b7-4c10-891b-a77d1f35a526%26rdm%3D1%26rd%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2000:98:800::e6 , Taiwan, ASN38032 (YAHOO-HK2-AP internet content provider, HK),
Reverse DNS
Software
ATS /
Resource Hash
1b3f1a6337f21366cf59487bb664dd0983c245ccf100be143f4366a07e005d09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 02:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
WSX55W1NG9WDHJJ9
age
8307
x-amz-server-side-encryption
AES256
content-length
14353
x-amz-id-2
ogeAQWlRQ1m7h2OEzc94I1VJUVUP+Hy1kvgZjrXcP62pzMmpb9j8aYqRXHbYJXKcluPzHEUxP4A=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Sep 2021 15:05:50 GMT
server
ATS
etag
"8ceeaab271ed688991789ed1090cb398-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=14400
accept-ranges
bytes
impl_v95.js
www.googletagservices.com/dcm/ Frame 855D 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v95.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 19:32:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
119687
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23368
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 18:47:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 26 Feb 2024 19:32:50 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 5AB9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_2HaAALaY4KaM8EAA5HaBA-3LGLBVhqYTcpzA&u=%7CUKt1300XUf6k%2BL44jS1uCLkHP45dmV7azRkKIUS7leQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2FeT-DQ8f6hYCLXxbRAsQQkXFNAtexRdGEEhufCpMWqN_hB3HDpSvT1uav1RsdIXOxSPHdaaBJcAyiDZmeS5lAceDpfSdDUVJQnlpRpBbJI0-2dfO5pXWTJkStzfzFXEMpiFj3FoLgHvj11NCqmN-gOZm7oWCAbk0uATz0AYdPxXri3W5AVvylyVfXyUhEkO9czK4j24-CkJNOa7HrVNTA652noXVjx_b9EShAbXOTdMZp6qRme-dfULQYsxqdlDe4Jd_rElr0luJICzJ5-KpT9Xq1MUvyPV7abBUUA7EzILINpj0sUmynKB4JxWh6j0ScNjYZjyBQ7YPD7o1Xo4cc3_GLhw27V5U9HZr0oMxmXy20dfl8mIkl4bzACPcub3Qi3v_Y_oy7n9DQh23KWaq7WfYyu2gehLg-AJ1rPhpNS9vR4Dn0dM0EkCKNlpTtb9-aj8OvxW_sH3qcLxJCVmwJC5SQvN-CZ_c7nzIaSh-oZNX0s3Qtz9xGBxo4KqrAzuuPIeZmf5UTjQXPPNS3rm6v4dRFm-qfDeaNHMZjsoG-4wxgMbBkKLEw5RMdtSnJDFqyMkICZXriaLU3_pBkYjFiN&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-dr7aIf9Y47TLYSeowPojrn4D73U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJ4AIAqAMBqgT1AU_QzB45TDr4wVysj5EsjiYLRo7GYZXwhUWCiYP6XUVcNkDzEIHBYPjlV8O1ohS1QEbVf0iQsZRdr28KnZWpxpORl1pOXK7ZPax5gv6hsf-1fxAtKo2MzP-CYmq0mXM02TSxmC0AGonr5TfbS8yEN1-59NjQRofLRRiMlFuMraKCEyRkKeRkuGKSjrYZaAwEv9mInIcW69K66oU0k3FO7MXEMOc00wlgGb7a9TXIo5MMoRW3l2zYcIgHAIYwblnlFyKpOWklRdFA7XoaFx7hIxF6efAf7X7SuNpdfQpzH3weGYwC5Qunp9fykRLu7XwPO4xgSnA24AQBgAain6y69qaCkmOgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lqwHOGTT7Kz15vpq_nb3E8hj1Mw%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Feb 2024 04:47:37 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 5AB9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_2HaAALaY4KaM8EAA5HaBA-3LGLBVhqYTcpzA&u=%7CUKt1300XUf6k%2BL44jS1uCLkHP45dmV7azRkKIUS7leQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2FeT-DQ8f6hYCLXxbRAsQQkXFNAtexRdGEEhufCpMWqN_hB3HDpSvT1uav1RsdIXOxSPHdaaBJcAyiDZmeS5lAceDpfSdDUVJQnlpRpBbJI0-2dfO5pXWTJkStzfzFXEMpiFj3FoLgHvj11NCqmN-gOZm7oWCAbk0uATz0AYdPxXri3W5AVvylyVfXyUhEkO9czK4j24-CkJNOa7HrVNTA652noXVjx_b9EShAbXOTdMZp6qRme-dfULQYsxqdlDe4Jd_rElr0luJICzJ5-KpT9Xq1MUvyPV7abBUUA7EzILINpj0sUmynKB4JxWh6j0ScNjYZjyBQ7YPD7o1Xo4cc3_GLhw27V5U9HZr0oMxmXy20dfl8mIkl4bzACPcub3Qi3v_Y_oy7n9DQh23KWaq7WfYyu2gehLg-AJ1rPhpNS9vR4Dn0dM0EkCKNlpTtb9-aj8OvxW_sH3qcLxJCVmwJC5SQvN-CZ_c7nzIaSh-oZNX0s3Qtz9xGBxo4KqrAzuuPIeZmf5UTjQXPPNS3rm6v4dRFm-qfDeaNHMZjsoG-4wxgMbBkKLEw5RMdtSnJDFqyMkICZXriaLU3_pBkYjFiN&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-dr7aIf9Y47TLYSeowPojrn4D73U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJ4AIAqAMBqgT1AU_QzB45TDr4wVysj5EsjiYLRo7GYZXwhUWCiYP6XUVcNkDzEIHBYPjlV8O1ohS1QEbVf0iQsZRdr28KnZWpxpORl1pOXK7ZPax5gv6hsf-1fxAtKo2MzP-CYmq0mXM02TSxmC0AGonr5TfbS8yEN1-59NjQRofLRRiMlFuMraKCEyRkKeRkuGKSjrYZaAwEv9mInIcW69K66oU0k3FO7MXEMOc00wlgGb7a9TXIo5MMoRW3l2zYcIgHAIYwblnlFyKpOWklRdFA7XoaFx7hIxF6efAf7X7SuNpdfQpzH3weGYwC5Qunp9fykRLu7XwPO4xgSnA24AQBgAain6y69qaCkmOgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lqwHOGTT7Kz15vpq_nb3E8hj1Mw%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Feb 2024 04:47:37 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 5AB9 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_2HaAALaY4KaM8EAA5HaBA-3LGLBVhqYTcpzA&u=%7CUKt1300XUf6k%2BL44jS1uCLkHP45dmV7azRkKIUS7leQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2FeT-DQ8f6hYCLXxbRAsQQkXFNAtexRdGEEhufCpMWqN_hB3HDpSvT1uav1RsdIXOxSPHdaaBJcAyiDZmeS5lAceDpfSdDUVJQnlpRpBbJI0-2dfO5pXWTJkStzfzFXEMpiFj3FoLgHvj11NCqmN-gOZm7oWCAbk0uATz0AYdPxXri3W5AVvylyVfXyUhEkO9czK4j24-CkJNOa7HrVNTA652noXVjx_b9EShAbXOTdMZp6qRme-dfULQYsxqdlDe4Jd_rElr0luJICzJ5-KpT9Xq1MUvyPV7abBUUA7EzILINpj0sUmynKB4JxWh6j0ScNjYZjyBQ7YPD7o1Xo4cc3_GLhw27V5U9HZr0oMxmXy20dfl8mIkl4bzACPcub3Qi3v_Y_oy7n9DQh23KWaq7WfYyu2gehLg-AJ1rPhpNS9vR4Dn0dM0EkCKNlpTtb9-aj8OvxW_sH3qcLxJCVmwJC5SQvN-CZ_c7nzIaSh-oZNX0s3Qtz9xGBxo4KqrAzuuPIeZmf5UTjQXPPNS3rm6v4dRFm-qfDeaNHMZjsoG-4wxgMbBkKLEw5RMdtSnJDFqyMkICZXriaLU3_pBkYjFiN&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-dr7aIf9Y47TLYSeowPojrn4D73U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJ4AIAqAMBqgT1AU_QzB45TDr4wVysj5EsjiYLRo7GYZXwhUWCiYP6XUVcNkDzEIHBYPjlV8O1ohS1QEbVf0iQsZRdr28KnZWpxpORl1pOXK7ZPax5gv6hsf-1fxAtKo2MzP-CYmq0mXM02TSxmC0AGonr5TfbS8yEN1-59NjQRofLRRiMlFuMraKCEyRkKeRkuGKSjrYZaAwEv9mInIcW69K66oU0k3FO7MXEMOc00wlgGb7a9TXIo5MMoRW3l2zYcIgHAIYwblnlFyKpOWklRdFA7XoaFx7hIxF6efAf7X7SuNpdfQpzH3weGYwC5Qunp9fykRLu7XwPO4xgSnA24AQBgAain6y69qaCkmOgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lqwHOGTT7Kz15vpq_nb3E8hj1Mw%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 23 Feb 2024 04:47:37 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 5AB9 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_2HaAALaY4KaM8EAA5HaBA-3LGLBVhqYTcpzA&u=%7CUKt1300XUf6k%2BL44jS1uCLkHP45dmV7azRkKIUS7leQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2FeT-DQ8f6hYCLXxbRAsQQkXFNAtexRdGEEhufCpMWqN_hB3HDpSvT1uav1RsdIXOxSPHdaaBJcAyiDZmeS5lAceDpfSdDUVJQnlpRpBbJI0-2dfO5pXWTJkStzfzFXEMpiFj3FoLgHvj11NCqmN-gOZm7oWCAbk0uATz0AYdPxXri3W5AVvylyVfXyUhEkO9czK4j24-CkJNOa7HrVNTA652noXVjx_b9EShAbXOTdMZp6qRme-dfULQYsxqdlDe4Jd_rElr0luJICzJ5-KpT9Xq1MUvyPV7abBUUA7EzILINpj0sUmynKB4JxWh6j0ScNjYZjyBQ7YPD7o1Xo4cc3_GLhw27V5U9HZr0oMxmXy20dfl8mIkl4bzACPcub3Qi3v_Y_oy7n9DQh23KWaq7WfYyu2gehLg-AJ1rPhpNS9vR4Dn0dM0EkCKNlpTtb9-aj8OvxW_sH3qcLxJCVmwJC5SQvN-CZ_c7nzIaSh-oZNX0s3Qtz9xGBxo4KqrAzuuPIeZmf5UTjQXPPNS3rm6v4dRFm-qfDeaNHMZjsoG-4wxgMbBkKLEw5RMdtSnJDFqyMkICZXriaLU3_pBkYjFiN&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-dr7aIf9Y47TLYSeowPojrn4D73U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJ4AIAqAMBqgT1AU_QzB45TDr4wVysj5EsjiYLRo7GYZXwhUWCiYP6XUVcNkDzEIHBYPjlV8O1ohS1QEbVf0iQsZRdr28KnZWpxpORl1pOXK7ZPax5gv6hsf-1fxAtKo2MzP-CYmq0mXM02TSxmC0AGonr5TfbS8yEN1-59NjQRofLRRiMlFuMraKCEyRkKeRkuGKSjrYZaAwEv9mInIcW69K66oU0k3FO7MXEMOc00wlgGb7a9TXIo5MMoRW3l2zYcIgHAIYwblnlFyKpOWklRdFA7XoaFx7hIxF6efAf7X7SuNpdfQpzH3weGYwC5Qunp9fykRLu7XwPO4xgSnA24AQBgAain6y69qaCkmOgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lqwHOGTT7Kz15vpq_nb3E8hj1Mw%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 23 Feb 2024 04:47:37 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 5AB9 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=6CM0w4LFEd_tdUcPFd42HDg_M9a1erx2_uXMTxTtwxUopCikaHwM1kYQW51SzGERwz14siMPAxPQfYulrwyXbgEKjbrUToHjoJdMVFhhoPUk0W8XVjulc3rfILkGxBgGJt8RsSmh7cAtn5uGY7X6CLmfLwwrcYAL38iVWdpXomL_OUEX0yj4mYY178XUne-TXv2Gp_KzvTI7FdYhDruqV4Bz5HpadNEc6hMjHMR8FBzkKAyxUpnxyHR9Fe9vsdOLF-Ha0facEp6XIjljI1bKpQyt_n1De-RaVnt6X96kKGioSYwJKzJZ11tPO66YS8sSlA5G2WyOP0oevCEondyVcD8QnUNHtRKuiRMeogGG-jdfL5la2fjN7Y27snS0vfryy-JewpO9cRcioZI14h5b8IHa6_OzpN9wdxRd_wWsfpftM8TE
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_2HaAALaY4KaM8EAA5HaBA-3LGLBVhqYTcpzA&u=%7CUKt1300XUf6k%2BL44jS1uCLkHP45dmV7azRkKIUS7leQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2FeT-DQ8f6hYCLXxbRAsQQkXFNAtexRdGEEhufCpMWqN_hB3HDpSvT1uav1RsdIXOxSPHdaaBJcAyiDZmeS5lAceDpfSdDUVJQnlpRpBbJI0-2dfO5pXWTJkStzfzFXEMpiFj3FoLgHvj11NCqmN-gOZm7oWCAbk0uATz0AYdPxXri3W5AVvylyVfXyUhEkO9czK4j24-CkJNOa7HrVNTA652noXVjx_b9EShAbXOTdMZp6qRme-dfULQYsxqdlDe4Jd_rElr0luJICzJ5-KpT9Xq1MUvyPV7abBUUA7EzILINpj0sUmynKB4JxWh6j0ScNjYZjyBQ7YPD7o1Xo4cc3_GLhw27V5U9HZr0oMxmXy20dfl8mIkl4bzACPcub3Qi3v_Y_oy7n9DQh23KWaq7WfYyu2gehLg-AJ1rPhpNS9vR4Dn0dM0EkCKNlpTtb9-aj8OvxW_sH3qcLxJCVmwJC5SQvN-CZ_c7nzIaSh-oZNX0s3Qtz9xGBxo4KqrAzuuPIeZmf5UTjQXPPNS3rm6v4dRFm-qfDeaNHMZjsoG-4wxgMbBkKLEw5RMdtSnJDFqyMkICZXriaLU3_pBkYjFiN&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-dr7aIf9Y47TLYSeowPojrn4D73U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJ4AIAqAMBqgT1AU_QzB45TDr4wVysj5EsjiYLRo7GYZXwhUWCiYP6XUVcNkDzEIHBYPjlV8O1ohS1QEbVf0iQsZRdr28KnZWpxpORl1pOXK7ZPax5gv6hsf-1fxAtKo2MzP-CYmq0mXM02TSxmC0AGonr5TfbS8yEN1-59NjQRofLRRiMlFuMraKCEyRkKeRkuGKSjrYZaAwEv9mInIcW69K66oU0k3FO7MXEMOc00wlgGb7a9TXIo5MMoRW3l2zYcIgHAIYwblnlFyKpOWklRdFA7XoaFx7hIxF6efAf7X7SuNpdfQpzH3weGYwC5Qunp9fykRLu7XwPO4xgSnA24AQBgAain6y69qaCkmOgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lqwHOGTT7Kz15vpq_nb3E8hj1Mw%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1952802
expires
Mon, 26 Jul 1997 05:00:00 GMT
15d4cc29b03246479a3c802a86f5b614_image_ad_728x90.gif
static.criteo.net/design/dt/81802/230220/ Frame 5AB9 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/81802/230220/15d4cc29b03246479a3c802a86f5b614_image_ad_728x90.gif
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_2HaAALaY4KaM8EAA5HaBA-3LGLBVhqYTcpzA&u=%7CUKt1300XUf6k%2BL44jS1uCLkHP45dmV7azRkKIUS7leQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2FeT-DQ8f6hYCLXxbRAsQQkXFNAtexRdGEEhufCpMWqN_hB3HDpSvT1uav1RsdIXOxSPHdaaBJcAyiDZmeS5lAceDpfSdDUVJQnlpRpBbJI0-2dfO5pXWTJkStzfzFXEMpiFj3FoLgHvj11NCqmN-gOZm7oWCAbk0uATz0AYdPxXri3W5AVvylyVfXyUhEkO9czK4j24-CkJNOa7HrVNTA652noXVjx_b9EShAbXOTdMZp6qRme-dfULQYsxqdlDe4Jd_rElr0luJICzJ5-KpT9Xq1MUvyPV7abBUUA7EzILINpj0sUmynKB4JxWh6j0ScNjYZjyBQ7YPD7o1Xo4cc3_GLhw27V5U9HZr0oMxmXy20dfl8mIkl4bzACPcub3Qi3v_Y_oy7n9DQh23KWaq7WfYyu2gehLg-AJ1rPhpNS9vR4Dn0dM0EkCKNlpTtb9-aj8OvxW_sH3qcLxJCVmwJC5SQvN-CZ_c7nzIaSh-oZNX0s3Qtz9xGBxo4KqrAzuuPIeZmf5UTjQXPPNS3rm6v4dRFm-qfDeaNHMZjsoG-4wxgMbBkKLEw5RMdtSnJDFqyMkICZXriaLU3_pBkYjFiN&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-dr7aIf9Y47TLYSeowPojrn4D73U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJ4AIAqAMBqgT1AU_QzB45TDr4wVysj5EsjiYLRo7GYZXwhUWCiYP6XUVcNkDzEIHBYPjlV8O1ohS1QEbVf0iQsZRdr28KnZWpxpORl1pOXK7ZPax5gv6hsf-1fxAtKo2MzP-CYmq0mXM02TSxmC0AGonr5TfbS8yEN1-59NjQRofLRRiMlFuMraKCEyRkKeRkuGKSjrYZaAwEv9mInIcW69K66oU0k3FO7MXEMOc00wlgGb7a9TXIo5MMoRW3l2zYcIgHAIYwblnlFyKpOWklRdFA7XoaFx7hIxF6efAf7X7SuNpdfQpzH3weGYwC5Qunp9fykRLu7XwPO4xgSnA24AQBgAain6y69qaCkmOgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lqwHOGTT7Kz15vpq_nb3E8hj1Mw%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
9df6900f7c2b75e50bd1d354e87572c6f6fb2a446c65797ac1b0917ee80e3a6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 20 Feb 2023 17:59:55 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"63f3b51b-ae71"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
44657
expires
Fri, 23 Feb 2024 04:47:37 GMT
B28320074.342941490;dc_ver=95.280;sz=300x250;u_sd=1;gdpr=0;dc_adk=635666931;ord=2145ly;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d00...
ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/ Frame 855D 		57 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/B28320074.342941490;dc_ver=95.280;sz=300x250;u_sd=1;gdpr=0;dc_adk=635666931;ord=2145ly;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3Dbb80f753eff34505baa5ea465ede6c74%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a969df9017979eb7899f132c763008f%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1677559655926%26rts%3D1677559655830%26ari%3Dc4a8f12211b044588dacf865131a0c2c%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3D0c411e1e-c2b7-4c10-891b-a77d1f35a526%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2FjSEIPec4pCYKXE1qQTO4dxecvVPBmbOpjiHQBX9lHcMIu7kXo5SsW6GVfR95Hy9Cu4CFNhZlttP1494sxHcvcTO8NpsaS5HlCT0gRxunaGEflHAhi7dgUSai01MpeFjcPs8gqtzpX-BJbn2eC85EKEs7l9Lg-yIvCS1HdWEmco9-7K5YQWWSfhRWWDwVJqYWiTGAUwUV4Z7ZfXCPuGAuuo1J2JPx9Ph0h9A3hbKbSGonbdHIum3e3V4UUmvwGmMnfb-7c-IJs_vrrfb4ON1U1TQYq0DdcXaJ_sTG_vTl45u9zayTdFEo5Q%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpastelink.net%2Fo3zyl3g7$0;xdt=0;crlt=*yNZxi*WdE;gcsr=m;stc=1;chaa=1;sttr=23;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v95.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
cafe /
Resource Hash
62ed498484c11cac1be5bb392260e457282e31ecbdc4c766fef8780e14f415ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27821
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.as.criteo.net/ Frame 5AB9 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=XbdZD0Fj8ZQWIixjQwtOxHpit67jPCAL7oVEIgM_njy1mT834VTfWu-MyajxVOUAaANgGHkClz6uamng7oWu1NeSVL24tf0Xm3eH8ewSusGDT9IKO-sehvfTZceU9FKlh3gwm_7R1IS0tygLxxxZz1PFwAwMI96DfR7TzUUQ17VyBU_tYi0otkGB4ikKc7K6tc50J91mfMkjgNN7a4Jv4BYH_FbBNTtDNzi59tjUj9UXo5Nzy-EsU-N_3JWIDR8QWEUXBw&sds=2&rev=84953&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_2HaAALaY4KaM8EAA5HaBA-3LGLBVhqYTcpzA&u=%7CUKt1300XUf6k%2BL44jS1uCLkHP45dmV7azRkKIUS7leQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2FeT-DQ8f6hYCLXxbRAsQQkXFNAtexRdGEEhufCpMWqN_hB3HDpSvT1uav1RsdIXOxSPHdaaBJcAyiDZmeS5lAceDpfSdDUVJQnlpRpBbJI0-2dfO5pXWTJkStzfzFXEMpiFj3FoLgHvj11NCqmN-gOZm7oWCAbk0uATz0AYdPxXri3W5AVvylyVfXyUhEkO9czK4j24-CkJNOa7HrVNTA652noXVjx_b9EShAbXOTdMZp6qRme-dfULQYsxqdlDe4Jd_rElr0luJICzJ5-KpT9Xq1MUvyPV7abBUUA7EzILINpj0sUmynKB4JxWh6j0ScNjYZjyBQ7YPD7o1Xo4cc3_GLhw27V5U9HZr0oMxmXy20dfl8mIkl4bzACPcub3Qi3v_Y_oy7n9DQh23KWaq7WfYyu2gehLg-AJ1rPhpNS9vR4Dn0dM0EkCKNlpTtb9-aj8OvxW_sH3qcLxJCVmwJC5SQvN-CZ_c7nzIaSh-oZNX0s3Qtz9xGBxo4KqrAzuuPIeZmf5UTjQXPPNS3rm6v4dRFm-qfDeaNHMZjsoG-4wxgMbBkKLEw5RMdtSnJDFqyMkICZXriaLU3_pBkYjFiN&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-dr7aIf9Y47TLYSeowPojrn4D73U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJ4AIAqAMBqgT1AU_QzB45TDr4wVysj5EsjiYLRo7GYZXwhUWCiYP6XUVcNkDzEIHBYPjlV8O1ohS1QEbVf0iQsZRdr28KnZWpxpORl1pOXK7ZPax5gv6hsf-1fxAtKo2MzP-CYmq0mXM02TSxmC0AGonr5TfbS8yEN1-59NjQRofLRRiMlFuMraKCEyRkKeRkuGKSjrYZaAwEv9mInIcW69K66oU0k3FO7MXEMOc00wlgGb7a9TXIo5MMoRW3l2zYcIgHAIYwblnlFyKpOWklRdFA7XoaFx7hIxF6efAf7X7SuNpdfQpzH3weGYwC5Qunp9fykRLu7XwPO4xgSnA24AQBgAain6y69qaCkmOgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lqwHOGTT7Kz15vpq_nb3E8hj1Mw%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
privacy.svg
static.criteo.net/flash/icon/ Frame 5AB9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_2HaAALaY4KaM8EAA5HaBA-3LGLBVhqYTcpzA&u=%7CUKt1300XUf6k%2BL44jS1uCLkHP45dmV7azRkKIUS7leQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2FeT-DQ8f6hYCLXxbRAsQQkXFNAtexRdGEEhufCpMWqN_hB3HDpSvT1uav1RsdIXOxSPHdaaBJcAyiDZmeS5lAceDpfSdDUVJQnlpRpBbJI0-2dfO5pXWTJkStzfzFXEMpiFj3FoLgHvj11NCqmN-gOZm7oWCAbk0uATz0AYdPxXri3W5AVvylyVfXyUhEkO9czK4j24-CkJNOa7HrVNTA652noXVjx_b9EShAbXOTdMZp6qRme-dfULQYsxqdlDe4Jd_rElr0luJICzJ5-KpT9Xq1MUvyPV7abBUUA7EzILINpj0sUmynKB4JxWh6j0ScNjYZjyBQ7YPD7o1Xo4cc3_GLhw27V5U9HZr0oMxmXy20dfl8mIkl4bzACPcub3Qi3v_Y_oy7n9DQh23KWaq7WfYyu2gehLg-AJ1rPhpNS9vR4Dn0dM0EkCKNlpTtb9-aj8OvxW_sH3qcLxJCVmwJC5SQvN-CZ_c7nzIaSh-oZNX0s3Qtz9xGBxo4KqrAzuuPIeZmf5UTjQXPPNS3rm6v4dRFm-qfDeaNHMZjsoG-4wxgMbBkKLEw5RMdtSnJDFqyMkICZXriaLU3_pBkYjFiN&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-dr7aIf9Y47TLYSeowPojrn4D73U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJ4AIAqAMBqgT1AU_QzB45TDr4wVysj5EsjiYLRo7GYZXwhUWCiYP6XUVcNkDzEIHBYPjlV8O1ohS1QEbVf0iQsZRdr28KnZWpxpORl1pOXK7ZPax5gv6hsf-1fxAtKo2MzP-CYmq0mXM02TSxmC0AGonr5TfbS8yEN1-59NjQRofLRRiMlFuMraKCEyRkKeRkuGKSjrYZaAwEv9mInIcW69K66oU0k3FO7MXEMOc00wlgGb7a9TXIo5MMoRW3l2zYcIgHAIYwblnlFyKpOWklRdFA7XoaFx7hIxF6efAf7X7SuNpdfQpzH3weGYwC5Qunp9fykRLu7XwPO4xgSnA24AQBgAain6y69qaCkmOgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lqwHOGTT7Kz15vpq_nb3E8hj1Mw%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Feb 2024 04:47:37 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2D0B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuPN1mADnD9UfkjU1iiSxFrnSv79MdjQBuL-3Rpoc42DCVCkdqz0sUHl08uTQw0DQDfytLOGY3Yc1rf-tP9e4ssb_PU56LSQ6N7csz1toHhuAvqSUI4v0sWqpNaOSrOtUEH66H_Pgcn2ttp_OJbs8w695eo4pp14tfD0mGi07W2BTLBy8Gmpg7YoaTahacNjQkQDvaab6FSBCNYSZIYXJN5Je7iCoiHXXfhe7tRttEwQCGTb9KNupzc5-y-S3S5hI1k7ap1R-cpVmvuz0cSCDFTi7I1D-ve5TedDtgHPkfVmCksEG3Jppu0Ds5e-TEIGCfSR-OPk6naHuv2-kICUBmG&sai=AMfl-YRJu-xObmpHFvddx1xqVEky332UhHzhVPdTjKPKdMRggA0JuEWQgVWD1VVQNyG7s_VRy_WwWDIRbJA_Ks4bYIJcggipSmEPyeawG_xsyaNMwwIB6bgRf2qNrozeFZ67gSm6mP2cUWlLsFMhT2s&sig=Cg0ArKJSzHtJbzrtSPTBEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
latest.js
cdn.adligature.com/prebid/creative/ Frame 2D0B 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adligature.com/prebid/creative/latest.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5d0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
613efd0497ff39f53123ca22f71747b75f22d7ab9b6996aa1deaab799cefd334

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
594
cf-polished
origSize=26676
x-guploader-uploadid
ADPycdveXD04ldWXBARQIoroDnhbqsIHoaQBTekcZeS-s49tze52XCx8J3f_AXlOKOfn8x5yJfc4y9RtcYHabn0ZjNl84s2A18cN
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 01 Nov 2022 18:38:24 GMT
server
cloudflare
etag
W/"2ae59c013b7f4ee879f45354f6b5ecd7"
vary
Accept-Encoding
x-goog-generation
1667327904512712
content-language
en
content-type
application/javascript
x-goog-hash
crc32c=aFygIg==, md5=KuWcATt/Tuh59FNU9rXs1w==
cache-control
public, max-age=1800, s-maxage=600, must-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FRU3aKAY7vsVp%2B%2FYG78EwaC0ckn1xBvLrhqCyP%2Fa7Rl5BlKSojDVqELtWyzfpbKIGIV4Spe8H0dSYVrdqJwTwE9y2BoNss4N%2FrMX6LG1ejUwxQ%2F0z1Va0TzShujd4xH8A50oN%2BjC0Pi4BcS4Ppj5g64%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
26676
cf-ray
7a0685f218da5640-SIN
expires
Tue, 28 Feb 2023 04:46:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2D0B 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
184f7e9267bf77e6df354fcbd8c87029012a59f9aa277fde93f376349ee0f0a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49360
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677501794595172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 28 Feb 2023 04:47:37 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230223/r20110914/elements/html/ Frame 855D 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230223/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/B28320074.342941490;dc_ver=95.280;sz=300x250;u_sd=1;gdpr=0;dc_adk=635666931;ord=2145ly;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3Dbb80f753eff34505baa5ea465ede6c74%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a969df9017979eb7899f132c763008f%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1677559655926%26rts%3D1677559655830%26ari%3Dc4a8f12211b044588dacf865131a0c2c%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3D0c411e1e-c2b7-4c10-891b-a77d1f35a526%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2FjSEIPec4pCYKXE1qQTO4dxecvVPBmbOpjiHQBX9lHcMIu7kXo5SsW6GVfR95Hy9Cu4CFNhZlttP1494sxHcvcTO8NpsaS5HlCT0gRxunaGEflHAhi7dgUSai01MpeFjcPs8gqtzpX-BJbn2eC85EKEs7l9Lg-yIvCS1HdWEmco9-7K5YQWWSfhRWWDwVJqYWiTGAUwUV4Z7ZfXCPuGAuuo1J2JPx9Ph0h9A3hbKbSGonbdHIum3e3V4UUmvwGmMnfb-7c-IJs_vrrfb4ON1U1TQYq0DdcXaJ_sTG_vTl45u9zayTdFEo5Q%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpastelink.net%2Fo3zyl3g7$0;xdt=0;crlt=*yNZxi*WdE;gcsr=m;stc=1;chaa=1;sttr=23;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 19:08:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
34738
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3023
x-xss-protection
0
server
cafe
etag
4221495933888618527
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Mar 2023 19:08:39 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 855D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssHcjTX4qKgNBr4qpM0aK3DuCIEe1lSQzZTleBo8h8gvSdECqyCshRduaCtnlzmL-1PrPzjJozkXUJ-mJOk_EGaxo5rPSGvHxNQ5Y7Tw7ilrIy5TFTOR4ruS750eJ6jpmvRF6Q_HP4KvWndaqt_kFZQf7VNtA&sai=AMfl-YTyvU_8WhVRTBxebDlP0bViHWJXCb7IPsixDfaLmy81nreh1F8n1LuACfidpsHbqCtrdqSIu7V6SWGr7riefrHgvNK1ny0UQ2s0og&sig=Cg0ArKJSzE5EeBzku8fYEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230223.64922&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/B28320074.342941490;dc_ver=95.280;sz=300x250;u_sd=1;gdpr=0;dc_adk=635666931;ord=2145ly;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3Dbb80f753eff34505baa5ea465ede6c74%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a969df9017979eb7899f132c763008f%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1677559655926%26rts%3D1677559655830%26ari%3Dc4a8f12211b044588dacf865131a0c2c%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3D0c411e1e-c2b7-4c10-891b-a77d1f35a526%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2FjSEIPec4pCYKXE1qQTO4dxecvVPBmbOpjiHQBX9lHcMIu7kXo5SsW6GVfR95Hy9Cu4CFNhZlttP1494sxHcvcTO8NpsaS5HlCT0gRxunaGEflHAhi7dgUSai01MpeFjcPs8gqtzpX-BJbn2eC85EKEs7l9Lg-yIvCS1HdWEmco9-7K5YQWWSfhRWWDwVJqYWiTGAUwUV4Z7ZfXCPuGAuuo1J2JPx9Ph0h9A3hbKbSGonbdHIum3e3V4UUmvwGmMnfb-7c-IJs_vrrfb4ON1U1TQYq0DdcXaJ_sTG_vTl45u9zayTdFEo5Q%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpastelink.net%2Fo3zyl3g7$0;xdt=0;crlt=*yNZxi*WdE;gcsr=m;stc=1;chaa=1;sttr=23;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 28 Feb 2023 04:47:37 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 855D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/B28320074.342941490;dc_ver=95.280;sz=300x250;u_sd=1;gdpr=0;dc_adk=635666931;ord=2145ly;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3Dbb80f753eff34505baa5ea465ede6c74%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a969df9017979eb7899f132c763008f%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1677559655926%26rts%3D1677559655830%26ari%3Dc4a8f12211b044588dacf865131a0c2c%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3D0c411e1e-c2b7-4c10-891b-a77d1f35a526%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2FjSEIPec4pCYKXE1qQTO4dxecvVPBmbOpjiHQBX9lHcMIu7kXo5SsW6GVfR95Hy9Cu4CFNhZlttP1494sxHcvcTO8NpsaS5HlCT0gRxunaGEflHAhi7dgUSai01MpeFjcPs8gqtzpX-BJbn2eC85EKEs7l9Lg-yIvCS1HdWEmco9-7K5YQWWSfhRWWDwVJqYWiTGAUwUV4Z7ZfXCPuGAuuo1J2JPx9Ph0h9A3hbKbSGonbdHIum3e3V4UUmvwGmMnfb-7c-IJs_vrrfb4ON1U1TQYq0DdcXaJ_sTG_vTl45u9zayTdFEo5Q%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpastelink.net%2Fo3zyl3g7$0;xdt=0;crlt=*yNZxi*WdE;gcsr=m;stc=1;chaa=1;sttr=23;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 22:32:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
454537
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Feb 2024 22:32:00 GMT
12796104088671087766
s0.2mdn.net/simgad/ Frame 855D 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/12796104088671087766
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::95 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2dfca51adb5f527dc72370ab5a6d140ca2b62e6eb5a865909a351a551fe297a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 16:53:32 GMT
x-content-type-options
nosniff
age
129245
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76624
x-xss-protection
0
last-modified
Thu, 04 Aug 2022 07:09:34 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 26 Feb 2024 16:53:32 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 855D
Redirect Chain
  • https://ssp-sync.criteo.com/user-sync/redirect?profile=73
  • https://dis.criteo.com/dis/usersync.aspx?r=12&p=73&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fprofile%3d73%26uid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue&gdpr=&gdpr_cons...
43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=12&p=73&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fprofile%3d73%26uid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue&gdpr=&gdpr_consent=
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:37 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
125636
expires
Tue, 28 Feb 2023 00:00:00 GMT

Redirect headers

location
https://dis.criteo.com/dis/usersync.aspx?r=12&p=73&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fprofile%3d73%26uid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue&gdpr=&gdpr_consent=
date
Tue, 28 Feb 2023 04:47:36 GMT
cache-control
no-store,max-age=0
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Kestrel
content-length
0
cm-notify
creativecdn.com/ Frame 855D
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=aol&_origin=0&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=aol&_origin=0&gdpr=0&gdpr_consent=&tc=1
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creativecdn.com/cm-notify?pi=aol&_origin=0&gdpr=0&gdpr_consent=&tc=1
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 28 Feb 2023 04:47:38 GMT, Tue, 28 Feb 2023 04:47:38 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://creativecdn.com/cm-notify?pi=aol&_origin=0&gdpr=0&gdpr_consent=&tc=1
date
Tue, 28 Feb 2023 04:47:37 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
7998148270748583470
pr-bh.ybp.yahoo.com/sync/msft/csrc/3/ Frame 855D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55936%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26redir2%3Dtrue
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fups.analytics.yahoo.com%252Fups%252F55936%252Fsync%253Fuid%253D%2524UID%2526_origin%253D0%2526redir2%253Dtrue
  • https://ups.analytics.yahoo.com/ups/55936/sync?uid=7998148270748583470&_origin=0&redir2=true
  • https://pr-bh.ybp.yahoo.com/sync/msft/csrc/3/7998148270748583470
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/msft/csrc/3/7998148270748583470
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Server
2406:da18:929:5a01:aca1:9a76:84d1:4d91 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/msft/csrc/3/7998148270748583470
date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/55965/ Frame 855D
Redirect Chain
  • https://cms.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=0&uid=BEAmhwpEdtofSyWGAktthgJHedEfFnbWBxIdQPve
0
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=0&uid=BEAmhwpEdtofSyWGAktthgJHedEfFnbWBxIdQPve
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Server
52.74.162.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=0&uid=BEAmhwpEdtofSyWGAktthgJHedEfFnbWBxIdQPve
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55859/ Frame 855D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=rmx&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=rmx&gdpr=0&gdpr_consent=
  • https://tg.socdm.com/aux/idsync?proto=bidswitch&bidswitch_ssp_id=rmx
  • https://x.bidswitch.net/sync?dsp_id=168&user_id=Y-2HasCo8YMAADfxVEYAAAAA&expires=30&ssp=rmx
  • https://ups.analytics.yahoo.com/ups/55859/sync?uid=e119dc05-085a-4847-8297-b3a8107c30a2&_origin=0&gdpr=&gdpr_consent=
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55859/sync?uid=e119dc05-085a-4847-8297-b3a8107c30a2&_origin=0&gdpr=&gdpr_consent=
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Server
52.74.162.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Location
//ups.analytics.yahoo.com/ups/55859/sync?uid=e119dc05-085a-4847-8297-b3a8107c30a2&_origin=0&gdpr=&gdpr_consent=
Date
Tue, 28 Feb 2023 04:47:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
ups.analytics.yahoo.com/ups/55938/ Frame 855D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=21&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55938%2Fsync%3Fuid%3D%5BMM_UUID%5D%26_origin%3D0%26gdpr%3D0%26gdpr_consent%3D
  • https://ups.analytics.yahoo.com/ups/55938/sync?uid=aad563fd-8769-4d00-956a-16a72f02942f&_origin=0&gdpr=0&gdpr_consent=
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55938/sync?uid=aad563fd-8769-4d00-956a-16a72f02942f&_origin=0&gdpr=0&gdpr_consent=
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Server
52.74.162.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date
Tue, 28 Feb 2023 04:47:37 GMT
Server
MT3 530 4e92630 master hkg-pixel-x25 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://ups.analytics.yahoo.com/ups/55938/sync?uid=aad563fd-8769-4d00-956a-16a72f02942f&_origin=0&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 28 Feb 2023 04:47:36 GMT
usync
onevideosync.uplynk.com/ Frame 855D 		0
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onevideosync.uplynk.com/usync?key=onevideo&comboId=y-PWCQ2GVE2uEOtAwtYR3hD7C5UuRXDW3n~A&gdpr=0&gdpr_consent=
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.14.40 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-14-40.ap-southeast-1.compute.amazonaws.com
Software
ribs2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
server
ribs2.0
content-length
0
content-type
text/plain
pixel
cm.g.doubleclick.net/ Frame 855D 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1LWXRZUVVWRTJ1RUcucS5tV0RqekF6Sy5qNkJYek9BNH5B&gdpr=0&gdpr_consent=
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
y-b3ibW7JE2uJ1hQE5GzXGbUpuvKQsAF4-~A
pr-bh.ybp.yahoo.com/sync/adtech/ Frame 855D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true
  • https://pr-bh.ybp.yahoo.com/sync/adtech/y-b3ibW7JE2uJ1hQE5GzXGbUpuvKQsAF4-~A
43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/adtech/y-b3ibW7JE2uJ1hQE5GzXGbUpuvKQsAF4-~A
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Server
2406:da18:929:5a01:aca1:9a76:84d1:4d91 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/adtech/y-b3ibW7JE2uJ1hQE5GzXGbUpuvKQsAF4-~A
date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
31738B20D4EE64140CFC99E6D5EF6524
pr-bh.ybp.yahoo.com/sync/msn/ Frame 855D
Redirect Chain
  • https://c.bing.com/c.gif?Red3=OATHMS_pd
  • https://pr-bh.ybp.yahoo.com/sync/msn/31738B20D4EE64140CFC99E6D5EF6524
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/msn/31738B20D4EE64140CFC99E6D5EF6524
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Server
2406:da18:929:5a01:aca1:9a76:84d1:4d91 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:37 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 68B646FD02564B3CAB57825134B6F8DF Ref B: SIN30EDGE0505 Ref C: 2023-02-28T04:47:37Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://pr-bh.ybp.yahoo.com/sync/msn/31738B20D4EE64140CFC99E6D5EF6524
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
sync
ups.analytics.yahoo.com/ups/55953/ Frame 855D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=aoladtech&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=8617581c-fe7a-45a1-88ea-d9c42be8be2e&_origin=0&gdpr=0&gdpr_consent=
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=8617581c-fe7a-45a1-88ea-d9c42be8be2e&_origin=0&gdpr=0&gdpr_consent=
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Server
52.74.162.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:37 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=8617581c-fe7a-45a1-88ea-d9c42be8be2e&_origin=0&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
267
1C19B134-CD28-4161-A2B4-3CBE3D8A7DF1&gdpr=0
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 855D
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156078&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D156078%26xid%3Dy-8YgTUKpE2uW_NFf98jKNyGDhkZXfnzM-~A%2...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156078&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D156078%26xid%3Dy-8YgTUKpE2uW_NFf98jKNyGDhkZXfnzM-~A%2...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUMxOUIxMzQtQ0QyOC00MTYxLUEyQjQtM0NCRTNEOEE3REYx&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&gdpr_consent=&partnerID=156078&pmc=1&pr=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58292%2Fsync%3F_origin%3D0%26gdpr%3D0%26gdpr_consent%3D%26uid%...
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=0&gdpr=0&gdpr_consent=&uid=1C19B134-CD28-4161-A2B4-3CBE3D8A7DF1&redir2=true
  • https://pr-bh.ybp.yahoo.com/sync/pubmatic/1C19B134-CD28-4161-A2B4-3CBE3D8A7DF1&gdpr=0
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/1C19B134-CD28-4161-A2B4-3CBE3D8A7DF1&gdpr=0
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Server
2406:da18:929:5a01:aca1:9a76:84d1:4d91 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/pubmatic/1C19B134-CD28-4161-A2B4-3CBE3D8A7DF1&gdpr=0
date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 855D 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
184f7e9267bf77e6df354fcbd8c87029012a59f9aa277fde93f376349ee0f0a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49360
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677501794595172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 28 Feb 2023 04:47:37 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023022301&jk=2941814017867890&bg=!gIOlg9fNAAZYlHKzeJQ7ADkAdvg8WtFAuVLVIGmHPrc-YjntQQymnWJAJ2IoZQExvW7ZJ71GXpDD3RX73xeIb8HL63tfPJBHgSICAAAASlIAAAACaAEHCgAbK1PcDdSI6btkhzRGWejaANNiSWs4H6grTfVBmQKhh4KslVCvnDugbu5NJEb2CAvf86_FLA5OTS7yGFUAxI1dfuFF3XVLKX7WIU8h_7XxQbTBUDNO5f6VTPk5iE629oL2ErKKbki5kB6y6gJ2RNhH6pSSPUb1fvHhq3MEEO4T7Fs5hXoKn83PY8XBoxuiTCFqxTCSsCDmfoFcIFb6ABk5kXA5GWsZskYjR4Kzfrq3HqdbmcQ_5kwES73XS_KJMt06Yka-S54m0nXCpJm9zLTDGv2d5cCaMu5-kyyatl4H-7U0N3BTqo04jtgknxwlAxH82DEenUMEgT4VEi_iLSciRTeywO7KU-VTEoHcibDpc2i7d2Z6VBlFcxIGzoM32rD5hA_Y9qv9BVg2jtnAFgF6OlsuXHgC2epvpq57A_cgp64kAdau26ZaTROntrA14Ye-G9Zs5TeAOk44TJbx9jAYP1w_AsNDoCdb5t8t9XBTZvpvviG7VPMFBH4nGew5H_uw1k65xoULih4G4FKjojFiIhtFvSp_b3jHH6FAcXrvcORZ3wULGjvoAdoc4IBaqf7w3sM51u3OXBpAGWHYmZ2k28QoCb--dsZkh3bGyOpQyxAvgwpsMo8UKKJoP7PFtXjkvrcxocMqN5wFSbJic3e7gpnqQHEGgvpfKqGZYT2w-o578jDpqEqX7hj6DlmBBVA7BJ7tqsfbuaYEYg45KSxZVqRWjdMcu4QwxBegsGw-KoFNpicol1TGW4XGDAvVammEzeYcbjxdw48IPmnE2zMUoQTH5eHzU7nOfxzYif35p0nUnI0hUq-lt1Pzyx6H4g7PPtQzPY7C5CClR-BLih-6xRSlstyl7ud5CgedwqIDGYcwr2H4lI8YJ1gMExt7CSRjPBKAkcALYiC2ayFQaUKOlOK_UiGcde6MKMSymNjh5g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 6D35 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstVZLuP8PLUGkIMauazFoBLgs_a8A3Xx3iY9Vo_O-n2D-CGMc9zh6pwv99FxmVJEAiNXJvhDpRrjqBHYB8W0GXky8IaLBZSnsbEE0YSboa4hhUgsCb9Jc4VxQ4arI2i7tLgzP_aoe0wen8rFvn36hhDGM2Kxmu7_w1RTEdv-YEiuWLtLRtvjn211XNHDGY5bm0X8EdhADkcYfiK-SE1JPzzM3--1WiGLWUpab31E0aXKwBQoXbg4Ga_j_2SpgEhqAMNeTSb82qWr6BvMhQKK4zv-QtebDwVsRM6sVgV-4t5aHxGaymosyEimixWF0g9nBn698t7DU0twbvXHqo7eSPn&sai=AMfl-YQS8dRS_1pnFBp2DG8YxqgpPD81B1YsGp_JxKiAwwDXQaIkjdTdBzkKSijvUHwYLzyNVVTSUAG_878S_wDHoxBE_e-0WvU35ZQd6i31jZ0cLBEPoyp9nUyQOKB7soRuvKn0-1t0v8X0lfsuaoI&sig=Cg0ArKJSzDb-RuH6j1OLEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
latest.js
cdn.adligature.com/prebid/creative/ Frame 6D35 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adligature.com/prebid/creative/latest.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5d0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
613efd0497ff39f53123ca22f71747b75f22d7ab9b6996aa1deaab799cefd334

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
594
cf-polished
origSize=26676
x-guploader-uploadid
ADPycdveXD04ldWXBARQIoroDnhbqsIHoaQBTekcZeS-s49tze52XCx8J3f_AXlOKOfn8x5yJfc4y9RtcYHabn0ZjNl84s2A18cN
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 01 Nov 2022 18:38:24 GMT
server
cloudflare
etag
W/"2ae59c013b7f4ee879f45354f6b5ecd7"
vary
Accept-Encoding
x-goog-generation
1667327904512712
content-language
en
content-type
application/javascript
x-goog-hash
crc32c=aFygIg==, md5=KuWcATt/Tuh59FNU9rXs1w==
cache-control
public, max-age=1800, s-maxage=600, must-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yl2nfb2%2BXsuuJvmAkXpt7CwUszD%2FEJnzxp4ZA34W9EG86%2B%2FMRkEyWNblPzowQ1bTYJwLHhT8rpWZsj45pAsnG%2B%2FHATZKwsKxZlUH3mPGqQnlXiUD1tK5UOUMZapVk7zZyrHkl4vEQ5Rl08JFfRSzc%2FU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
26676
cf-ray
7a0685f339f35640-SIN
expires
Tue, 28 Feb 2023 04:46:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6D35 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
184f7e9267bf77e6df354fcbd8c87029012a59f9aa277fde93f376349ee0f0a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49360
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677501794595172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 28 Feb 2023 04:47:37 GMT
https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3D96227314da594cfdb4b43761e06a2988%26tid%3D8a96954f01747430358b3ccd...
pn.ybp.yahoo.com/ab/secure/true/imp/KnhB-H7QCuiy_oJwmzAufj8VHw9atOjVFyRwPiFpaIEj12byblRY4whUngoI0RvFl5j3i7Y4Xkq3TuCSqpnFfw-GvOaOSKMgSgG4jfTrjJMpG9m_oCacTQQ3cbmDPIIl1atI7qd0Hd629fymTtU_e5QJL83_ytT1T... Frame 2D0B 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pn.ybp.yahoo.com/ab/secure/true/imp/KnhB-H7QCuiy_oJwmzAufj8VHw9atOjVFyRwPiFpaIEj12byblRY4whUngoI0RvFl5j3i7Y4Xkq3TuCSqpnFfw-GvOaOSKMgSgG4jfTrjJMpG9m_oCacTQQ3cbmDPIIl1atI7qd0Hd629fymTtU_e5QJL83_ytT1Tqm_2yr52Hs0acWn2aAqUWeDJcY_gJJMUyY-SfyQVnHBwH-U48KOGfwPMp777HaAJF4xQWjIO5ZyYjBAr1a5_Si3hLzrUn-irfED9IBYEzEEYNe6sGhI2hQqrwKXTcOo0yMG409Os8t-ge-fJGxkC3rvpZcjahlI6uFA1InDrNC6OzF0xnxTeGa9xzdQptuChfBTz9zd_oGqparw5xZoO6DDh1wQExV2k6-xy3nQn4QOAEi2s-t1lIXzeFaf__B7HEowS2r7D_F4H9hAZC79X9ew3u-Jw4VSQ3JK2e_zRbqm7GruEHwtORDpJt59nL5akgW7EysxLruZ912zyoGCejtsYIhI2w0RAgRHaZlE7VA6fZiIabkDuZYfT4WGz43HMgKRBh8_IN7FZX5qgT5VhHVV8phfOIPnYRpiJcdS1SHoNq7-NvP3GhFdMwnwrgJMs7DQ1akvJEWvgj0v1qN5RuilpbFB--HIqirS5PxEbJof2F_Tyoo5BXgtH7cm1pqAMPFSVxcWwouPvQnyJ6qbB_V5OuQ11VxGxC0WS9zpVbOVs6ab7It_qihYUXvqSsJhfXa7WmagNimnJ9nbr7C_kg5yPJ1YCK5uLob5TLEwvBoRqRklIO7l71UboK2Tj2ghYHtL_v-pV84wVVt4xATt1rJupNYHuhdndE7AlpxAYeTKK23ebcLOuB9jwJ5erTpt9yTUBtN-M-8985PwRUA0lfBI1gEISbSJuNVGUSKKyuGgxvOmjF5Vk6m7f5X86d3bPK8QPw0L_NADRZ2G7wLfP7g60m0JIrwJh5oiYhskPSk1V8L5i4-EdP1AbmWtnXfTLhWk9OgVgSS0xMftiYlDuZNHzT3byt46Fxz5-I3Q4ZHs5tAieXyBHCLuYaDgNqXnDj19-1xCCxCDRdvi5_iHCRWCGzRAgTrKebcBmE2FW9MvUWoZu1V9yVV3OZ6udNbCFhrHGVofT_FWQGFEdOdwnsPkempZgL_sntsbH_mKPEcW2S28fJ5FTCgEJC5SkLopJx19Hb6fRF8Q8YuFpo9Dx5V6ZGAnYs1WrF6nbldmUfybjzXo8U8o_fVFW0ccHqI2tEjhu6wt5jwWsl99aI1gCXi70AaN2ZaCQVB5zeC20XjvepmuX1RqLfx1Ws6xAS2QeVu1fpmWkDKqB24tM5Td0iBCurC0fF5bLoxEYKx2bN9vwF7kzMve_0936xdck1y5HdrNEci0fWRFTV9-YhJuI8_RasTKZtDsNU0v4fVyhdaW3mrQAbdC8nIKmBqMEwuKzw9zKxuVR-p8sapoippxh5AAEM3YycqSowoMfC9VWjPDqDZA-Y45HUZEL0ZhGGJXOUK7FMqZ2IadK87ynVCnTnNqBeFq2YbEuZurIfhzRhg/wp/0.030913/tr/0.012365/pa/null/pclick/https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3D96227314da594cfdb4b43761e06a2988%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a969df9017979eb7899f132c763008f%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1677559655935%26rts%3D1677559655830%26ari%3D75314503184548edbd7ed305d6a447cc%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3D58180ade-aa41-474d-a801-8ee8d1d71032%26rdm%3D1%26rd%3D
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:2000:e4:1409::2000 , Taiwan, ASN56173 (YAHOO-SG3 internet content provider, SG),
Reverse DNS
Software
ATS /
Resource Hash
015d12e8946606e0b57392ccf8284acc01e4122b75c085547dc9bcbf434b4759
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/javascript
expiry
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
content-length
2521
adEvent.do
prod-m-node-2113.ssp.yahoo.com/admax/ Frame 2D0B 		43 B
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-m-node-2113.ssp.yahoo.com/admax/adEvent.do?tidi=770938897&dcn=8a9694b7017979eb7fb8f131172d008c&posi=1533756&grp=%3F%3F%3F&nl=1677559655938&rts=1677559655830&pix=1&et=1&a=58180ade-aa41-474d-a801-8ee8d1d71032&m=aXAtMTAtMjItMTUwLTExNw..&p=MC4wMDAwMzA5MTM&b=MTMyNDA7T0FUSDEwNDE1MzAwMDtoaXRhY2hpLmNvbS5zZzs7Ozs3NTMxNDUwMzE4NDU0OGVkYmQ3ZWQzMDVkNmE0NDdjYzs0Mjk2MDE4OTsxNjc3NTU1MzE2OzswLjAwMDAxODU0ODswLjQwMDA7MDs7NTI3MjY2NDtiZWQwZDFlYTg0MWIxYmZiZDY4ZTlkOWFlMTRjNWM4NDM2ZTMwMGFiOzE7MTs.&uid=y-auIQnAFE2rOIbPGOxpKi9FydPIdFd0YekUmY58tILnqE%7EA&xdi=Pz8_fEdvb2dsZXxOVCAxMC4wfDE3fERlc2t0b3A.&xoi=MHxTR1A.&hb=true&type=6&bkts=MjIjMTc4&af=2&dety=2
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.220.128.212 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-128-212.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
last-modified
Fri, 24 Feb 2023 18:23:56 GMT
server
nginx
accept-ranges
bytes
content-length
43
content-type
image/gif
pixels
service.idsync.analytics.yahoo.com/sp/v0/ Frame 2D0B 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=58301,57926,55936,55965,55938&referrer=pastelink.net&limit=12&us_privacy=&js=1&_origin=1&gdpr=0&euconsent=
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.162.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
30ea6cb5b8956f6e5f10148cf6de41df851b61f58040d0255b509180f2fd08fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
server
ATS/9.1.10.25
age
0
content-type
application/javascript
adfeedback-1.0.108.js
s.yimg.com/cb/af/ Frame 2D0B 		129 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/cb/af/adfeedback-1.0.108.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2000:98:800::e6 , Taiwan, ASN38032 (YAHOO-HK2-AP internet content provider, HK),
Reverse DNS
Software
ATS /
Resource Hash
68dd66af3c6e581b9b314bcefa73d9516dcf532e16b6bd55630cafd4eec67ff1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 02:51:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
ED43AKGA295SM15S
age
6989
x-amz-server-side-encryption
AES256
x-amz-id-2
XDEyfgEM5XlWdIBp14aPKcCRqepN7k7ZCJ8XYZc36SORa5s0jF42AFeqkzr2NNx6AnMSjp9LsQc=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 10 Mar 2022 01:19:31 GMT
server
ATS
etag
"dfb006d8a1b6390f06824b94bd8fa5d8-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=14400
accept-ranges
bytes
talon-1.0.40.js
cdn.js7k.com/ix/ Frame 2D0B 		69 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.js7k.com/ix/talon-1.0.40.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2000:98:800::e6 , Taiwan, ASN38032 (YAHOO-HK2-AP internet content provider, HK),
Reverse DNS
Software
ATS /
Resource Hash
b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:31:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
JXBVDSHQFWAQ0ZB3
age
969
x-amz-server-side-encryption
AES256
content-length
16540
x-amz-id-2
poBp1dm3nat+7WzvSS7suOUUbYiP+uLZJfKclVECWv2upu+Iv/nOCxfiqyHeOifkuiHYkC7ow0I=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Apr 2022 16:08:42 GMT
server
ATS
etag
"adf514fab5c3f95007c73e6c3c901bfe-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=14400
accept-ranges
bytes
https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a969df9017979eb7899f1347b2e0090%26n%3DYahoo%2BSSP%26id%3D4785f59d1823405f9dd2634cefa3dbc1%26tid%3D8a96954f01747430358b3ccd...
pn.ybp.yahoo.com/ab/secure/true/imp/Z7byN4BnpNzCwKk9PuUJqEvf3UUeIjMa6M6HKKbAxuUVdo67r9Zsm215TdhtDRqhsogCaqU25yvsLLQwyNfAvgKGkEcRJBCaMt4KNohOgY_t5IZuIGhfWko41y2DUZ9Noor5v0NYXwVLRQozSBia_F04vmOZgGnd3... Frame 6D35 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pn.ybp.yahoo.com/ab/secure/true/imp/Z7byN4BnpNzCwKk9PuUJqEvf3UUeIjMa6M6HKKbAxuUVdo67r9Zsm215TdhtDRqhsogCaqU25yvsLLQwyNfAvgKGkEcRJBCaMt4KNohOgY_t5IZuIGhfWko41y2DUZ9Noor5v0NYXwVLRQozSBia_F04vmOZgGnd3NUWu2TExw0To0a5zy2-qkScPFUFMa7ZtRIA3qLoD9mkrVduMCrgMxSwWBpZYAUsI4SwJX8mn9yEw30X7R4wo02D2lNwBE3LRbAbw8ioMQdT2x1g9jwvE2ACWf_xvHERLx5lOXEHtyEi9ddaj8oF2e2QhcgQWTTa_IdHFhFIa98SbQKG_48tHadne0tvC8af94e_5VGsmFklZ_kzlbA3Es99V53fro6YEkYlGDKifhaR_m_sGP41I0W-styVQAfsz-0koe8JTswhNXHY0D6-YaDXUxKepCBxxlUrUqqglH43rMGl0JSXudig59MU0sYXG48sKVl6xWKixQmTx0VF70PBNXYttJ9CTT-wqcrHkGSKQe88Kln9mxzKomk0LT_F-85jH0B1kyPxaq1rtv-88RYAKyOZIX2utvGhXE9TxbuD1RRyvq1UMxgzj1Px3bFJX_GDomWQilW1N4Pycizj9rRU1wMay_DtuN4-TeCdM1jGBu7HQ_1vczMZS7s59FoUzbzBYbAk1sk7lN00vtLT7a9rB21CZ0AmlMhHyKqhGq0LZTVinumD-Xg31fFyY-BV8UrAAQaPncaHLf8v9Lx10fubgsdOi62taa_EwELT8_bjH-3nd-884vSmtichwJSyWZpedhum_sZlX_0ooyUfCEb041wDhfNx5NUfP_WrA3o1bK2d5HdZqPGvTFR9ZOBX7_GLCgBooQOXBHJ6orW9we8S9CHCcysW1nJWS0IJSs8jbR1uhTM_cWLJRe6nulGqEgpz2j9jBi5Us_5J_2GPsJVpydNu5grV03Upv3iY7IY_4hCPkblhm8N4lgYBetSFMW6C9ghWcwrAZxNoR5TdoA5x3vfP6MsPBuZci5pVF8P1S2CnhTzojqfy-486jSrpbRECeUt3c1Wg8LFRM_UHi-MSRF7VrahNXC4wbSzOFrhfgFuy-BkO2GWElsyoR-slNbAk2Fhp3yFQnlttILz16BdEooZHHCUXUVXK9iXz_G94NBI6uSueZpSJ4jcT6dcAcCSSTHvHOEdAQQApEk5Ecxb-QxmIK3vVGfqolbTjUR58s6b3piY7z9hvTRsTdvoIiPOBoAfUmrRFGgs2qVMhxzCesOecqYUi81UpBuvKV0BG2QTHH4GEa-AsHfA5kzjoesRJNXmTTUHZZBl0AOHbRF3W30A9mNrGXb1DqWfYJmDRAE6d-DO455Bj5DBDp-ltRgfksfvkKec5ewEuu5do9-Bo-V0qWT_6XI-iDy4msEtuTYzFdS1Y53QL5BLQ5unKIY8XJLnyMIwwe0ksvQVXIbD4Oa6xDz0fZ0DcO4dsUObKv4Gd28gXXME3sUUSLiTw3Kgri9AJrEXuw9ZahDFFnHvxVbR3Hbp_D21YgRgMIw7YEETNZnA925eyevpVnR1L/wp/0.030913/tr/0.006183/pa/null/pclick/https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a969df9017979eb7899f1347b2e0090%26n%3DYahoo%2BSSP%26id%3D4785f59d1823405f9dd2634cefa3dbc1%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a96914b017979eb7c3bf134c4010092%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1677559655930%26rts%3D1677559655832%26ari%3Db581292306f942459e4a3808a8bf16aa%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3D6f8480ae-a75b-4da5-a1a2-4e8dee4d1ddf%26rdm%3D1%26rd%3D
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:2000:e4:1409::2000 , Taiwan, ASN56173 (YAHOO-SG3 internet content provider, SG),
Reverse DNS
Software
ATS /
Resource Hash
ca1375384e2c001d15128b3a8849d4684a8b74907df34fb1f5a6cd0c6aa86d3e
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/javascript
expiry
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
content-length
2545
adEvent.do
prod-m-node-2113.ssp.yahoo.com/admax/ Frame 6D35 		43 B
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-m-node-2113.ssp.yahoo.com/admax/adEvent.do?tidi=770938897&dcn=8a969df9017979eb7899f1347b2e0090&posi=1533759&grp=%3F%3F%3F&nl=1677559655934&rts=1677559655832&pix=1&et=1&a=6f8480ae-a75b-4da5-a1a2-4e8dee4d1ddf&m=aXAtMTAtMjItMTQwLTE2MQ..&p=MC4wMDAwMzA5MTM&b=MTMyNDA7T0FUSDEwNDE1MzAwMDtoaXRhY2hpLmNvbS5zZzs7OztiNTgxMjkyMzA2Zjk0MjQ1OWU0YTM4MDhhOGJmMTZhYTs0Mjk2MDE4OTsxNjc3NTU1MzE2OzswLjAwMDAyNDczOzswOzs1NDc2ODg5OzVjNjY4YTlkZGM3N2M2ZGE1YzRlOGQxNzkzZDk3YzFlNGIzNmMwM2Y7MTsxOw..&uid=y-6PK6SO9E2rOoNdDsGcVVYq52.O_ueIMQWKgPUeHWoe7e%7EA&xdi=Pz8_fEdvb2dsZXxOVCAxMC4wfDE3fERlc2t0b3A.&xoi=MHxTR1A.&hb=true&type=6&af=2&dety=2
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.220.128.212 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-128-212.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
last-modified
Fri, 24 Feb 2023 18:23:56 GMT
server
nginx
accept-ranges
bytes
content-length
43
content-type
image/gif
pixels
service.idsync.analytics.yahoo.com/sp/v0/ Frame 6D35 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=58301,57926,55936,55965,55944,55859,55938&referrer=pastelink.net&limit=12&us_privacy=&js=1&_origin=1&gdpr=0&euconsent=
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.162.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
8126b9a567667551bb4c4fb3031b776e6b4fcda0b097b3f7b123932b5ff07010
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
server
ATS/9.1.10.25
age
0
content-type
application/javascript
talon-1.0.40.js
cdn.js7k.com/ix/ Frame 6D35 		69 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.js7k.com/ix/talon-1.0.40.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2000:98:800::e6 , Taiwan, ASN38032 (YAHOO-HK2-AP internet content provider, HK),
Reverse DNS
Software
ATS /
Resource Hash
b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:31:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
JXBVDSHQFWAQ0ZB3
age
969
x-amz-server-side-encryption
AES256
content-length
16540
x-amz-id-2
poBp1dm3nat+7WzvSS7suOUUbYiP+uLZJfKclVECWv2upu+Iv/nOCxfiqyHeOifkuiHYkC7ow0I=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Apr 2022 16:08:42 GMT
server
ATS
etag
"adf514fab5c3f95007c73e6c3c901bfe-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=14400
accept-ranges
bytes
adfeedback-1.0.108.js
s.yimg.com/cb/af/ Frame 6D35 		129 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/cb/af/adfeedback-1.0.108.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2000:98:800::e6 , Taiwan, ASN38032 (YAHOO-HK2-AP internet content provider, HK),
Reverse DNS
Software
ATS /
Resource Hash
68dd66af3c6e581b9b314bcefa73d9516dcf532e16b6bd55630cafd4eec67ff1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 02:51:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
ED43AKGA295SM15S
age
6989
x-amz-server-side-encryption
AES256
x-amz-id-2
XDEyfgEM5XlWdIBp14aPKcCRqepN7k7ZCJ8XYZc36SORa5s0jF42AFeqkzr2NNx6AnMSjp9LsQc=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 10 Mar 2022 01:19:31 GMT
server
ATS
etag
"dfb006d8a1b6390f06824b94bd8fa5d8-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=14400
accept-ranges
bytes
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 63E9 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
555341
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 21 Feb 2023 18:31:56 GMT
expires
Wed, 21 Feb 2024 18:31:56 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 855D 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e18780927c3712849df2fffc3d1c08a01252f24c449afcdba57868da817808e4

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame 855D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssHcjTX4qKgNBr4qpM0aK3DuCIEe1lSQzZTleBo8h8gvSdECqyCshRduaCtnlzmL-1PrPzjJozkXUJ-mJOk_EGaxo5rPSGvHxNQ5Y7Tw7ilrIy5TFTOR4ruS750eJ6jpmvRF6Q_HP4KvWndaqt_kFZQf7VNtA&sai=AMfl-YTyvU_8WhVRTBxebDlP0bViHWJXCb7IPsixDfaLmy81nreh1F8n1LuACfidpsHbqCtrdqSIu7V6SWGr7riefrHgvNK1ny0UQ2s0og&sig=Cg0ArKJSzE5EeBzku8fYEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=290&vt=11&dtpt=289&dett=2&cstd=0&cisv=r20230223.64922&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/B28320074.342941490;dc_ver=95.280;sz=300x250;u_sd=1;gdpr=0;dc_adk=635666931;ord=2145ly;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3Dbb80f753eff34505baa5ea465ede6c74%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a969df9017979eb7899f132c763008f%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1677559655926%26rts%3D1677559655830%26ari%3Dc4a8f12211b044588dacf865131a0c2c%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3D0c411e1e-c2b7-4c10-891b-a77d1f35a526%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2FjSEIPec4pCYKXE1qQTO4dxecvVPBmbOpjiHQBX9lHcMIu7kXo5SsW6GVfR95Hy9Cu4CFNhZlttP1494sxHcvcTO8NpsaS5HlCT0gRxunaGEflHAhi7dgUSai01MpeFjcPs8gqtzpX-BJbn2eC85EKEs7l9Lg-yIvCS1HdWEmco9-7K5YQWWSfhRWWDwVJqYWiTGAUwUV4Z7ZfXCPuGAuuo1J2JPx9Ph0h9A3hbKbSGonbdHIum3e3V4UUmvwGmMnfb-7c-IJs_vrrfb4ON1U1TQYq0DdcXaJ_sTG_vTl45u9zayTdFEo5Q%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpastelink.net%2Fo3zyl3g7$0;xdt=0;crlt=*yNZxi*WdE;gcsr=m;stc=1;chaa=1;sttr=23;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 28 Feb 2023 04:47:37 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 855D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssjXt-VLmPkP_rpvgXN1O3o-hWfC4EuETLvvGWDjUaf2hKqlCKubAzI0gvuYmjxDNmK6UriqigIV2rFjPxx2brKnNkoQrKepeEjkFcbMoh31u0DzPqpuMmo80A5BOk14IGosV8uv039drEYvp-IdRI0kg4KA074mxqw-ihFoUVS0msRdgLWzmsZCOTlTa7CeSiD_Ii4GZhqSMUn8T9rLp8N0yYDaG5LsEb3hRvaKA--YI_0y3SiYeaPz7Z2P1yI87qnBzCrjcaichf_1Bosln8t9exgbVEj7-IejNVkXcFv4yb97hOdzpcSOj9Ofo8xeGjS7lArltYMU0bIb94F_psfobvCBg&sai=AMfl-YSnr6bBG3zUp9frq3XSgag5ZH9d-Cjmdy_Cy_GnGKrjBq8iIqtBMtM6GOuket-ma5OKjhgdHk4Vr7RLkwBI_ASAINlVL-InkcatVJSACB5reJTy4yB_8FALrdSIhbXjZsGz8_AYb7OEzUaq4hiJ&sig=Cg0ArKJSzGbcyUDOkf7PEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 28 Feb 2023 04:47:37 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 6D35 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: pn.ybp.yahoo.com
URL: https://pn.ybp.yahoo.com/ab/secure/true/imp/Z7byN4BnpNzCwKk9PuUJqEvf3UUeIjMa6M6HKKbAxuUVdo67r9Zsm215TdhtDRqhsogCaqU25yvsLLQwyNfAvgKGkEcRJBCaMt4KNohOgY_t5IZuIGhfWko41y2DUZ9Noor5v0NYXwVLRQozSBia_F04vmOZgGnd3NUWu2TExw0To0a5zy2-qkScPFUFMa7ZtRIA3qLoD9mkrVduMCrgMxSwWBpZYAUsI4SwJX8mn9yEw30X7R4wo02D2lNwBE3LRbAbw8ioMQdT2x1g9jwvE2ACWf_xvHERLx5lOXEHtyEi9ddaj8oF2e2QhcgQWTTa_IdHFhFIa98SbQKG_48tHadne0tvC8af94e_5VGsmFklZ_kzlbA3Es99V53fro6YEkYlGDKifhaR_m_sGP41I0W-styVQAfsz-0koe8JTswhNXHY0D6-YaDXUxKepCBxxlUrUqqglH43rMGl0JSXudig59MU0sYXG48sKVl6xWKixQmTx0VF70PBNXYttJ9CTT-wqcrHkGSKQe88Kln9mxzKomk0LT_F-85jH0B1kyPxaq1rtv-88RYAKyOZIX2utvGhXE9TxbuD1RRyvq1UMxgzj1Px3bFJX_GDomWQilW1N4Pycizj9rRU1wMay_DtuN4-TeCdM1jGBu7HQ_1vczMZS7s59FoUzbzBYbAk1sk7lN00vtLT7a9rB21CZ0AmlMhHyKqhGq0LZTVinumD-Xg31fFyY-BV8UrAAQaPncaHLf8v9Lx10fubgsdOi62taa_EwELT8_bjH-3nd-884vSmtichwJSyWZpedhum_sZlX_0ooyUfCEb041wDhfNx5NUfP_WrA3o1bK2d5HdZqPGvTFR9ZOBX7_GLCgBooQOXBHJ6orW9we8S9CHCcysW1nJWS0IJSs8jbR1uhTM_cWLJRe6nulGqEgpz2j9jBi5Us_5J_2GPsJVpydNu5grV03Upv3iY7IY_4hCPkblhm8N4lgYBetSFMW6C9ghWcwrAZxNoR5TdoA5x3vfP6MsPBuZci5pVF8P1S2CnhTzojqfy-486jSrpbRECeUt3c1Wg8LFRM_UHi-MSRF7VrahNXC4wbSzOFrhfgFuy-BkO2GWElsyoR-slNbAk2Fhp3yFQnlttILz16BdEooZHHCUXUVXK9iXz_G94NBI6uSueZpSJ4jcT6dcAcCSSTHvHOEdAQQApEk5Ecxb-QxmIK3vVGfqolbTjUR58s6b3piY7z9hvTRsTdvoIiPOBoAfUmrRFGgs2qVMhxzCesOecqYUi81UpBuvKV0BG2QTHH4GEa-AsHfA5kzjoesRJNXmTTUHZZBl0AOHbRF3W30A9mNrGXb1DqWfYJmDRAE6d-DO455Bj5DBDp-ltRgfksfvkKec5ewEuu5do9-Bo-V0qWT_6XI-iDy4msEtuTYzFdS1Y53QL5BLQ5unKIY8XJLnyMIwwe0ksvQVXIbD4Oa6xDz0fZ0DcO4dsUObKv4Gd28gXXME3sUUSLiTw3Kgri9AJrEXuw9ZahDFFnHvxVbR3Hbp_D21YgRgMIw7YEETNZnA925eyevpVnR1L/wp/0.030913/tr/0.006183/pa/null/pclick/https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a969df9017979eb7899f1347b2e0090%26n%3DYahoo%2BSSP%26id%3D4785f59d1823405f9dd2634cefa3dbc1%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a96914b017979eb7c3bf134c4010092%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1677559655930%26rts%3D1677559655832%26ari%3Db581292306f942459e4a3808a8bf16aa%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3D6f8480ae-a75b-4da5-a1a2-4e8dee4d1ddf%26rdm%3D1%26rd%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:06:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2469
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6883
x-xss-protection
0
last-modified
Wed, 15 Feb 2023 19:52:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 28 Feb 2023 05:06:28 GMT
inside.js
cdn.js7k.com/rq/iv/ Frame 6D35 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.js7k.com/rq/iv/inside.js
Requested by
Host: pn.ybp.yahoo.com
URL: https://pn.ybp.yahoo.com/ab/secure/true/imp/Z7byN4BnpNzCwKk9PuUJqEvf3UUeIjMa6M6HKKbAxuUVdo67r9Zsm215TdhtDRqhsogCaqU25yvsLLQwyNfAvgKGkEcRJBCaMt4KNohOgY_t5IZuIGhfWko41y2DUZ9Noor5v0NYXwVLRQozSBia_F04vmOZgGnd3NUWu2TExw0To0a5zy2-qkScPFUFMa7ZtRIA3qLoD9mkrVduMCrgMxSwWBpZYAUsI4SwJX8mn9yEw30X7R4wo02D2lNwBE3LRbAbw8ioMQdT2x1g9jwvE2ACWf_xvHERLx5lOXEHtyEi9ddaj8oF2e2QhcgQWTTa_IdHFhFIa98SbQKG_48tHadne0tvC8af94e_5VGsmFklZ_kzlbA3Es99V53fro6YEkYlGDKifhaR_m_sGP41I0W-styVQAfsz-0koe8JTswhNXHY0D6-YaDXUxKepCBxxlUrUqqglH43rMGl0JSXudig59MU0sYXG48sKVl6xWKixQmTx0VF70PBNXYttJ9CTT-wqcrHkGSKQe88Kln9mxzKomk0LT_F-85jH0B1kyPxaq1rtv-88RYAKyOZIX2utvGhXE9TxbuD1RRyvq1UMxgzj1Px3bFJX_GDomWQilW1N4Pycizj9rRU1wMay_DtuN4-TeCdM1jGBu7HQ_1vczMZS7s59FoUzbzBYbAk1sk7lN00vtLT7a9rB21CZ0AmlMhHyKqhGq0LZTVinumD-Xg31fFyY-BV8UrAAQaPncaHLf8v9Lx10fubgsdOi62taa_EwELT8_bjH-3nd-884vSmtichwJSyWZpedhum_sZlX_0ooyUfCEb041wDhfNx5NUfP_WrA3o1bK2d5HdZqPGvTFR9ZOBX7_GLCgBooQOXBHJ6orW9we8S9CHCcysW1nJWS0IJSs8jbR1uhTM_cWLJRe6nulGqEgpz2j9jBi5Us_5J_2GPsJVpydNu5grV03Upv3iY7IY_4hCPkblhm8N4lgYBetSFMW6C9ghWcwrAZxNoR5TdoA5x3vfP6MsPBuZci5pVF8P1S2CnhTzojqfy-486jSrpbRECeUt3c1Wg8LFRM_UHi-MSRF7VrahNXC4wbSzOFrhfgFuy-BkO2GWElsyoR-slNbAk2Fhp3yFQnlttILz16BdEooZHHCUXUVXK9iXz_G94NBI6uSueZpSJ4jcT6dcAcCSSTHvHOEdAQQApEk5Ecxb-QxmIK3vVGfqolbTjUR58s6b3piY7z9hvTRsTdvoIiPOBoAfUmrRFGgs2qVMhxzCesOecqYUi81UpBuvKV0BG2QTHH4GEa-AsHfA5kzjoesRJNXmTTUHZZBl0AOHbRF3W30A9mNrGXb1DqWfYJmDRAE6d-DO455Bj5DBDp-ltRgfksfvkKec5ewEuu5do9-Bo-V0qWT_6XI-iDy4msEtuTYzFdS1Y53QL5BLQ5unKIY8XJLnyMIwwe0ksvQVXIbD4Oa6xDz0fZ0DcO4dsUObKv4Gd28gXXME3sUUSLiTw3Kgri9AJrEXuw9ZahDFFnHvxVbR3Hbp_D21YgRgMIw7YEETNZnA925eyevpVnR1L/wp/0.030913/tr/0.006183/pa/null/pclick/https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a969df9017979eb7899f1347b2e0090%26n%3DYahoo%2BSSP%26id%3D4785f59d1823405f9dd2634cefa3dbc1%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a96914b017979eb7c3bf134c4010092%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1677559655930%26rts%3D1677559655832%26ari%3Db581292306f942459e4a3808a8bf16aa%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3D6f8480ae-a75b-4da5-a1a2-4e8dee4d1ddf%26rdm%3D1%26rd%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2000:98:800::e6 , Taiwan, ASN38032 (YAHOO-HK2-AP internet content provider, HK),
Reverse DNS
Software
ATS /
Resource Hash
1b3f1a6337f21366cf59487bb664dd0983c245ccf100be143f4366a07e005d09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 02:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
WSX55W1NG9WDHJJ9
age
8307
x-amz-server-side-encryption
AES256
content-length
14353
x-amz-id-2
ogeAQWlRQ1m7h2OEzc94I1VJUVUP+Hy1kvgZjrXcP62pzMmpb9j8aYqRXHbYJXKcluPzHEUxP4A=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Sep 2021 15:05:50 GMT
server
ATS
etag
"8ceeaab271ed688991789ed1090cb398-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=14400
accept-ranges
bytes
dcmads.js
www.googletagservices.com/dcm/ Frame 2D0B 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: pn.ybp.yahoo.com
URL: https://pn.ybp.yahoo.com/ab/secure/true/imp/KnhB-H7QCuiy_oJwmzAufj8VHw9atOjVFyRwPiFpaIEj12byblRY4whUngoI0RvFl5j3i7Y4Xkq3TuCSqpnFfw-GvOaOSKMgSgG4jfTrjJMpG9m_oCacTQQ3cbmDPIIl1atI7qd0Hd629fymTtU_e5QJL83_ytT1Tqm_2yr52Hs0acWn2aAqUWeDJcY_gJJMUyY-SfyQVnHBwH-U48KOGfwPMp777HaAJF4xQWjIO5ZyYjBAr1a5_Si3hLzrUn-irfED9IBYEzEEYNe6sGhI2hQqrwKXTcOo0yMG409Os8t-ge-fJGxkC3rvpZcjahlI6uFA1InDrNC6OzF0xnxTeGa9xzdQptuChfBTz9zd_oGqparw5xZoO6DDh1wQExV2k6-xy3nQn4QOAEi2s-t1lIXzeFaf__B7HEowS2r7D_F4H9hAZC79X9ew3u-Jw4VSQ3JK2e_zRbqm7GruEHwtORDpJt59nL5akgW7EysxLruZ912zyoGCejtsYIhI2w0RAgRHaZlE7VA6fZiIabkDuZYfT4WGz43HMgKRBh8_IN7FZX5qgT5VhHVV8phfOIPnYRpiJcdS1SHoNq7-NvP3GhFdMwnwrgJMs7DQ1akvJEWvgj0v1qN5RuilpbFB--HIqirS5PxEbJof2F_Tyoo5BXgtH7cm1pqAMPFSVxcWwouPvQnyJ6qbB_V5OuQ11VxGxC0WS9zpVbOVs6ab7It_qihYUXvqSsJhfXa7WmagNimnJ9nbr7C_kg5yPJ1YCK5uLob5TLEwvBoRqRklIO7l71UboK2Tj2ghYHtL_v-pV84wVVt4xATt1rJupNYHuhdndE7AlpxAYeTKK23ebcLOuB9jwJ5erTpt9yTUBtN-M-8985PwRUA0lfBI1gEISbSJuNVGUSKKyuGgxvOmjF5Vk6m7f5X86d3bPK8QPw0L_NADRZ2G7wLfP7g60m0JIrwJh5oiYhskPSk1V8L5i4-EdP1AbmWtnXfTLhWk9OgVgSS0xMftiYlDuZNHzT3byt46Fxz5-I3Q4ZHs5tAieXyBHCLuYaDgNqXnDj19-1xCCxCDRdvi5_iHCRWCGzRAgTrKebcBmE2FW9MvUWoZu1V9yVV3OZ6udNbCFhrHGVofT_FWQGFEdOdwnsPkempZgL_sntsbH_mKPEcW2S28fJ5FTCgEJC5SkLopJx19Hb6fRF8Q8YuFpo9Dx5V6ZGAnYs1WrF6nbldmUfybjzXo8U8o_fVFW0ccHqI2tEjhu6wt5jwWsl99aI1gCXi70AaN2ZaCQVB5zeC20XjvepmuX1RqLfx1Ws6xAS2QeVu1fpmWkDKqB24tM5Td0iBCurC0fF5bLoxEYKx2bN9vwF7kzMve_0936xdck1y5HdrNEci0fWRFTV9-YhJuI8_RasTKZtDsNU0v4fVyhdaW3mrQAbdC8nIKmBqMEwuKzw9zKxuVR-p8sapoippxh5AAEM3YycqSowoMfC9VWjPDqDZA-Y45HUZEL0ZhGGJXOUK7FMqZ2IadK87ynVCnTnNqBeFq2YbEuZurIfhzRhg/wp/0.030913/tr/0.012365/pa/null/pclick/https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3D96227314da594cfdb4b43761e06a2988%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a969df9017979eb7899f132c763008f%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1677559655935%26rts%3D1677559655830%26ari%3D75314503184548edbd7ed305d6a447cc%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3D58180ade-aa41-474d-a801-8ee8d1d71032%26rdm%3D1%26rd%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:06:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2469
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6883
x-xss-protection
0
last-modified
Wed, 15 Feb 2023 19:52:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 28 Feb 2023 05:06:28 GMT
inside.js
cdn.js7k.com/rq/iv/ Frame 2D0B 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.js7k.com/rq/iv/inside.js
Requested by
Host: pn.ybp.yahoo.com
URL: https://pn.ybp.yahoo.com/ab/secure/true/imp/KnhB-H7QCuiy_oJwmzAufj8VHw9atOjVFyRwPiFpaIEj12byblRY4whUngoI0RvFl5j3i7Y4Xkq3TuCSqpnFfw-GvOaOSKMgSgG4jfTrjJMpG9m_oCacTQQ3cbmDPIIl1atI7qd0Hd629fymTtU_e5QJL83_ytT1Tqm_2yr52Hs0acWn2aAqUWeDJcY_gJJMUyY-SfyQVnHBwH-U48KOGfwPMp777HaAJF4xQWjIO5ZyYjBAr1a5_Si3hLzrUn-irfED9IBYEzEEYNe6sGhI2hQqrwKXTcOo0yMG409Os8t-ge-fJGxkC3rvpZcjahlI6uFA1InDrNC6OzF0xnxTeGa9xzdQptuChfBTz9zd_oGqparw5xZoO6DDh1wQExV2k6-xy3nQn4QOAEi2s-t1lIXzeFaf__B7HEowS2r7D_F4H9hAZC79X9ew3u-Jw4VSQ3JK2e_zRbqm7GruEHwtORDpJt59nL5akgW7EysxLruZ912zyoGCejtsYIhI2w0RAgRHaZlE7VA6fZiIabkDuZYfT4WGz43HMgKRBh8_IN7FZX5qgT5VhHVV8phfOIPnYRpiJcdS1SHoNq7-NvP3GhFdMwnwrgJMs7DQ1akvJEWvgj0v1qN5RuilpbFB--HIqirS5PxEbJof2F_Tyoo5BXgtH7cm1pqAMPFSVxcWwouPvQnyJ6qbB_V5OuQ11VxGxC0WS9zpVbOVs6ab7It_qihYUXvqSsJhfXa7WmagNimnJ9nbr7C_kg5yPJ1YCK5uLob5TLEwvBoRqRklIO7l71UboK2Tj2ghYHtL_v-pV84wVVt4xATt1rJupNYHuhdndE7AlpxAYeTKK23ebcLOuB9jwJ5erTpt9yTUBtN-M-8985PwRUA0lfBI1gEISbSJuNVGUSKKyuGgxvOmjF5Vk6m7f5X86d3bPK8QPw0L_NADRZ2G7wLfP7g60m0JIrwJh5oiYhskPSk1V8L5i4-EdP1AbmWtnXfTLhWk9OgVgSS0xMftiYlDuZNHzT3byt46Fxz5-I3Q4ZHs5tAieXyBHCLuYaDgNqXnDj19-1xCCxCDRdvi5_iHCRWCGzRAgTrKebcBmE2FW9MvUWoZu1V9yVV3OZ6udNbCFhrHGVofT_FWQGFEdOdwnsPkempZgL_sntsbH_mKPEcW2S28fJ5FTCgEJC5SkLopJx19Hb6fRF8Q8YuFpo9Dx5V6ZGAnYs1WrF6nbldmUfybjzXo8U8o_fVFW0ccHqI2tEjhu6wt5jwWsl99aI1gCXi70AaN2ZaCQVB5zeC20XjvepmuX1RqLfx1Ws6xAS2QeVu1fpmWkDKqB24tM5Td0iBCurC0fF5bLoxEYKx2bN9vwF7kzMve_0936xdck1y5HdrNEci0fWRFTV9-YhJuI8_RasTKZtDsNU0v4fVyhdaW3mrQAbdC8nIKmBqMEwuKzw9zKxuVR-p8sapoippxh5AAEM3YycqSowoMfC9VWjPDqDZA-Y45HUZEL0ZhGGJXOUK7FMqZ2IadK87ynVCnTnNqBeFq2YbEuZurIfhzRhg/wp/0.030913/tr/0.012365/pa/null/pclick/https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3D96227314da594cfdb4b43761e06a2988%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a969df9017979eb7899f132c763008f%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1677559655935%26rts%3D1677559655830%26ari%3D75314503184548edbd7ed305d6a447cc%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3D58180ade-aa41-474d-a801-8ee8d1d71032%26rdm%3D1%26rd%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2000:98:800::e6 , Taiwan, ASN38032 (YAHOO-HK2-AP internet content provider, HK),
Reverse DNS
Software
ATS /
Resource Hash
1b3f1a6337f21366cf59487bb664dd0983c245ccf100be143f4366a07e005d09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 02:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
WSX55W1NG9WDHJJ9
age
8307
x-amz-server-side-encryption
AES256
content-length
14353
x-amz-id-2
ogeAQWlRQ1m7h2OEzc94I1VJUVUP+Hy1kvgZjrXcP62pzMmpb9j8aYqRXHbYJXKcluPzHEUxP4A=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Sep 2021 15:05:50 GMT
server
ATS
etag
"8ceeaab271ed688991789ed1090cb398-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=14400
accept-ranges
bytes
impl_v95.js
www.googletagservices.com/dcm/ Frame 6D35 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v95.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 19:32:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
119687
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23368
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 18:47:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 26 Feb 2024 19:32:50 GMT
impl_v95.js
www.googletagservices.com/dcm/ Frame 2D0B 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v95.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 19:32:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
119687
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23368
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 18:47:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 26 Feb 2024 19:32:50 GMT
container.html
3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EDD9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Feb 2023 04:47:36 GMT
expires
Wed, 28 Feb 2024 04:47:36 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js
pagead2.googlesyndication.com/bg/ Frame 63E9 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8deb16eb44574c11f7fc262b3fb21c23016e46f1d8b8cc4e0184adc0c38d097
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 09:20:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
156430
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14401
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 26 Feb 2024 09:20:27 GMT
B28320074.349771445;dc_ver=95.280;dc_eid=40004001;sz=300x250;u_sd=1;gdpr=0;dc_adk=2114194144;ord=p82mzf;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a969df901797...
ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/ Frame 6D35 		57 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/B28320074.349771445;dc_ver=95.280;dc_eid=40004001;sz=300x250;u_sd=1;gdpr=0;dc_adk=2114194144;ord=p82mzf;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a969df9017979eb7899f1347b2e0090%26n%3DYahoo%2BSSP%26id%3D4785f59d1823405f9dd2634cefa3dbc1%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a96914b017979eb7c3bf134c4010092%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1677559655930%26rts%3D1677559655832%26ari%3Db581292306f942459e4a3808a8bf16aa%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3D6f8480ae-a75b-4da5-a1a2-4e8dee4d1ddf%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2FOMG4NKwLXhxIB1Z0VB8r_3c9GhMzwqOJKdCe1iQxd3newjzU3ZkW8Ot-xerTs9hSEsqNaP0UC3RQbxpolEmY8pnBGxlhavoIactnoGIHiscoEkTySO4bYskbLE1w-PbZSb3fHKsDKk_HfYheNq4a9DkAQOhl7VcBpc4JAmJ8EoE5Qv9rGECVx_yDsypiM1-g2v-MLccangD7V_6Ls82nui8MNPxc3rJLiefxgPRPtCQTw3ZFj8e6hGhVOR7a335AgKecb3jwg2ZrXGPjwKthS1UNhB1TZFIXC1Vpt1nfxiPdMtwVe8PiLA%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpastelink.net%2Fo3zyl3g7$0;xdt=0;crlt=*yNZxi*WdE;gcsr=m;stc=1;chaa=1;sttr=36;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v95.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
cafe /
Resource Hash
50677ec62115e1f9bbc8e76964465afd96d13e6d37d5f8c6e5af5ddfbfdfe8a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27823
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B28320074.346964946;dc_ver=95.280;sz=300x250;u_sd=1;gdpr=0;dc_adk=635666931;rc=1;ord=b7qche;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f1311...
ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/ Frame 2D0B 		57 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/B28320074.346964946;dc_ver=95.280;sz=300x250;u_sd=1;gdpr=0;dc_adk=635666931;rc=1;ord=b7qche;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3D96227314da594cfdb4b43761e06a2988%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a969df9017979eb7899f132c763008f%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1677559655935%26rts%3D1677559655830%26ari%3D75314503184548edbd7ed305d6a447cc%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3D58180ade-aa41-474d-a801-8ee8d1d71032%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2Fy-FWMpFMoWb1sYsV1jfLcp7F80fdnxtF6IygPRt3BhB8NFdIDMkO65Mld84KNkL2thzlWRVpExgdU_5CCCHSuObBYpDG389C3-kLg4L6Gtv-6_mHmDfJA6_QV4b0u-ZvxrJfoN7b8f_A0CJKud8upKG0Gc8IBn0ILN76fElyNRkk3zYJemFulag9qVGboUaRgIyv9IwQ06nz-fDDPIYVh8xeoIfTWOSnoi_6OPv3j8rFReq0IsILC89EFLuRTa2KBiKl_Th1n_2jywc26BrBtV7HotnD-vb-oQZArdeprB4%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpastelink.net%2Fo3zyl3g7$0;xdt=0;crlt=*yNZxi*WdE;gcsr=m;stc=1;chaa=1;sttr=38;rcsrc=h;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v95.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
cafe /
Resource Hash
b3af49db02db719fddf05b025b22d32227228781ac8cf7953991f778362faa20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27595
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame EDD9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C26LhaYf9Y-6MG8XGowOyvp3wDb3U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJ4AIAqAMBqgTzAU_QLzgGBueidtGWNjJRcHenh_uAPeR4D76h-hIgkz5g5dKqe6Ln9vbd6fg2biCPSaU4dGwke_FRscLKC5lWOtz4gLG0u42ZYW7IPwzlKuBtEHuacAmMzflz4GjaAM5sk7VwwlRmF5gZkXCoE57tljaskHLFQ8Wtp0ImP3Yg2tozgccfKWmihFUAhOmWu7HOYw7zPvev88qOcMipvZdCZjrWuUwIvnFe-mcn3M-pOzzmQkN3w1W4shKwKIe3mfdV8ScfiUdYT2x1tEsreIPS5NeCLVIY4i_E-uVwwmcbWzhHidsmi3kjS_rjA-wUQxBoYwgTCOAEAYAGop-suvamgpJjoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItOTYwMjUxOTUwMjYxODI2Mhj63nw&sigh=2lBVU9IV0Lw&uach_m=[UACH]&cid=CAQSSwDUE5ymoArVtdNrzHCcfkX7Y3bl9toDu4muRhBUvjxooTSNk3Y8HtNphtZb9AEnrwY4oJhppa2N4OldWSM1_k5vX6gCXnkECQrJmRgB
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.jp2.as.criteo.com/google/auction/ Frame EDD9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kMWDFdj-BqwC-gHgvNldAgAAADJCIdTnX8kaEGiH_WM1wxDePVSCA7QyAAASAAAKDkFRVUJEUVlCRFFFQkRR&wp=Y_2HaQAGxm4KaONFAAdfMiUaNZYpHdvfim7_2A
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::13 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
140734
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 32EA 		50 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y_2HaQAGxm4KaONFAAdfMiUaNZYpHdvfim7_2A&u=%7CQM%2BOFsbANfpjDlCGQr7QH8PdalNBe%2Fo5aPLBLA9wJOM%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uQoY01BbuO_YWcpTssNRl07V3bvaUTG35PnnPfsSbytuY0OBePIi-_ON8y34rToh8NxF3Ut1OHc8gT3HfGlrsUqvUDfEt8om06PL3B8aKaFwasssAHm3m23hkD_rSKCfXsxWo59e-7SGXEJIZX7dDNBjPxNtiUZiC210X_TCM8JiVGkM3FNliDHen3zh6i8BPhWQuThgsfXh1eJ4wiFP2oIUuQgDEAmUc7Rjez3PMsmdl-5QE6u9Kj6TeHYYF8K6WDoRKHO6DDSWkh0AfxoyJYvCyEtMHh28Jg_KZGN2RJQtUdhFcY5CY9FClyuRAa-XXNBob-zzdU7rSFlV6Gm6n9lCN-7B8ilWk_6ob1kyk7KIRGib4oXhprswAq1xIm1gKgZzSeIrju5G-ryn6QXkTDRVclhu5CuCswMmKG5KK307pvPEOcQIyty7zefyyXx4x4HmWF6dp0Zza_S-NZpSoZK3Uulkt9f9RpqdmI81uyei-875k6S4Ek7khW03iRN5t87blLaT2acmcO8Y78EVZOhpAsJ_42cxAYHAgq5dC_nuGriHlH0fPN8olXDz7Q3L3rtmVFLXzSI4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJoZjaYf9Y-6MG8XGowOyvp3wDb3U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJ4AIAqAMBqgT2AU_QLzgGBueidtGWNjJRcHenh_uAPeR4D76h-hIgkz5g5dKqe6Ln9vbd6fg2biCPSaU4dGwke_FRscLKC5lWOtz4gLG0u42ZYW7IPwzlKuBtEHuacAmMzflz4GjaAM5sk7VwwlRmF5gZkXCoE57tljaskHLFQ8Wtp0ImP3Yg2tozgccfKWmihFUAhOmWu7HOYw7zPvev88qOcMipvZdCZjrWuUwIvnFe-mcn3M-pOzzmQkN3w1W4shKwKIe3mfdV8ScfiUdYT2x1tEsreIOQ5vYQrJm1jNVph1Sg7dLjES9NfNIIk-mEg9VW8VMKbwjrjb198mKFwOAEAYAGop-suvamgpJjoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3466K0vFS_v8TEudGogMFHBXEkvQ%26client%3Dca-pub-9602519502618262%26adurl%3D
Requested by
Host: 3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com
URL: https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::15 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
9d84a493ce54df793827648468f1b860ee21de67be8dd81d818d40ae68e5ffad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 28 Feb 2023 04:47:37 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=W_Db30Fj8ZQWIixj_91KriWZdPGaDa4ofJccmlNjAY_6DmaA26YTDN0pKisE1FZwp_pgxpK_Z9Hh_cyYueZ-0Hr9mqWioKribXs4QCloBzknGNyDeLtG8uBpPBEJVICCDBLIG1iv1p_k-pLm0hHCu8fngEPZagWdxwVuCJ0e2IjsuGu2I5B9ud2T2X5D-uAqLyGS2xdymDTyxDUk7x3XWiBEG64mmiMoLRLaugeSykx87ivQSSP1dZAbeptReE1C767H2A"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
2968379
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame EDD9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com
URL: https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 23:01:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
20771
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Mar 2023 23:01:26 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame EDD9 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com
URL: https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 20:48:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
28725
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5959907985313552934
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Mar 2023 20:48:52 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame EDD9 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com
URL: https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:06:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
477680
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 22 Feb 2024 16:06:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EDD9 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com
URL: https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
184f7e9267bf77e6df354fcbd8c87029012a59f9aa277fde93f376349ee0f0a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49360
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677501794595172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 28 Feb 2023 04:47:37 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230223/r20110914/elements/html/ Frame 6D35 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230223/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/B28320074.349771445;dc_ver=95.280;dc_eid=40004001;sz=300x250;u_sd=1;gdpr=0;dc_adk=2114194144;ord=p82mzf;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a969df9017979eb7899f1347b2e0090%26n%3DYahoo%2BSSP%26id%3D4785f59d1823405f9dd2634cefa3dbc1%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a96914b017979eb7c3bf134c4010092%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1677559655930%26rts%3D1677559655832%26ari%3Db581292306f942459e4a3808a8bf16aa%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3D6f8480ae-a75b-4da5-a1a2-4e8dee4d1ddf%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2FOMG4NKwLXhxIB1Z0VB8r_3c9GhMzwqOJKdCe1iQxd3newjzU3ZkW8Ot-xerTs9hSEsqNaP0UC3RQbxpolEmY8pnBGxlhavoIactnoGIHiscoEkTySO4bYskbLE1w-PbZSb3fHKsDKk_HfYheNq4a9DkAQOhl7VcBpc4JAmJ8EoE5Qv9rGECVx_yDsypiM1-g2v-MLccangD7V_6Ls82nui8MNPxc3rJLiefxgPRPtCQTw3ZFj8e6hGhVOR7a335AgKecb3jwg2ZrXGPjwKthS1UNhB1TZFIXC1Vpt1nfxiPdMtwVe8PiLA%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpastelink.net%2Fo3zyl3g7$0;xdt=0;crlt=*yNZxi*WdE;gcsr=m;stc=1;chaa=1;sttr=36;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 19:08:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
34738
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3023
x-xss-protection
0
server
cafe
etag
4221495933888618527
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Mar 2023 19:08:39 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 6D35 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstFmP_5xV0-jvNcVrghDM7b_DzJAvmKPcmpJwu08SIDdv0eaBROaF9q-FCObTS4nvAjBiCtSkMkX3bc6lepUTVgPlrC2DCtQcHZ-dyc4SOtcI138KQGwON-EImv_4KQtfxEQQVxtqSIXL5_E8NhqJkAevSsRg&sai=AMfl-YSVoBzSEJ_4joMEIfCW8NBI6Xh3x1qx6HbQZILUqNGfVrj865ziM7tpM25gA8wm5YztrvvUPy9WpaB5rNrPqQGllvyNXHNgVijNzQ&sig=Cg0ArKJSzNcHA_cvCdsTEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230223.70252&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/B28320074.349771445;dc_ver=95.280;dc_eid=40004001;sz=300x250;u_sd=1;gdpr=0;dc_adk=2114194144;ord=p82mzf;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a969df9017979eb7899f1347b2e0090%26n%3DYahoo%2BSSP%26id%3D4785f59d1823405f9dd2634cefa3dbc1%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a96914b017979eb7c3bf134c4010092%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1677559655930%26rts%3D1677559655832%26ari%3Db581292306f942459e4a3808a8bf16aa%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3D6f8480ae-a75b-4da5-a1a2-4e8dee4d1ddf%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2FOMG4NKwLXhxIB1Z0VB8r_3c9GhMzwqOJKdCe1iQxd3newjzU3ZkW8Ot-xerTs9hSEsqNaP0UC3RQbxpolEmY8pnBGxlhavoIactnoGIHiscoEkTySO4bYskbLE1w-PbZSb3fHKsDKk_HfYheNq4a9DkAQOhl7VcBpc4JAmJ8EoE5Qv9rGECVx_yDsypiM1-g2v-MLccangD7V_6Ls82nui8MNPxc3rJLiefxgPRPtCQTw3ZFj8e6hGhVOR7a335AgKecb3jwg2ZrXGPjwKthS1UNhB1TZFIXC1Vpt1nfxiPdMtwVe8PiLA%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpastelink.net%2Fo3zyl3g7$0;xdt=0;crlt=*yNZxi*WdE;gcsr=m;stc=1;chaa=1;sttr=36;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 28 Feb 2023 04:47:37 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6D35 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/B28320074.349771445;dc_ver=95.280;dc_eid=40004001;sz=300x250;u_sd=1;gdpr=0;dc_adk=2114194144;ord=p82mzf;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a969df9017979eb7899f1347b2e0090%26n%3DYahoo%2BSSP%26id%3D4785f59d1823405f9dd2634cefa3dbc1%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a96914b017979eb7c3bf134c4010092%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1677559655930%26rts%3D1677559655832%26ari%3Db581292306f942459e4a3808a8bf16aa%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3D6f8480ae-a75b-4da5-a1a2-4e8dee4d1ddf%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2FOMG4NKwLXhxIB1Z0VB8r_3c9GhMzwqOJKdCe1iQxd3newjzU3ZkW8Ot-xerTs9hSEsqNaP0UC3RQbxpolEmY8pnBGxlhavoIactnoGIHiscoEkTySO4bYskbLE1w-PbZSb3fHKsDKk_HfYheNq4a9DkAQOhl7VcBpc4JAmJ8EoE5Qv9rGECVx_yDsypiM1-g2v-MLccangD7V_6Ls82nui8MNPxc3rJLiefxgPRPtCQTw3ZFj8e6hGhVOR7a335AgKecb3jwg2ZrXGPjwKthS1UNhB1TZFIXC1Vpt1nfxiPdMtwVe8PiLA%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpastelink.net%2Fo3zyl3g7$0;xdt=0;crlt=*yNZxi*WdE;gcsr=m;stc=1;chaa=1;sttr=36;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 22:32:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
454537
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Feb 2024 22:32:00 GMT
11554287356709870756
s0.2mdn.net/simgad/ Frame 6D35 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11554287356709870756
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::95 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c052d6fef78cbb874f5ed3ad653b66c386994c9a433e8d468f7ec74adac677f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 00:10:41 GMT
x-content-type-options
nosniff
age
103016
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44645
x-xss-protection
0
last-modified
Tue, 25 Oct 2022 03:08:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 27 Feb 2024 00:10:41 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 3AA9
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=175407&cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D&s=175407&C=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D&s=175407&C=1
Requested by
Host: service.idsync.analytics.yahoo.com
URL: https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=58301,57926,55936,55965,55944,55859,55938&referrer=pastelink.net&limit=12&us_privacy=&js=1&_origin=1&gdpr=0&euconsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
5c0b6ffc1eef89682e1eaa3f44083732df26e04839ccc97d2c4e308575977236

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1870
Content-Type
text/html
Date
Tue, 28 Feb 2023 04:47:38 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Tue, 28 Feb 2023 04:47:38 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D&s=175407&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
/
c1.adform.net/serving/cookie/match/ Frame 6D35 		35 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match/?CC=1&party=15&gdpr=0&gdpr_consent=&curl=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55944%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3d0%26gdpr_consent%3d
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
setuid
ib.adnxs.com/prebid/ Frame 6D35
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58230/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/prebid/setuid?bidder=verizonmedia&uid=y-wi7Y2GpE2uHxhOBQF9tXRG1mKuCKqg--~A&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=verizonmedia&uid=y-wi7Y2GpE2uHxhOBQF9tXRG1mKuCKqg--~A&gdpr=0
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
HTTP/1.1
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 04:47:37 GMT
AN-X-Request-Uuid
16a5cb35-0ca8-4696-805d-809ded5b4825
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
209.58.162.217; 209.58.162.217; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location
https://ib.adnxs.com/prebid/setuid?bidder=verizonmedia&uid=y-wi7Y2GpE2uHxhOBQF9tXRG1mKuCKqg--~A&gdpr=0
date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/58281/ Frame 6D35
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1kZ25EdndsRTJ1RXo3YnBSajlNdHVqR0xWXzRWcnNDVX5B&gdpr=0&gdpr_consent=&_origin=0
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=false&gdpr=0&gdpr_consent=&_origin=0
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58281/sync?redir=false&gdpr=0&gdpr_consent=&_origin=0
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Server
52.74.162.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ups.analytics.yahoo.com/ups/58281/sync?redir=false&gdpr=0&gdpr_consent=&_origin=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 6D35
Redirect Chain
  • https://eb2.3lift.com/getuid?&gdpr=0&cmp_cs=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58382%2Fsync%3F_origin%3D0%26ums2%3D0%26redir%3Dtrue%26uid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58382%2Fsync%3F_origin%3D0%26ums2%3D0%26redir%3Dtrue%26uid%3D%24UID%26gdpr%3D0%26gdp...
  • https://ups.analytics.yahoo.com/ups/58382/sync?_origin=0&ums2=0&redir=true&uid=4201761885516150637312&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/sync?px=1&gdpr=0&axid=y-xvKgUANE2uKHkyqQdhV4m1XDgWxRoqgP~A&ums2=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=8617581c-fe7a-45a1-88ea-d9c42be8be2e&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=8617581c-fe7a-45a1-88ea-d9c42be8be2e&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 28 Feb 2023 04:47:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:38 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=8617581c-fe7a-45a1-88ea-d9c42be8be2e&dongle=0cfd&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
251
sync
ups.analytics.yahoo.com/ups/56613/ Frame 6D35 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/56613/sync?_origin=0&gdpr=0&gdpr_consent=
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.162.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/58456/ Frame 6D35
Redirect Chain
  • https://ap.lijit.com/pixel?a=0&%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58456%2Fsync%3F_origin%3D0%26uid%3D%24UID
  • https://ap.lijit.com/pixel?a=0&%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58456%2Fsync%3F_origin%3D0%26uid%3D%24UID&sovrn_retry=true
  • https://ups.analytics.yahoo.com/ups/58456/sync?_origin=0&uid=GOvfJLZH5OUScR_HTLiN8b8J
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58456/sync?_origin=0&uid=GOvfJLZH5OUScR_HTLiN8b8J
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Server
52.74.162.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date
Tue, 28 Feb 2023 04:47:38 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ups.analytics.yahoo.com/ups/58456/sync?_origin=0&uid=GOvfJLZH5OUScR_HTLiN8b8J
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1sea1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
sync
ups.analytics.yahoo.com/ups/58294/ Frame 6D35
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58294%2Fsync%3F_origin%3D0%26gdpr%3D0%26gdpr_consent%3D...
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58294%2Fsync%3F_origin%3D0%26gdpr%3D0%26gdpr_conse...
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=0&gdpr=0&gdpr_consent=&uid=fa36b57f-8ad8-4299-88f9-800539bb5880
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=0&gdpr=0&gdpr_consent=&uid=fa36b57f-8ad8-4299-88f9-800539bb5880
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Server
52.74.162.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

date
Tue, 28 Feb 2023 04:47:37 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=0&gdpr=0&gdpr_consent=&uid=fa36b57f-8ad8-4299-88f9-800539bb5880
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
ups.analytics.yahoo.com/ups/58160/ Frame 6D35
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=oath&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=0&uid=LENRPG73-J-9NF0&gdpr=0
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=0&uid=LENRPG73-J-9NF0&gdpr=0
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Server
52.74.162.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=0&uid=LENRPG73-J-9NF0&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
Expires
0
sync
ups.analytics.yahoo.com/ups/58529/ Frame 6D35
Redirect Chain
  • https://ads.yieldmo.com/verizonsync?&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58529/sync?uid=g5fa4fcc65dcdba85831&_origin=0&gdpr=0&gdpr_consent=
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58529/sync?uid=g5fa4fcc65dcdba85831&_origin=0&gdpr=0&gdpr_consent=
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Server
52.74.162.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:37 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://ups.analytics.yahoo.com/ups/58529/sync?uid=g5fa4fcc65dcdba85831&_origin=0&gdpr=0&gdpr_consent=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
sync
ups.analytics.yahoo.com/ups/58222/ Frame 6D35
Redirect Chain
  • https://contextual.media.net/cksync.php?cs=3&type=vzn&ovsid=y-4I9.3u1E2uF6s3U6HgEwTe853YINtGGe~A&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58222%2Fsync%3F_origin%3...
  • https://ups.analytics.yahoo.com/ups/58222/sync?_origin=0&uid=3205612588092160000V10&gdpr=0&gdpr_consent=
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58222/sync?_origin=0&uid=3205612588092160000V10&gdpr=0&gdpr_consent=
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Server
52.74.162.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 28 Feb 2023 04:47:38 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://ups.analytics.yahoo.com/ups/58222/sync?_origin=0&uid=3205612588092160000V10&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Tue, 28 Feb 2023 04:47:38 GMT
sync
ups.analytics.yahoo.com/ups/58280/ Frame 6D35
Redirect Chain
  • https://match.sharethrough.com/fUD7hqXV/v2?_origin=0
  • https://ups.analytics.yahoo.com/ups/58280/sync?uid=a0e1a3b3-5507-477b-86a5-c146387d462d&_origin=0
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58280/sync?uid=a0e1a3b3-5507-477b-86a5-c146387d462d&_origin=0
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Server
52.74.162.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58280/sync?uid=a0e1a3b3-5507-477b-86a5-c146387d462d&_origin=0
date
Tue, 28 Feb 2023 04:47:37 GMT
content-length
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6D35 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
184f7e9267bf77e6df354fcbd8c87029012a59f9aa277fde93f376349ee0f0a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49360
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677501794595172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 28 Feb 2023 04:47:37 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230223/r20110914/elements/html/ Frame 2D0B 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230223/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/B28320074.346964946;dc_ver=95.280;sz=300x250;u_sd=1;gdpr=0;dc_adk=635666931;rc=1;ord=b7qche;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3D96227314da594cfdb4b43761e06a2988%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a969df9017979eb7899f132c763008f%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1677559655935%26rts%3D1677559655830%26ari%3D75314503184548edbd7ed305d6a447cc%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3D58180ade-aa41-474d-a801-8ee8d1d71032%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2Fy-FWMpFMoWb1sYsV1jfLcp7F80fdnxtF6IygPRt3BhB8NFdIDMkO65Mld84KNkL2thzlWRVpExgdU_5CCCHSuObBYpDG389C3-kLg4L6Gtv-6_mHmDfJA6_QV4b0u-ZvxrJfoN7b8f_A0CJKud8upKG0Gc8IBn0ILN76fElyNRkk3zYJemFulag9qVGboUaRgIyv9IwQ06nz-fDDPIYVh8xeoIfTWOSnoi_6OPv3j8rFReq0IsILC89EFLuRTa2KBiKl_Th1n_2jywc26BrBtV7HotnD-vb-oQZArdeprB4%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpastelink.net%2Fo3zyl3g7$0;xdt=0;crlt=*yNZxi*WdE;gcsr=m;stc=1;chaa=1;sttr=38;rcsrc=h;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 19:08:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
34738
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3023
x-xss-protection
0
server
cafe
etag
4221495933888618527
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Mar 2023 19:08:39 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2D0B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsueKtns6uCDKk8Rwq1y4Z7x2mzHEBcq_alrTgkMT5zBLtr0Y85Pq0kslsm54edCarbqw22HnbL7Pz3LQhiYGqjNlI3hQ2iBktcNZh70ztPtbeFvSGMdEmIP6svrhx3srDblpgy7IxniwJTXFYab93ZX43ieAw&sai=AMfl-YQDUYqTr28tvOxh2nU-ROVll8pJhN9R5xivaHTav9CknsDMWm6GlIJ6I24Kp9I9c96YtcJjOstqdtn0eYFWfDuRZ8Ui4lRZ4g1axQ&sig=Cg0ArKJSzNwXaFh5SQ_3EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230223.40128&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/B28320074.346964946;dc_ver=95.280;sz=300x250;u_sd=1;gdpr=0;dc_adk=635666931;rc=1;ord=b7qche;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3D96227314da594cfdb4b43761e06a2988%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a969df9017979eb7899f132c763008f%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1677559655935%26rts%3D1677559655830%26ari%3D75314503184548edbd7ed305d6a447cc%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3D58180ade-aa41-474d-a801-8ee8d1d71032%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2Fy-FWMpFMoWb1sYsV1jfLcp7F80fdnxtF6IygPRt3BhB8NFdIDMkO65Mld84KNkL2thzlWRVpExgdU_5CCCHSuObBYpDG389C3-kLg4L6Gtv-6_mHmDfJA6_QV4b0u-ZvxrJfoN7b8f_A0CJKud8upKG0Gc8IBn0ILN76fElyNRkk3zYJemFulag9qVGboUaRgIyv9IwQ06nz-fDDPIYVh8xeoIfTWOSnoi_6OPv3j8rFReq0IsILC89EFLuRTa2KBiKl_Th1n_2jywc26BrBtV7HotnD-vb-oQZArdeprB4%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpastelink.net%2Fo3zyl3g7$0;xdt=0;crlt=*yNZxi*WdE;gcsr=m;stc=1;chaa=1;sttr=38;rcsrc=h;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 28 Feb 2023 04:47:37 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2D0B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/B28320074.346964946;dc_ver=95.280;sz=300x250;u_sd=1;gdpr=0;dc_adk=635666931;rc=1;ord=b7qche;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3D96227314da594cfdb4b43761e06a2988%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a969df9017979eb7899f132c763008f%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1677559655935%26rts%3D1677559655830%26ari%3D75314503184548edbd7ed305d6a447cc%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3D58180ade-aa41-474d-a801-8ee8d1d71032%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2Fy-FWMpFMoWb1sYsV1jfLcp7F80fdnxtF6IygPRt3BhB8NFdIDMkO65Mld84KNkL2thzlWRVpExgdU_5CCCHSuObBYpDG389C3-kLg4L6Gtv-6_mHmDfJA6_QV4b0u-ZvxrJfoN7b8f_A0CJKud8upKG0Gc8IBn0ILN76fElyNRkk3zYJemFulag9qVGboUaRgIyv9IwQ06nz-fDDPIYVh8xeoIfTWOSnoi_6OPv3j8rFReq0IsILC89EFLuRTa2KBiKl_Th1n_2jywc26BrBtV7HotnD-vb-oQZArdeprB4%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpastelink.net%2Fo3zyl3g7$0;xdt=0;crlt=*yNZxi*WdE;gcsr=m;stc=1;chaa=1;sttr=38;rcsrc=h;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 22:32:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
454537
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Feb 2024 22:32:00 GMT
10254443079378254852
s0.2mdn.net/simgad/ Frame 2D0B 		103 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/10254443079378254852
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::95 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5777913e0a429e8b12826d62bdc439f40b1069b4bd3d1debce8682dd685179a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 16:07:17 GMT
x-content-type-options
nosniff
age
391220
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
105151
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 00:47:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Feb 2024 16:07:17 GMT
setuid
ib.adnxs.com/prebid/ Frame 2D0B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58230/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/prebid/setuid?bidder=verizonmedia&uid=y-wi7Y2GpE2uHxhOBQF9tXRG1mKuCKqg--~A&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=verizonmedia&uid=y-wi7Y2GpE2uHxhOBQF9tXRG1mKuCKqg--~A&gdpr=0
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
HTTP/1.1
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 04:47:38 GMT
AN-X-Request-Uuid
912befc5-7117-4587-b6a2-0ede65b6ec12
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
209.58.162.217; 209.58.162.217; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location
https://ib.adnxs.com/prebid/setuid?bidder=verizonmedia&uid=y-wi7Y2GpE2uHxhOBQF9tXRG1mKuCKqg--~A&gdpr=0
date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/58281/ Frame 2D0B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1kZ25EdndsRTJ1RXo3YnBSajlNdHVqR0xWXzRWcnNDVX5B&gdpr=0&gdpr_consent=&_origin=0
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=false&gdpr=0&gdpr_consent=&_origin=0
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58281/sync?redir=false&gdpr=0&gdpr_consent=&_origin=0
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Server
52.74.162.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ups.analytics.yahoo.com/ups/58281/sync?redir=false&gdpr=0&gdpr_consent=&_origin=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ebda
eb2.3lift.com/ Frame 2D0B
Redirect Chain
  • https://eb2.3lift.com/getuid?&gdpr=0&cmp_cs=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58382%2Fsync%3F_origin%3D0%26ums2%3D0%26redir%3Dtrue%26uid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://ups.analytics.yahoo.com/ups/58382/sync?_origin=0&ums2=0&redir=true&uid=4201761885516150637312&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/sync?px=1&gdpr=0&axid=y-xvKgUANE2uKHkyqQdhV4m1XDgWxRoqgP~A&ums2=1
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDIwMTc2MTg4NTUxNjE1MDYzNzMxMg%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/56613/ Frame 2D0B 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/56613/sync?_origin=0&gdpr=0&gdpr_consent=
Requested by
Host: service.idsync.analytics.yahoo.com
URL: https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=58301,57926,55936,55965,55938&referrer=pastelink.net&limit=12&us_privacy=&js=1&_origin=1&gdpr=0&euconsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.162.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/58456/ Frame 2D0B
Redirect Chain
  • https://ap.lijit.com/pixel?a=0&%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58456%2Fsync%3F_origin%3D0%26uid%3D%24UID
  • https://ap.lijit.com/pixel?a=0&%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58456%2Fsync%3F_origin%3D0%26uid%3D%24UID&sovrn_retry=true
  • https://ups.analytics.yahoo.com/ups/58456/sync?_origin=0&uid=GOvfJLZH4JgXwGfqTMmcn0Ag
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58456/sync?_origin=0&uid=GOvfJLZH4JgXwGfqTMmcn0Ag
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Server
52.74.162.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date
Tue, 28 Feb 2023 04:47:38 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ups.analytics.yahoo.com/ups/58456/sync?_origin=0&uid=GOvfJLZH4JgXwGfqTMmcn0Ag
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1sea1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
/
c1.adform.net/serving/cookie/match/ Frame 2D0B 		35 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match/?CC=1&party=15&gdpr=0&gdpr_consent=&curl=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55944%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3d0%26gdpr_consent%3d
Requested by
Host: service.idsync.analytics.yahoo.com
URL: https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=58301,57926,55936,55965,55938&referrer=pastelink.net&limit=12&us_privacy=&js=1&_origin=1&gdpr=0&euconsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
usermatch
ssum-sec.casalemedia.com/ Frame DDC9
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=175407&cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D&s=175407&C=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D&s=175407&C=1
Requested by
Host: service.idsync.analytics.yahoo.com
URL: https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=58301,57926,55936,55965,55938&referrer=pastelink.net&limit=12&us_privacy=&js=1&_origin=1&gdpr=0&euconsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
de1ece045b6dfcebd8b79656d7dceed989bc33b05b8f2427c74f5dc060e1bc26

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1809
Content-Type
text/html
Date
Tue, 28 Feb 2023 04:47:38 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Tue, 28 Feb 2023 04:47:38 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D&s=175407&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
sync
ups.analytics.yahoo.com/ups/58294/ Frame 2D0B
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58294%2Fsync%3F_origin%3D0%26gdpr%3D0%26gdpr_consent%3D...
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=0&gdpr=0&gdpr_consent=&uid=fa36b57f-8ad8-4299-88f9-800539bb5880
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=0&gdpr=0&gdpr_consent=&uid=fa36b57f-8ad8-4299-88f9-800539bb5880
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Server
52.74.162.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

date
Tue, 28 Feb 2023 04:47:37 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=0&gdpr=0&gdpr_consent=&uid=fa36b57f-8ad8-4299-88f9-800539bb5880
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
ups.analytics.yahoo.com/ups/58160/ Frame 2D0B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=oath&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=0&uid=LENRPG73-J-9NF0&gdpr=0
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=0&uid=LENRPG73-J-9NF0&gdpr=0
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Server
52.74.162.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=0&uid=LENRPG73-J-9NF0&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
Expires
0
sync
ups.analytics.yahoo.com/ups/58529/ Frame 2D0B
Redirect Chain
  • https://ads.yieldmo.com/verizonsync?&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58529/sync?uid=g5fa4fcc65dcdba85831&_origin=0&gdpr=0&gdpr_consent=
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58529/sync?uid=g5fa4fcc65dcdba85831&_origin=0&gdpr=0&gdpr_consent=
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Server
52.74.162.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:37 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://ups.analytics.yahoo.com/ups/58529/sync?uid=g5fa4fcc65dcdba85831&_origin=0&gdpr=0&gdpr_consent=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
sync
ups.analytics.yahoo.com/ups/58222/ Frame 2D0B
Redirect Chain
  • https://contextual.media.net/cksync.php?cs=3&type=vzn&ovsid=y-4I9.3u1E2uF6s3U6HgEwTe853YINtGGe~A&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58222%2Fsync%3F_origin%3...
  • https://ups.analytics.yahoo.com/ups/58222/sync?_origin=0&uid=3205612588092160000V10&gdpr=0&gdpr_consent=
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58222/sync?_origin=0&uid=3205612588092160000V10&gdpr=0&gdpr_consent=
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Server
52.74.162.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 28 Feb 2023 04:47:38 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://ups.analytics.yahoo.com/ups/58222/sync?_origin=0&uid=3205612588092160000V10&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Tue, 28 Feb 2023 04:47:38 GMT
sync
ups.analytics.yahoo.com/ups/58280/ Frame 2D0B
Redirect Chain
  • https://match.sharethrough.com/fUD7hqXV/v2?_origin=0
  • https://ups.analytics.yahoo.com/ups/58280/sync?uid=a0e1a3b3-5507-477b-86a5-c146387d462d&_origin=0
0
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58280/sync?uid=a0e1a3b3-5507-477b-86a5-c146387d462d&_origin=0
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Server
52.74.162.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58280/sync?uid=a0e1a3b3-5507-477b-86a5-c146387d462d&_origin=0
date
Tue, 28 Feb 2023 04:47:37 GMT
content-length
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2D0B 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
184f7e9267bf77e6df354fcbd8c87029012a59f9aa277fde93f376349ee0f0a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49360
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677501794595172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 28 Feb 2023 04:47:37 GMT
truncated
/ Frame EDD9 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cac1d05e82e4393ef6c051c1042f249c179999282a833e22c827846e1ab61b68

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 32EA 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_2HaQAGxm4KaONFAAdfMiUaNZYpHdvfim7_2A&u=%7CQM%2BOFsbANfpjDlCGQr7QH8PdalNBe%2Fo5aPLBLA9wJOM%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uQoY01BbuO_YWcpTssNRl07V3bvaUTG35PnnPfsSbytuY0OBePIi-_ON8y34rToh8NxF3Ut1OHc8gT3HfGlrsUqvUDfEt8om06PL3B8aKaFwasssAHm3m23hkD_rSKCfXsxWo59e-7SGXEJIZX7dDNBjPxNtiUZiC210X_TCM8JiVGkM3FNliDHen3zh6i8BPhWQuThgsfXh1eJ4wiFP2oIUuQgDEAmUc7Rjez3PMsmdl-5QE6u9Kj6TeHYYF8K6WDoRKHO6DDSWkh0AfxoyJYvCyEtMHh28Jg_KZGN2RJQtUdhFcY5CY9FClyuRAa-XXNBob-zzdU7rSFlV6Gm6n9lCN-7B8ilWk_6ob1kyk7KIRGib4oXhprswAq1xIm1gKgZzSeIrju5G-ryn6QXkTDRVclhu5CuCswMmKG5KK307pvPEOcQIyty7zefyyXx4x4HmWF6dp0Zza_S-NZpSoZK3Uulkt9f9RpqdmI81uyei-875k6S4Ek7khW03iRN5t87blLaT2acmcO8Y78EVZOhpAsJ_42cxAYHAgq5dC_nuGriHlH0fPN8olXDz7Q3L3rtmVFLXzSI4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJoZjaYf9Y-6MG8XGowOyvp3wDb3U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJ4AIAqAMBqgT2AU_QLzgGBueidtGWNjJRcHenh_uAPeR4D76h-hIgkz5g5dKqe6Ln9vbd6fg2biCPSaU4dGwke_FRscLKC5lWOtz4gLG0u42ZYW7IPwzlKuBtEHuacAmMzflz4GjaAM5sk7VwwlRmF5gZkXCoE57tljaskHLFQ8Wtp0ImP3Yg2tozgccfKWmihFUAhOmWu7HOYw7zPvev88qOcMipvZdCZjrWuUwIvnFe-mcn3M-pOzzmQkN3w1W4shKwKIe3mfdV8ScfiUdYT2x1tEsreIOQ5vYQrJm1jNVph1Sg7dLjES9NfNIIk-mEg9VW8VMKbwjrjb198mKFwOAEAYAGop-suvamgpJjoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3466K0vFS_v8TEudGogMFHBXEkvQ%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Feb 2024 04:47:37 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 32EA 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_2HaQAGxm4KaONFAAdfMiUaNZYpHdvfim7_2A&u=%7CQM%2BOFsbANfpjDlCGQr7QH8PdalNBe%2Fo5aPLBLA9wJOM%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uQoY01BbuO_YWcpTssNRl07V3bvaUTG35PnnPfsSbytuY0OBePIi-_ON8y34rToh8NxF3Ut1OHc8gT3HfGlrsUqvUDfEt8om06PL3B8aKaFwasssAHm3m23hkD_rSKCfXsxWo59e-7SGXEJIZX7dDNBjPxNtiUZiC210X_TCM8JiVGkM3FNliDHen3zh6i8BPhWQuThgsfXh1eJ4wiFP2oIUuQgDEAmUc7Rjez3PMsmdl-5QE6u9Kj6TeHYYF8K6WDoRKHO6DDSWkh0AfxoyJYvCyEtMHh28Jg_KZGN2RJQtUdhFcY5CY9FClyuRAa-XXNBob-zzdU7rSFlV6Gm6n9lCN-7B8ilWk_6ob1kyk7KIRGib4oXhprswAq1xIm1gKgZzSeIrju5G-ryn6QXkTDRVclhu5CuCswMmKG5KK307pvPEOcQIyty7zefyyXx4x4HmWF6dp0Zza_S-NZpSoZK3Uulkt9f9RpqdmI81uyei-875k6S4Ek7khW03iRN5t87blLaT2acmcO8Y78EVZOhpAsJ_42cxAYHAgq5dC_nuGriHlH0fPN8olXDz7Q3L3rtmVFLXzSI4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJoZjaYf9Y-6MG8XGowOyvp3wDb3U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJ4AIAqAMBqgT2AU_QLzgGBueidtGWNjJRcHenh_uAPeR4D76h-hIgkz5g5dKqe6Ln9vbd6fg2biCPSaU4dGwke_FRscLKC5lWOtz4gLG0u42ZYW7IPwzlKuBtEHuacAmMzflz4GjaAM5sk7VwwlRmF5gZkXCoE57tljaskHLFQ8Wtp0ImP3Yg2tozgccfKWmihFUAhOmWu7HOYw7zPvev88qOcMipvZdCZjrWuUwIvnFe-mcn3M-pOzzmQkN3w1W4shKwKIe3mfdV8ScfiUdYT2x1tEsreIOQ5vYQrJm1jNVph1Sg7dLjES9NfNIIk-mEg9VW8VMKbwjrjb198mKFwOAEAYAGop-suvamgpJjoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3466K0vFS_v8TEudGogMFHBXEkvQ%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Feb 2024 04:47:37 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 32EA 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_2HaQAGxm4KaONFAAdfMiUaNZYpHdvfim7_2A&u=%7CQM%2BOFsbANfpjDlCGQr7QH8PdalNBe%2Fo5aPLBLA9wJOM%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uQoY01BbuO_YWcpTssNRl07V3bvaUTG35PnnPfsSbytuY0OBePIi-_ON8y34rToh8NxF3Ut1OHc8gT3HfGlrsUqvUDfEt8om06PL3B8aKaFwasssAHm3m23hkD_rSKCfXsxWo59e-7SGXEJIZX7dDNBjPxNtiUZiC210X_TCM8JiVGkM3FNliDHen3zh6i8BPhWQuThgsfXh1eJ4wiFP2oIUuQgDEAmUc7Rjez3PMsmdl-5QE6u9Kj6TeHYYF8K6WDoRKHO6DDSWkh0AfxoyJYvCyEtMHh28Jg_KZGN2RJQtUdhFcY5CY9FClyuRAa-XXNBob-zzdU7rSFlV6Gm6n9lCN-7B8ilWk_6ob1kyk7KIRGib4oXhprswAq1xIm1gKgZzSeIrju5G-ryn6QXkTDRVclhu5CuCswMmKG5KK307pvPEOcQIyty7zefyyXx4x4HmWF6dp0Zza_S-NZpSoZK3Uulkt9f9RpqdmI81uyei-875k6S4Ek7khW03iRN5t87blLaT2acmcO8Y78EVZOhpAsJ_42cxAYHAgq5dC_nuGriHlH0fPN8olXDz7Q3L3rtmVFLXzSI4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJoZjaYf9Y-6MG8XGowOyvp3wDb3U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJ4AIAqAMBqgT2AU_QLzgGBueidtGWNjJRcHenh_uAPeR4D76h-hIgkz5g5dKqe6Ln9vbd6fg2biCPSaU4dGwke_FRscLKC5lWOtz4gLG0u42ZYW7IPwzlKuBtEHuacAmMzflz4GjaAM5sk7VwwlRmF5gZkXCoE57tljaskHLFQ8Wtp0ImP3Yg2tozgccfKWmihFUAhOmWu7HOYw7zPvev88qOcMipvZdCZjrWuUwIvnFe-mcn3M-pOzzmQkN3w1W4shKwKIe3mfdV8ScfiUdYT2x1tEsreIOQ5vYQrJm1jNVph1Sg7dLjES9NfNIIk-mEg9VW8VMKbwjrjb198mKFwOAEAYAGop-suvamgpJjoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3466K0vFS_v8TEudGogMFHBXEkvQ%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 23 Feb 2024 04:47:37 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 32EA 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_2HaQAGxm4KaONFAAdfMiUaNZYpHdvfim7_2A&u=%7CQM%2BOFsbANfpjDlCGQr7QH8PdalNBe%2Fo5aPLBLA9wJOM%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uQoY01BbuO_YWcpTssNRl07V3bvaUTG35PnnPfsSbytuY0OBePIi-_ON8y34rToh8NxF3Ut1OHc8gT3HfGlrsUqvUDfEt8om06PL3B8aKaFwasssAHm3m23hkD_rSKCfXsxWo59e-7SGXEJIZX7dDNBjPxNtiUZiC210X_TCM8JiVGkM3FNliDHen3zh6i8BPhWQuThgsfXh1eJ4wiFP2oIUuQgDEAmUc7Rjez3PMsmdl-5QE6u9Kj6TeHYYF8K6WDoRKHO6DDSWkh0AfxoyJYvCyEtMHh28Jg_KZGN2RJQtUdhFcY5CY9FClyuRAa-XXNBob-zzdU7rSFlV6Gm6n9lCN-7B8ilWk_6ob1kyk7KIRGib4oXhprswAq1xIm1gKgZzSeIrju5G-ryn6QXkTDRVclhu5CuCswMmKG5KK307pvPEOcQIyty7zefyyXx4x4HmWF6dp0Zza_S-NZpSoZK3Uulkt9f9RpqdmI81uyei-875k6S4Ek7khW03iRN5t87blLaT2acmcO8Y78EVZOhpAsJ_42cxAYHAgq5dC_nuGriHlH0fPN8olXDz7Q3L3rtmVFLXzSI4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJoZjaYf9Y-6MG8XGowOyvp3wDb3U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJ4AIAqAMBqgT2AU_QLzgGBueidtGWNjJRcHenh_uAPeR4D76h-hIgkz5g5dKqe6Ln9vbd6fg2biCPSaU4dGwke_FRscLKC5lWOtz4gLG0u42ZYW7IPwzlKuBtEHuacAmMzflz4GjaAM5sk7VwwlRmF5gZkXCoE57tljaskHLFQ8Wtp0ImP3Yg2tozgccfKWmihFUAhOmWu7HOYw7zPvev88qOcMipvZdCZjrWuUwIvnFe-mcn3M-pOzzmQkN3w1W4shKwKIe3mfdV8ScfiUdYT2x1tEsreIOQ5vYQrJm1jNVph1Sg7dLjES9NfNIIk-mEg9VW8VMKbwjrjb198mKFwOAEAYAGop-suvamgpJjoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3466K0vFS_v8TEudGogMFHBXEkvQ%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 23 Feb 2024 04:47:37 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 32EA 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=xn8eTEidIvtH5iFnR4Zd_vkC0ccjo76ctaECYazw7JNrzT-j65XzgqfHNt95Pos-xIESSPSiUnPTBfFY5S-HKN9swEsdrv_cTfyNUXL2tDIQR148-7BkMwacv1NUDjXN1ZEyoZ-S36INm-wncnCbm5tS9jCQX192kVuoQV7INYRsBBXb9JN8KVklYpsQa-BBbA2FLjMYad6gRu1t2u8f5SEnzfx3yRmVF9YcyXv75NVKKhzI9uxEi7BL5DtzztTHEQl2vRnCdwylVUUkYenrefNNvk8pW3DJsUaVrs3Un7pNq2WNETGNI4cQ2Z-X6WQSR5C6hoH5ojLpuySYz4lOnkf1u6c8n5lxY7hsz_ES8HWbvPIgeTEXeoJ5xdERiSs__gqOz5qZJ9WTnvN6NnGSYbVKmiaZlVr16HMGXXImNVpclDdnQnr5zp9GTGdlu39t7K5WQw
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_2HaQAGxm4KaONFAAdfMiUaNZYpHdvfim7_2A&u=%7CQM%2BOFsbANfpjDlCGQr7QH8PdalNBe%2Fo5aPLBLA9wJOM%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uQoY01BbuO_YWcpTssNRl07V3bvaUTG35PnnPfsSbytuY0OBePIi-_ON8y34rToh8NxF3Ut1OHc8gT3HfGlrsUqvUDfEt8om06PL3B8aKaFwasssAHm3m23hkD_rSKCfXsxWo59e-7SGXEJIZX7dDNBjPxNtiUZiC210X_TCM8JiVGkM3FNliDHen3zh6i8BPhWQuThgsfXh1eJ4wiFP2oIUuQgDEAmUc7Rjez3PMsmdl-5QE6u9Kj6TeHYYF8K6WDoRKHO6DDSWkh0AfxoyJYvCyEtMHh28Jg_KZGN2RJQtUdhFcY5CY9FClyuRAa-XXNBob-zzdU7rSFlV6Gm6n9lCN-7B8ilWk_6ob1kyk7KIRGib4oXhprswAq1xIm1gKgZzSeIrju5G-ryn6QXkTDRVclhu5CuCswMmKG5KK307pvPEOcQIyty7zefyyXx4x4HmWF6dp0Zza_S-NZpSoZK3Uulkt9f9RpqdmI81uyei-875k6S4Ek7khW03iRN5t87blLaT2acmcO8Y78EVZOhpAsJ_42cxAYHAgq5dC_nuGriHlH0fPN8olXDz7Q3L3rtmVFLXzSI4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJoZjaYf9Y-6MG8XGowOyvp3wDb3U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJ4AIAqAMBqgT2AU_QLzgGBueidtGWNjJRcHenh_uAPeR4D76h-hIgkz5g5dKqe6Ln9vbd6fg2biCPSaU4dGwke_FRscLKC5lWOtz4gLG0u42ZYW7IPwzlKuBtEHuacAmMzflz4GjaAM5sk7VwwlRmF5gZkXCoE57tljaskHLFQ8Wtp0ImP3Yg2tozgccfKWmihFUAhOmWu7HOYw7zPvev88qOcMipvZdCZjrWuUwIvnFe-mcn3M-pOzzmQkN3w1W4shKwKIe3mfdV8ScfiUdYT2x1tEsreIOQ5vYQrJm1jNVph1Sg7dLjES9NfNIIk-mEg9VW8VMKbwjrjb198mKFwOAEAYAGop-suvamgpJjoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3466K0vFS_v8TEudGogMFHBXEkvQ%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
7606588
expires
Mon, 26 Jul 1997 05:00:00 GMT
396c5a96b2744665a4ab15ab106665fc_image_ad_300x250.gif
static.criteo.net/design/dt/81802/230220/ Frame 32EA 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/81802/230220/396c5a96b2744665a4ab15ab106665fc_image_ad_300x250.gif
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_2HaQAGxm4KaONFAAdfMiUaNZYpHdvfim7_2A&u=%7CQM%2BOFsbANfpjDlCGQr7QH8PdalNBe%2Fo5aPLBLA9wJOM%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uQoY01BbuO_YWcpTssNRl07V3bvaUTG35PnnPfsSbytuY0OBePIi-_ON8y34rToh8NxF3Ut1OHc8gT3HfGlrsUqvUDfEt8om06PL3B8aKaFwasssAHm3m23hkD_rSKCfXsxWo59e-7SGXEJIZX7dDNBjPxNtiUZiC210X_TCM8JiVGkM3FNliDHen3zh6i8BPhWQuThgsfXh1eJ4wiFP2oIUuQgDEAmUc7Rjez3PMsmdl-5QE6u9Kj6TeHYYF8K6WDoRKHO6DDSWkh0AfxoyJYvCyEtMHh28Jg_KZGN2RJQtUdhFcY5CY9FClyuRAa-XXNBob-zzdU7rSFlV6Gm6n9lCN-7B8ilWk_6ob1kyk7KIRGib4oXhprswAq1xIm1gKgZzSeIrju5G-ryn6QXkTDRVclhu5CuCswMmKG5KK307pvPEOcQIyty7zefyyXx4x4HmWF6dp0Zza_S-NZpSoZK3Uulkt9f9RpqdmI81uyei-875k6S4Ek7khW03iRN5t87blLaT2acmcO8Y78EVZOhpAsJ_42cxAYHAgq5dC_nuGriHlH0fPN8olXDz7Q3L3rtmVFLXzSI4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJoZjaYf9Y-6MG8XGowOyvp3wDb3U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJ4AIAqAMBqgT2AU_QLzgGBueidtGWNjJRcHenh_uAPeR4D76h-hIgkz5g5dKqe6Ln9vbd6fg2biCPSaU4dGwke_FRscLKC5lWOtz4gLG0u42ZYW7IPwzlKuBtEHuacAmMzflz4GjaAM5sk7VwwlRmF5gZkXCoE57tljaskHLFQ8Wtp0ImP3Yg2tozgccfKWmihFUAhOmWu7HOYw7zPvev88qOcMipvZdCZjrWuUwIvnFe-mcn3M-pOzzmQkN3w1W4shKwKIe3mfdV8ScfiUdYT2x1tEsreIOQ5vYQrJm1jNVph1Sg7dLjES9NfNIIk-mEg9VW8VMKbwjrjb198mKFwOAEAYAGop-suvamgpJjoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3466K0vFS_v8TEudGogMFHBXEkvQ%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
01e1f7fd45eb292a1bd3017cdd9c6db612c8b71fc7867c4a8404abb651f86f15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 20 Feb 2023 17:59:52 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"63f3b518-974c"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
38732
expires
Fri, 23 Feb 2024 04:47:37 GMT
container.html
3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4CC6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Feb 2023 04:47:36 GMT
expires
Wed, 28 Feb 2024 04:47:36 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 6D35 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstFmP_5xV0-jvNcVrghDM7b_DzJAvmKPcmpJwu08SIDdv0eaBROaF9q-FCObTS4nvAjBiCtSkMkX3bc6lepUTVgPlrC2DCtQcHZ-dyc4SOtcI138KQGwON-EImv_4KQtfxEQQVxtqSIXL5_E8NhqJkAevSsRg&sai=AMfl-YSVoBzSEJ_4joMEIfCW8NBI6Xh3x1qx6HbQZILUqNGfVrj865ziM7tpM25gA8wm5YztrvvUPy9WpaB5rNrPqQGllvyNXHNgVijNzQ&sig=Cg0ArKJSzNcHA_cvCdsTEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=210&vt=11&dtpt=209&dett=2&cstd=0&cisv=r20230223.70252&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/B28320074.349771445;dc_ver=95.280;dc_eid=40004001;sz=300x250;u_sd=1;gdpr=0;dc_adk=2114194144;ord=p82mzf;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a969df9017979eb7899f1347b2e0090%26n%3DYahoo%2BSSP%26id%3D4785f59d1823405f9dd2634cefa3dbc1%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a96914b017979eb7c3bf134c4010092%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1677559655930%26rts%3D1677559655832%26ari%3Db581292306f942459e4a3808a8bf16aa%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3D6f8480ae-a75b-4da5-a1a2-4e8dee4d1ddf%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2FOMG4NKwLXhxIB1Z0VB8r_3c9GhMzwqOJKdCe1iQxd3newjzU3ZkW8Ot-xerTs9hSEsqNaP0UC3RQbxpolEmY8pnBGxlhavoIactnoGIHiscoEkTySO4bYskbLE1w-PbZSb3fHKsDKk_HfYheNq4a9DkAQOhl7VcBpc4JAmJ8EoE5Qv9rGECVx_yDsypiM1-g2v-MLccangD7V_6Ls82nui8MNPxc3rJLiefxgPRPtCQTw3ZFj8e6hGhVOR7a335AgKecb3jwg2ZrXGPjwKthS1UNhB1TZFIXC1Vpt1nfxiPdMtwVe8PiLA%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpastelink.net%2Fo3zyl3g7$0;xdt=0;crlt=*yNZxi*WdE;gcsr=m;stc=1;chaa=1;sttr=36;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 28 Feb 2023 04:47:37 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6D35 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssR_4g-xZUwx36IkMxBlROGiKze7HpvpSs_swSzczNNN2dKY9V87Z76v4KbrJpNJsj0ZQWATF5er81xyNZEyYb3Z1DCLJiugxo2S42bwojz7_vKuI8-BVg2h4qhZBcncPASlIQDE1QZxH6UnDljGKamz88jwmAr2iIiF7WIlvM2pfVylUMYqv41ikykfOtvHFaWpX2oN2PXvErZQNlG2wmGJHexDUSKVmup0G2qkCG09lzE0E5q7iL8rO1c0JOOrKyda6rp64evlR23IBZFiahX15tUGckNkAKBLZY8NTn0NJM2jRUbhXpKsM4DUYsxNGkm-5wagWtikHjFzMD8ft6dn80&sai=AMfl-YRv4lLTpkRwlciMPURLEBlH97BJ1ftvcuQ8d1zIymFc054--5_iEd6CjjrVEnqDs2RoKCimTAy6-MXauCc4BkNdk-Ix9FiU5m67JLpQtMk874A8NsASstK00zcqDiby3pHntqMA9uSgrW6iGsk&sig=Cg0ArKJSzBXbRaAGhR9TEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 28 Feb 2023 04:47:37 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2D0B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsueKtns6uCDKk8Rwq1y4Z7x2mzHEBcq_alrTgkMT5zBLtr0Y85Pq0kslsm54edCarbqw22HnbL7Pz3LQhiYGqjNlI3hQ2iBktcNZh70ztPtbeFvSGMdEmIP6svrhx3srDblpgy7IxniwJTXFYab93ZX43ieAw&sai=AMfl-YQDUYqTr28tvOxh2nU-ROVll8pJhN9R5xivaHTav9CknsDMWm6GlIJ6I24Kp9I9c96YtcJjOstqdtn0eYFWfDuRZ8Ui4lRZ4g1axQ&sig=Cg0ArKJSzNwXaFh5SQ_3EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=197&vt=11&dtpt=196&dett=2&cstd=0&cisv=r20230223.40128&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/B28320074.346964946;dc_ver=95.280;sz=300x250;u_sd=1;gdpr=0;dc_adk=635666931;rc=1;ord=b7qche;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3D96227314da594cfdb4b43761e06a2988%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a969df9017979eb7899f132c763008f%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1677559655935%26rts%3D1677559655830%26ari%3D75314503184548edbd7ed305d6a447cc%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3D58180ade-aa41-474d-a801-8ee8d1d71032%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2Fy-FWMpFMoWb1sYsV1jfLcp7F80fdnxtF6IygPRt3BhB8NFdIDMkO65Mld84KNkL2thzlWRVpExgdU_5CCCHSuObBYpDG389C3-kLg4L6Gtv-6_mHmDfJA6_QV4b0u-ZvxrJfoN7b8f_A0CJKud8upKG0Gc8IBn0ILN76fElyNRkk3zYJemFulag9qVGboUaRgIyv9IwQ06nz-fDDPIYVh8xeoIfTWOSnoi_6OPv3j8rFReq0IsILC89EFLuRTa2KBiKl_Th1n_2jywc26BrBtV7HotnD-vb-oQZArdeprB4%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpastelink.net%2Fo3zyl3g7$0;xdt=0;crlt=*yNZxi*WdE;gcsr=m;stc=1;chaa=1;sttr=38;rcsrc=h;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 28 Feb 2023 04:47:37 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2D0B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsthfTncNRL7FaVXc7biE6k_VKeH6GCoBvtb1eHNyn3t0Oa9pArhbACf2rAPA7_lcb136EcyLG_hyfyd62m6mPI4D10o7YOBJi6LHvL2F81hNa5CjD2lL2Mp_9o1b3zXj0JMSkmKlC13ClTTXX-W6dAUDL6-kb1BB6XsB38Iu3CQkLF-Wgys8AUXuxJWZ-MWDPLZy0DdikzNGdRu-lYOZ7u17G1HcrpT02Pcvt9eqVPu-HxCNaUULI4TGAm2Sqqsb7hvj4jjFS2Uj1uKL3sKuExWnv4kdo6azk3mnFE-5KOivpQij6nemzyvqYuxspLNwmm4BOm_4Ub1LvScM9H7G4NDkjY&sai=AMfl-YS9WSYuyZjsKwFqSX9_4SLw5EL0iuICUWqyGeypv915n74XkeBfqJst40V12UKgAlEWDpLfUYw21uO3oYP-dk4uN8Qny9NOM34XJFOULXw4RtzuC4cE0EJF9dS0YQYHQo4cveR8CSBW6j5XD4c&sig=Cg0ArKJSzKuTX9A02ILUEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 28 Feb 2023 04:47:37 GMT
all
csm.as.criteo.net/ Frame 32EA 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=W_Db30Fj8ZQWIixj_91KriWZdPGaDa4ofJccmlNjAY_6DmaA26YTDN0pKisE1FZwp_pgxpK_Z9Hh_cyYueZ-0Hr9mqWioKribXs4QCloBzknGNyDeLtG8uBpPBEJVICCDBLIG1iv1p_k-pLm0hHCu8fngEPZagWdxwVuCJ0e2IjsuGu2I5B9ud2T2X5D-uAqLyGS2xdymDTyxDUk7x3XWiBEG64mmiMoLRLaugeSykx87ivQSSP1dZAbeptReE1C767H2A&sds=2&rev=84953&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_2HaQAGxm4KaONFAAdfMiUaNZYpHdvfim7_2A&u=%7CQM%2BOFsbANfpjDlCGQr7QH8PdalNBe%2Fo5aPLBLA9wJOM%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uQoY01BbuO_YWcpTssNRl07V3bvaUTG35PnnPfsSbytuY0OBePIi-_ON8y34rToh8NxF3Ut1OHc8gT3HfGlrsUqvUDfEt8om06PL3B8aKaFwasssAHm3m23hkD_rSKCfXsxWo59e-7SGXEJIZX7dDNBjPxNtiUZiC210X_TCM8JiVGkM3FNliDHen3zh6i8BPhWQuThgsfXh1eJ4wiFP2oIUuQgDEAmUc7Rjez3PMsmdl-5QE6u9Kj6TeHYYF8K6WDoRKHO6DDSWkh0AfxoyJYvCyEtMHh28Jg_KZGN2RJQtUdhFcY5CY9FClyuRAa-XXNBob-zzdU7rSFlV6Gm6n9lCN-7B8ilWk_6ob1kyk7KIRGib4oXhprswAq1xIm1gKgZzSeIrju5G-ryn6QXkTDRVclhu5CuCswMmKG5KK307pvPEOcQIyty7zefyyXx4x4HmWF6dp0Zza_S-NZpSoZK3Uulkt9f9RpqdmI81uyei-875k6S4Ek7khW03iRN5t87blLaT2acmcO8Y78EVZOhpAsJ_42cxAYHAgq5dC_nuGriHlH0fPN8olXDz7Q3L3rtmVFLXzSI4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJoZjaYf9Y-6MG8XGowOyvp3wDb3U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJ4AIAqAMBqgT2AU_QLzgGBueidtGWNjJRcHenh_uAPeR4D76h-hIgkz5g5dKqe6Ln9vbd6fg2biCPSaU4dGwke_FRscLKC5lWOtz4gLG0u42ZYW7IPwzlKuBtEHuacAmMzflz4GjaAM5sk7VwwlRmF5gZkXCoE57tljaskHLFQ8Wtp0ImP3Yg2tozgccfKWmihFUAhOmWu7HOYw7zPvev88qOcMipvZdCZjrWuUwIvnFe-mcn3M-pOzzmQkN3w1W4shKwKIe3mfdV8ScfiUdYT2x1tEsreIOQ5vYQrJm1jNVph1Sg7dLjES9NfNIIk-mEg9VW8VMKbwjrjb198mKFwOAEAYAGop-suvamgpJjoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3466K0vFS_v8TEudGogMFHBXEkvQ%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
privacy.svg
static.criteo.net/flash/icon/ Frame 32EA 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_2HaQAGxm4KaONFAAdfMiUaNZYpHdvfim7_2A&u=%7CQM%2BOFsbANfpjDlCGQr7QH8PdalNBe%2Fo5aPLBLA9wJOM%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uQoY01BbuO_YWcpTssNRl07V3bvaUTG35PnnPfsSbytuY0OBePIi-_ON8y34rToh8NxF3Ut1OHc8gT3HfGlrsUqvUDfEt8om06PL3B8aKaFwasssAHm3m23hkD_rSKCfXsxWo59e-7SGXEJIZX7dDNBjPxNtiUZiC210X_TCM8JiVGkM3FNliDHen3zh6i8BPhWQuThgsfXh1eJ4wiFP2oIUuQgDEAmUc7Rjez3PMsmdl-5QE6u9Kj6TeHYYF8K6WDoRKHO6DDSWkh0AfxoyJYvCyEtMHh28Jg_KZGN2RJQtUdhFcY5CY9FClyuRAa-XXNBob-zzdU7rSFlV6Gm6n9lCN-7B8ilWk_6ob1kyk7KIRGib4oXhprswAq1xIm1gKgZzSeIrju5G-ryn6QXkTDRVclhu5CuCswMmKG5KK307pvPEOcQIyty7zefyyXx4x4HmWF6dp0Zza_S-NZpSoZK3Uulkt9f9RpqdmI81uyei-875k6S4Ek7khW03iRN5t87blLaT2acmcO8Y78EVZOhpAsJ_42cxAYHAgq5dC_nuGriHlH0fPN8olXDz7Q3L3rtmVFLXzSI4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJoZjaYf9Y-6MG8XGowOyvp3wDb3U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJ4AIAqAMBqgT2AU_QLzgGBueidtGWNjJRcHenh_uAPeR4D76h-hIgkz5g5dKqe6Ln9vbd6fg2biCPSaU4dGwke_FRscLKC5lWOtz4gLG0u42ZYW7IPwzlKuBtEHuacAmMzflz4GjaAM5sk7VwwlRmF5gZkXCoE57tljaskHLFQ8Wtp0ImP3Yg2tozgccfKWmihFUAhOmWu7HOYw7zPvev88qOcMipvZdCZjrWuUwIvnFe-mcn3M-pOzzmQkN3w1W4shKwKIe3mfdV8ScfiUdYT2x1tEsreIOQ5vYQrJm1jNVph1Sg7dLjES9NfNIIk-mEg9VW8VMKbwjrjb198mKFwOAEAYAGop-suvamgpJjoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3466K0vFS_v8TEudGogMFHBXEkvQ%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Feb 2024 04:47:37 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 4CC6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C6IWSaYf9Y9nCJcj6ogPJxJvIA73U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi0xNzUwODU2MjM5MjA0NDE0yAEJ4AIAqAMBqgTsAU_QSslvZVDWJZ_SKJ3KOsJGsPGoC4SUXER94IB4TmpsyYv7Zs4Gk0wCPvEfzeKmLMEIG3nseBvk50XgcZSh279UBhjMUBVkNEf_nWCNUlT5-mXhVJU9doQeFEPL44DF8kN0bBFGaNYNAvJeFNKAQ8ai9lBNc9vBFV6eAR_PBtnLx04bW941_hb-_kFvgVip8BL01rlRwjZrzCeP8zYcM1z8fphzDeGAcUlIfwnJEsW4cTGtYvD8uap_m9liRyWCM0TJ5Tbv_LlsVBRH_bBgIM9vrg4GsU7SH9xdd-RmEfo2H707qrB2h5F6DacV4AQBgAain6y69qaCkmOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKAfoLAggBgAwB0BUBgBcBshccChoSFHB1Yi0xNzUwODU2MjM5MjA0NDE0GPrefA&sigh=mpmZcPFUdN0&uach_m=[UACH]&cid=CAQSTADUE5ymWpc8mMY2zyewXHROpxa3eNmMBPmg0oNjYYDmzX9kgdZ33zFAQWLUe7P5qBIjRiNO2CVr5GzLB-2q61ZToRz6H0JyGzz6ky8YAQ
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 4CC6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kMWDFfezWawC-gHgvNldAgAAABhMXkAqKIAjEGmH_WPDXmoEImGu3x23AAASAAAKDkFRVUREUVlCRFFFQkRR&wp=Y_2HaQAJYVkKaL1IAAbiSUaPxU6tckZbRiKYLQ
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::13 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
186771
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 8316 		52 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y_2HaQAJYVkKaL1IAAbiSUaPxU6tckZbRiKYLQ&u=%7CQM%2BOFsbANfqNmS00sUH%2FVo7RjCCrXBcnJlPD0b%2Fqjuw%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1b-HgoKGHcDU0erJYQXuDDktRIjkjFqfWyKMJGk5gDpy6sljjR310IIxBqHD1trGK9Wa5Jc5W_xceYVpKRzgYVEDx3kUeGG_dzUZb1ctxNWBe1R_W1pV6atajQVHAo_qdXPbhoEi-FlUaZGASykmylGl5XpfITfDy1ll9CkdXMGYALl5hqgQbRk0BUZGEEIgZYIC6heCIoJjIY40VY3a-8jM6FSM_hMn44mivCqLHH7eGQkER2BMqp3y9NbFEhz7iHh0RqdsZs4FVjYE5j-rTNAj_lZbWDZo9ArUCwSZijdvqWNLliJ3-PQG1F32pduuRuvJggcsRJZk8cG3wQDC_S6qBIw_9sk-r5xcbjTLS21cYJzR2jr9e39IVJDlJFNoP1HLqd9y1PeEwEotZkP23mAjR_yDoyKRCm9u67wGR4D2SUPoYZnpHrpI00Q_hiFopFBVDuWkol50CpEO2cZ7Ii1PROSw9wbhBSVkIk_rrvfczlicAfWPJh9DhANaas6l5z5xR32GuTQcygfGMa7VFUgxv4K_rBaLKLgOFs-bPx1ld6me4OZOanIJzNbCi_beaC&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmC1kaYf9Y9nCJcj6ogPJxJvIA73U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi0xNzUwODU2MjM5MjA0NDE0yAEJ4AIAqAMBqgTvAU_QSslvZVDWJZ_SKJ3KOsJGsPGoC4SUXER94IB4TmpsyYv7Zs4Gk0wCPvEfzeKmLMEIG3nseBvk50XgcZSh279UBhjMUBVkNEf_nWCNUlT5-mXhVJU9doQeFEPL44DF8kN0bBFGaNYNAvJeFNKAQ8ai9lBNc9vBFV6eAR_PBtnLx04bW941_hb-_kFvgVip8BL01rlRwjZrzCeP8zYcM1z8fphzDeGAcUlIfwnJEsW4cTGtYvD8uap_m9liRyWCM0TJ5Tbv_PtudYbGNh0O2mISH94pBLaYCNaofsp-gV3-MAjJFa5anxKUuMnvLH134AQBgAain6y69qaCkmOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Qi7_CJ_jiEP057_nwdMY9YVj4DQ%26client%3Dca-pub-1750856239204414%26adurl%3D
Requested by
Host: 3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com
URL: https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::15 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
6098754ee16daebcb0ada711f717b58cc46a4c1cfd709cc1223f2a60a62708c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 28 Feb 2023 04:47:37 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=lbia_0Fj8ZQWIixjzDEn02o43KwPnAcjzQoYQqyNnuEx5qrnSjjKZYL00pRuO5z0ltWodyfB7WuL4Xt9utENLssHvouAj1WSv3UgBLa8NNUhxCUXD4C-q7EmErvRpwn00gpytCb2XNtyVWCxvOm6RArnKyOggZBkXZDa7ggCQHLOJsHHMiK9xVoPYCc2kH9x9QGGTgORYEgqjNmofPXncQcgSemntSj6-ehZWYMBe_QttwlA7088INl00dkyhZsugj-pkA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
6106801
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 4CC6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com
URL: https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 23:01:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
20772
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Mar 2023 23:01:26 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 4CC6 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com
URL: https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 20:48:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
28726
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5959907985313552934
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Mar 2023 20:48:52 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4CC6 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com
URL: https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:06:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
477681
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 22 Feb 2024 16:06:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4CC6 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com
URL: https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
184f7e9267bf77e6df354fcbd8c87029012a59f9aa277fde93f376349ee0f0a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49360
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677501794595172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 28 Feb 2023 04:47:38 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2858 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFjvNjqWaBjo8_eibxRnkERK94DMuTZrNjbPd2_tWNaz8MvVtvMYE74MX-PWrf5KvZv3Bg2JuRHrg6KFtY4AxCnqVeVRalBXbL-SetGsnRsnYYseYOSxqg5VdaFP3WGyIrX3roTAHFfDcRTC8k2Wn_j2V4Y9Zz5dq0A8QpnjA-DT0H1IsIo-wt6ElV6QvQC_CqOlyhBuJnCdwsSQ7yLMXbFNR2Ev37cHUjRUyZhYrqXNPpF-thPeymuMsfloev-0C0yzpi0HLGlMVjumN5ccSZhrzvFQNe5svyssUug2CsmIb-jpf-B55x6LgBzHVzCp-dqmpVaccmJTEGlO_cvQ&sai=AMfl-YQl2o7m58Zy1YnweVF3Dw4SnW1UEx8SwVTzoVwYdNu_V34U-i13fDZISiI-Jg5ab_1BdV_tQXBRHGajUsozaQK5bdCgSJKWc8Ktm-vPwRjvZEQ_nyrn-l4TAoRl7EJ0n0v4IKGZhH7UrCQxEjM&sig=Cg0ArKJSzDPaSJkgkGdBEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
outbrain.js
widgets.outbrain.com/ Frame 2858 		195 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.241.105 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-241-105.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ade91296c87c0f63a6eba55019748f263e2ed8d0225b1e8cf7436e6e4bcf894a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:38 GMT
content-encoding
gzip
last-modified
Mon, 27 Feb 2023 09:39:06 GMT
etag
"24-aK4+lkkzUGbEVAbN7mdsKl4wwYM"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=14500
access-control-allow-credentials
false
x-traceid
a5526d00d6e2880a3234e665c0ab49aa
timing-allow-origin
*, *
content-length
71598
access-control-request-headers
X-OB-STG,X-OB-PRD
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2858 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
184f7e9267bf77e6df354fcbd8c87029012a59f9aa277fde93f376349ee0f0a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49360
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677501794595172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 28 Feb 2023 04:47:38 GMT
truncated
/ Frame 6D35 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd3f23d219f09c1818c8458fceb827a3184c2f5b731e90aefe5460ad72019aa7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 2D0B 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
46f90725442b7c19d4e83a29758a482d4cc8e237ff0ed205089e677cd14d32b2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame 1193 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvYdtC-kVJfL_EcMAktV_HrsP_-8fhVA8RlqQlMymmx5rNNQmmYKBmugrFHcqdHPFqr9UlSrSd-7JsC0cUwRbedOEg&sig=Cg0ArKJSzI-Co9HnGNemEAE&id=lidar2&mcvt=1057&p=1105,436,1195,1164&mtos=1057,1057,1057,1057,1057&tos=1057,0,0,0,0&v=20230227&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=759513158&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677559656941&rpt=84&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6836 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
555342
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 21 Feb 2023 18:31:56 GMT
expires
Wed, 21 Feb 2024 18:31:56 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame AA63 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
555342
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 21 Feb 2023 18:31:56 GMT
expires
Wed, 21 Feb 2024 18:31:56 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dcm
s.amazon-adsystem.com/ Frame 3AA9
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y_2Han7pZgUREwcC7NCsAgAAEuYAAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y_2Han7pZgUREwcC7NCsAgAAEuYAAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y_2Han7pZgUREwcC7NCsAgAAEuYAAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D&s=175407&C=1
Protocol
HTTP/1.1
Server
52.46.130.91 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 04:47:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
35M1V2VYCQ3J33T4K566
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 04:47:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
D8AQ2GV19PC2CM60ZDA8
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y_2Han7pZgUREwcC7NCsAgAAEuYAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 3AA9
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y-2Han7pZgUREwcC7NCsAgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELSlelmcnItNefMZb7x3AgA&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELSlelmcnItNefMZb7x3AgA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D&s=175407&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 04:47:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELSlelmcnItNefMZb7x3AgA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 3AA9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y_2Han7pZgUREwcC7NCsAgAAEuYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDXUYOxrSg-s1GjV51qkDWM&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDXUYOxrSg-s1GjV51qkDWM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D&s=175407&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 04:47:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDXUYOxrSg-s1GjV51qkDWM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 3AA9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8617581c-fe7a-45a1-88ea-d9c42be8be2e&expiration=1680151658&gdpr=0&gdpr_consent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8617581c-fe7a-45a1-88ea-d9c42be8be2e&expiration=1680151658&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D&s=175407&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 04:47:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:38 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8617581c-fe7a-45a1-88ea-d9c42be8be2e&expiration=1680151658&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
rum
dsum-sec.casalemedia.com/ Frame 3AA9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2880075393854299393
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2880075393854299393
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D&s=175407&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 04:47:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2880075393854299393
pragma
no-cache
date
Tue, 28 Feb 2023 04:47:38 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Y_2Han7pZgUREwcC7NCsAgAAEuYAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 3AA9 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y_2Han7pZgUREwcC7NCsAgAAEuYAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D&s=175407&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:da18:929:5a01:aca1:9a76:84d1:4d91 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 3AA9
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1693198058&external_user_id=86606a2e-a0c6-46ec-8593-6577f3f86e60
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1693198058&external_user_id=86606a2e-a0c6-46ec-8593-6577f3f86e60
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D&s=175407&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 04:47:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Tue, 28 Feb 2023 04:47:38 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1693198058&external_user_id=86606a2e-a0c6-46ec-8593-6577f3f86e60
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
Y_2Han7pZgUREwcC7NCsAgAAEuYAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 3AA9
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y_2Han7pZgUREwcC7NCsAgAAEuYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y_2Han7pZgUREwcC7NCsAgAAEuYAAAAB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y_2Han7pZgUREwcC7NCsAgAAEuYAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D&s=175407&C=1
Protocol
H2
Server
2406:da18:929:5a01:aca1:9a76:84d1:4d91 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y_2Han7pZgUREwcC7NCsAgAAEuYAAAAB
date
Tue, 28 Feb 2023 04:47:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Y_2Han7pZgUREwcC7NCsAgAAEuYAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 3AA9
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=0&redir2=true&uid=Y_2Han7pZgUREwcC7NCsAgAAEuYAAAAB
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y_2Han7pZgUREwcC7NCsAgAAEuYAAAAB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y_2Han7pZgUREwcC7NCsAgAAEuYAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D&s=175407&C=1
Protocol
H2
Server
2406:da18:929:5a01:aca1:9a76:84d1:4d91 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y_2Han7pZgUREwcC7NCsAgAAEuYAAAAB
date
Tue, 28 Feb 2023 04:47:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame DDC9
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7998148270748583470
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7998148270748583470
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D&s=175407&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 04:47:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

Date
Tue, 28 Feb 2023 04:47:38 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
209.58.162.217; 209.58.162.217; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
d787f278-82ad-493b-a294-0b17f5009233
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7998148270748583470
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame DDC9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=aad563fd-8769-4d00-956a-16a72f02942f
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=aad563fd-8769-4d00-956a-16a72f02942f
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D&s=175407&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 04:47:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Tue, 28 Feb 2023 04:47:38 GMT
Server
MT3 530 4e92630 master hkg-pixel-x26 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=aad563fd-8769-4d00-956a-16a72f02942f
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 28 Feb 2023 04:47:37 GMT
crum
dsum-sec.casalemedia.com/ Frame DDC9
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAE-B07H-w8AACCNFizZLg&expiration=1678769258
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAE-B07H-w8AACCNFizZLg&expiration=1678769258
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D&s=175407&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 04:47:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAE-B07H-w8AACCNFizZLg&expiration=1678769258
Date
Tue, 28 Feb 2023 04:47:38 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame DDC9
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y-2HagAAA2yuQQAh
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y-2HagAAA2yuQQAh&_test=Y-2HagAAA2yuQQAh
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y-2HagAAA2yuQQAh&_test=Y-2HagAAA2yuQQAh
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D&s=175407&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 04:47:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-bkk2310029-BKK
pragma
no-cache
date
Tue, 28 Feb 2023 04:47:38 GMT
via
1.1 varnish
server
Varnish
x-timer
S1677559659.569678,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y-2HagAAA2yuQQAh&_test=Y-2HagAAA2yuQQAh
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame DDC9
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y-2Han7pZgUREwcC7NCsAgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELSlelmcnItNefMZb7x3AgA&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELSlelmcnItNefMZb7x3AgA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D&s=175407&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 04:47:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELSlelmcnItNefMZb7x3AgA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Y_2Han7pZgUREwcC7NCsAgAAEuYAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame DDC9
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y_2Han7pZgUREwcC7NCsAgAAEuYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y_2Han7pZgUREwcC7NCsAgAAEuYAAAAB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y_2Han7pZgUREwcC7NCsAgAAEuYAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D&s=175407&C=1
Protocol
H2
Server
2406:da18:929:5a01:aca1:9a76:84d1:4d91 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y_2Han7pZgUREwcC7NCsAgAAEuYAAAAB
date
Tue, 28 Feb 2023 04:47:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame DDC9
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=index_exchange
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=206&external_user_id=Y-2HasCo8YMAADfxVEYAAAAA
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=206&external_user_id=Y-2HasCo8YMAADfxVEYAAAAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D&s=175407&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 04:47:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Tue, 28 Feb 2023 04:47:38 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=index_exchange","cluster_id":0,"gdpr":false,"ipv4":"209.58.162.217","key":"Y-2HasCo8YMAADfxVEYAAAAA","privacy_sensitive":false,"uid":"Y-2HasCo8YMAADfxVEYAAAAA","upstream_id":"m-ad125"}
X-SO-Key
Y-2HasCo8YMAADfxVEYAAAAA
X-SO-Upstream-ID
m-ad125
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
m-ad125.dc4p.scaleout.jp
X-SO-UID
Y-2HasCo8YMAADfxVEYAAAAA
Connection
keep-alive
Content-Length
0
X-SO-IP
209.58.162.217
X-SO-Cluster-ID
0
Server
nginx
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=206&external_user_id=Y-2HasCo8YMAADfxVEYAAAAA
Cache-Control
private
X-SO-Ads-Time
5
X-SO-LB-Hostname
m-tgng31.dc4p.scaleout.jp
crum
dsum-sec.casalemedia.com/ Frame DDC9
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=AB13E9F4CF804DFDB8BB2CF6FA17A233
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=AB13E9F4CF804DFDB8BB2CF6FA17A233
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D&s=175407&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 04:47:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Tue, 28 Feb 2023 04:47:38 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=AB13E9F4CF804DFDB8BB2CF6FA17A233
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 27 Feb 2023 04:47:38 GMT
Y_2Han7pZgUREwcC7NCsAgAAEuYAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame DDC9
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=0&redir2=true&uid=Y_2Han7pZgUREwcC7NCsAgAAEuYAAAAB
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y_2Han7pZgUREwcC7NCsAgAAEuYAAAAB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y_2Han7pZgUREwcC7NCsAgAAEuYAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D&s=175407&C=1
Protocol
H2
Server
2406:da18:929:5a01:aca1:9a76:84d1:4d91 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y_2Han7pZgUREwcC7NCsAgAAEuYAAAAB
date
Tue, 28 Feb 2023 04:47:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
privacy_small.svg
static.criteo.net/flash/icon/ Frame 8316 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_2HaQAJYVkKaL1IAAbiSUaPxU6tckZbRiKYLQ&u=%7CQM%2BOFsbANfqNmS00sUH%2FVo7RjCCrXBcnJlPD0b%2Fqjuw%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1b-HgoKGHcDU0erJYQXuDDktRIjkjFqfWyKMJGk5gDpy6sljjR310IIxBqHD1trGK9Wa5Jc5W_xceYVpKRzgYVEDx3kUeGG_dzUZb1ctxNWBe1R_W1pV6atajQVHAo_qdXPbhoEi-FlUaZGASykmylGl5XpfITfDy1ll9CkdXMGYALl5hqgQbRk0BUZGEEIgZYIC6heCIoJjIY40VY3a-8jM6FSM_hMn44mivCqLHH7eGQkER2BMqp3y9NbFEhz7iHh0RqdsZs4FVjYE5j-rTNAj_lZbWDZo9ArUCwSZijdvqWNLliJ3-PQG1F32pduuRuvJggcsRJZk8cG3wQDC_S6qBIw_9sk-r5xcbjTLS21cYJzR2jr9e39IVJDlJFNoP1HLqd9y1PeEwEotZkP23mAjR_yDoyKRCm9u67wGR4D2SUPoYZnpHrpI00Q_hiFopFBVDuWkol50CpEO2cZ7Ii1PROSw9wbhBSVkIk_rrvfczlicAfWPJh9DhANaas6l5z5xR32GuTQcygfGMa7VFUgxv4K_rBaLKLgOFs-bPx1ld6me4OZOanIJzNbCi_beaC&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmC1kaYf9Y9nCJcj6ogPJxJvIA73U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi0xNzUwODU2MjM5MjA0NDE0yAEJ4AIAqAMBqgTvAU_QSslvZVDWJZ_SKJ3KOsJGsPGoC4SUXER94IB4TmpsyYv7Zs4Gk0wCPvEfzeKmLMEIG3nseBvk50XgcZSh279UBhjMUBVkNEf_nWCNUlT5-mXhVJU9doQeFEPL44DF8kN0bBFGaNYNAvJeFNKAQ8ai9lBNc9vBFV6eAR_PBtnLx04bW941_hb-_kFvgVip8BL01rlRwjZrzCeP8zYcM1z8fphzDeGAcUlIfwnJEsW4cTGtYvD8uap_m9liRyWCM0TJ5Tbv_PtudYbGNh0O2mISH94pBLaYCNaofsp-gV3-MAjJFa5anxKUuMnvLH134AQBgAain6y69qaCkmOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Qi7_CJ_jiEP057_nwdMY9YVj4DQ%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Feb 2024 04:47:38 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 8316 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_2HaQAJYVkKaL1IAAbiSUaPxU6tckZbRiKYLQ&u=%7CQM%2BOFsbANfqNmS00sUH%2FVo7RjCCrXBcnJlPD0b%2Fqjuw%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1b-HgoKGHcDU0erJYQXuDDktRIjkjFqfWyKMJGk5gDpy6sljjR310IIxBqHD1trGK9Wa5Jc5W_xceYVpKRzgYVEDx3kUeGG_dzUZb1ctxNWBe1R_W1pV6atajQVHAo_qdXPbhoEi-FlUaZGASykmylGl5XpfITfDy1ll9CkdXMGYALl5hqgQbRk0BUZGEEIgZYIC6heCIoJjIY40VY3a-8jM6FSM_hMn44mivCqLHH7eGQkER2BMqp3y9NbFEhz7iHh0RqdsZs4FVjYE5j-rTNAj_lZbWDZo9ArUCwSZijdvqWNLliJ3-PQG1F32pduuRuvJggcsRJZk8cG3wQDC_S6qBIw_9sk-r5xcbjTLS21cYJzR2jr9e39IVJDlJFNoP1HLqd9y1PeEwEotZkP23mAjR_yDoyKRCm9u67wGR4D2SUPoYZnpHrpI00Q_hiFopFBVDuWkol50CpEO2cZ7Ii1PROSw9wbhBSVkIk_rrvfczlicAfWPJh9DhANaas6l5z5xR32GuTQcygfGMa7VFUgxv4K_rBaLKLgOFs-bPx1ld6me4OZOanIJzNbCi_beaC&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmC1kaYf9Y9nCJcj6ogPJxJvIA73U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi0xNzUwODU2MjM5MjA0NDE0yAEJ4AIAqAMBqgTvAU_QSslvZVDWJZ_SKJ3KOsJGsPGoC4SUXER94IB4TmpsyYv7Zs4Gk0wCPvEfzeKmLMEIG3nseBvk50XgcZSh279UBhjMUBVkNEf_nWCNUlT5-mXhVJU9doQeFEPL44DF8kN0bBFGaNYNAvJeFNKAQ8ai9lBNc9vBFV6eAR_PBtnLx04bW941_hb-_kFvgVip8BL01rlRwjZrzCeP8zYcM1z8fphzDeGAcUlIfwnJEsW4cTGtYvD8uap_m9liRyWCM0TJ5Tbv_PtudYbGNh0O2mISH94pBLaYCNaofsp-gV3-MAjJFa5anxKUuMnvLH134AQBgAain6y69qaCkmOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Qi7_CJ_jiEP057_nwdMY9YVj4DQ%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Feb 2024 04:47:38 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 8316 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_2HaQAJYVkKaL1IAAbiSUaPxU6tckZbRiKYLQ&u=%7CQM%2BOFsbANfqNmS00sUH%2FVo7RjCCrXBcnJlPD0b%2Fqjuw%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1b-HgoKGHcDU0erJYQXuDDktRIjkjFqfWyKMJGk5gDpy6sljjR310IIxBqHD1trGK9Wa5Jc5W_xceYVpKRzgYVEDx3kUeGG_dzUZb1ctxNWBe1R_W1pV6atajQVHAo_qdXPbhoEi-FlUaZGASykmylGl5XpfITfDy1ll9CkdXMGYALl5hqgQbRk0BUZGEEIgZYIC6heCIoJjIY40VY3a-8jM6FSM_hMn44mivCqLHH7eGQkER2BMqp3y9NbFEhz7iHh0RqdsZs4FVjYE5j-rTNAj_lZbWDZo9ArUCwSZijdvqWNLliJ3-PQG1F32pduuRuvJggcsRJZk8cG3wQDC_S6qBIw_9sk-r5xcbjTLS21cYJzR2jr9e39IVJDlJFNoP1HLqd9y1PeEwEotZkP23mAjR_yDoyKRCm9u67wGR4D2SUPoYZnpHrpI00Q_hiFopFBVDuWkol50CpEO2cZ7Ii1PROSw9wbhBSVkIk_rrvfczlicAfWPJh9DhANaas6l5z5xR32GuTQcygfGMa7VFUgxv4K_rBaLKLgOFs-bPx1ld6me4OZOanIJzNbCi_beaC&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmC1kaYf9Y9nCJcj6ogPJxJvIA73U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi0xNzUwODU2MjM5MjA0NDE0yAEJ4AIAqAMBqgTvAU_QSslvZVDWJZ_SKJ3KOsJGsPGoC4SUXER94IB4TmpsyYv7Zs4Gk0wCPvEfzeKmLMEIG3nseBvk50XgcZSh279UBhjMUBVkNEf_nWCNUlT5-mXhVJU9doQeFEPL44DF8kN0bBFGaNYNAvJeFNKAQ8ai9lBNc9vBFV6eAR_PBtnLx04bW941_hb-_kFvgVip8BL01rlRwjZrzCeP8zYcM1z8fphzDeGAcUlIfwnJEsW4cTGtYvD8uap_m9liRyWCM0TJ5Tbv_PtudYbGNh0O2mISH94pBLaYCNaofsp-gV3-MAjJFa5anxKUuMnvLH134AQBgAain6y69qaCkmOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Qi7_CJ_jiEP057_nwdMY9YVj4DQ%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:38 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 23 Feb 2024 04:47:38 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 8316 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_2HaQAJYVkKaL1IAAbiSUaPxU6tckZbRiKYLQ&u=%7CQM%2BOFsbANfqNmS00sUH%2FVo7RjCCrXBcnJlPD0b%2Fqjuw%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1b-HgoKGHcDU0erJYQXuDDktRIjkjFqfWyKMJGk5gDpy6sljjR310IIxBqHD1trGK9Wa5Jc5W_xceYVpKRzgYVEDx3kUeGG_dzUZb1ctxNWBe1R_W1pV6atajQVHAo_qdXPbhoEi-FlUaZGASykmylGl5XpfITfDy1ll9CkdXMGYALl5hqgQbRk0BUZGEEIgZYIC6heCIoJjIY40VY3a-8jM6FSM_hMn44mivCqLHH7eGQkER2BMqp3y9NbFEhz7iHh0RqdsZs4FVjYE5j-rTNAj_lZbWDZo9ArUCwSZijdvqWNLliJ3-PQG1F32pduuRuvJggcsRJZk8cG3wQDC_S6qBIw_9sk-r5xcbjTLS21cYJzR2jr9e39IVJDlJFNoP1HLqd9y1PeEwEotZkP23mAjR_yDoyKRCm9u67wGR4D2SUPoYZnpHrpI00Q_hiFopFBVDuWkol50CpEO2cZ7Ii1PROSw9wbhBSVkIk_rrvfczlicAfWPJh9DhANaas6l5z5xR32GuTQcygfGMa7VFUgxv4K_rBaLKLgOFs-bPx1ld6me4OZOanIJzNbCi_beaC&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmC1kaYf9Y9nCJcj6ogPJxJvIA73U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi0xNzUwODU2MjM5MjA0NDE0yAEJ4AIAqAMBqgTvAU_QSslvZVDWJZ_SKJ3KOsJGsPGoC4SUXER94IB4TmpsyYv7Zs4Gk0wCPvEfzeKmLMEIG3nseBvk50XgcZSh279UBhjMUBVkNEf_nWCNUlT5-mXhVJU9doQeFEPL44DF8kN0bBFGaNYNAvJeFNKAQ8ai9lBNc9vBFV6eAR_PBtnLx04bW941_hb-_kFvgVip8BL01rlRwjZrzCeP8zYcM1z8fphzDeGAcUlIfwnJEsW4cTGtYvD8uap_m9liRyWCM0TJ5Tbv_PtudYbGNh0O2mISH94pBLaYCNaofsp-gV3-MAjJFa5anxKUuMnvLH134AQBgAain6y69qaCkmOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Qi7_CJ_jiEP057_nwdMY9YVj4DQ%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:38 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 23 Feb 2024 04:47:38 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 8316 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=WBjxox2tFA_jnKwKJnNeivreBRkazOy2nJUDzQ4VD2Mf2wrIJ01Gu904kco15IqwBdDiwM5zNXIlgIideXIk8JI9Z5hA4m3IUmq6wv93dGAAtfm_LTia_b96GhElYgH5VqOhlA4TwLrLd245yvyLpzG-f0oQRntahx8D61v292byj6KefnIU4ZVExbjqg-kQfZOWBZreKTfJLU9_eeJ2bACaHlmNNkjKEKiTZWYkhUWSnCkrJZrycjeoRuTgh0ZtCcPrKKptAzNKeaqrb7XXkBWznjck29-5Csv9y-lh55FFSxy4_8GSy76S9QlPgfj2-7M_DcyDMSnxPsTLPC6QWwWFXHLr9OZoUkMJpyF9AImNmoq2uYIa5Jqdwd2EvLFqYQX3YfwZSfGCGxiMIWYbzHc0W3H1PHL3okufA2YA3tB3im8E
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_2HaQAJYVkKaL1IAAbiSUaPxU6tckZbRiKYLQ&u=%7CQM%2BOFsbANfqNmS00sUH%2FVo7RjCCrXBcnJlPD0b%2Fqjuw%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1b-HgoKGHcDU0erJYQXuDDktRIjkjFqfWyKMJGk5gDpy6sljjR310IIxBqHD1trGK9Wa5Jc5W_xceYVpKRzgYVEDx3kUeGG_dzUZb1ctxNWBe1R_W1pV6atajQVHAo_qdXPbhoEi-FlUaZGASykmylGl5XpfITfDy1ll9CkdXMGYALl5hqgQbRk0BUZGEEIgZYIC6heCIoJjIY40VY3a-8jM6FSM_hMn44mivCqLHH7eGQkER2BMqp3y9NbFEhz7iHh0RqdsZs4FVjYE5j-rTNAj_lZbWDZo9ArUCwSZijdvqWNLliJ3-PQG1F32pduuRuvJggcsRJZk8cG3wQDC_S6qBIw_9sk-r5xcbjTLS21cYJzR2jr9e39IVJDlJFNoP1HLqd9y1PeEwEotZkP23mAjR_yDoyKRCm9u67wGR4D2SUPoYZnpHrpI00Q_hiFopFBVDuWkol50CpEO2cZ7Ii1PROSw9wbhBSVkIk_rrvfczlicAfWPJh9DhANaas6l5z5xR32GuTQcygfGMa7VFUgxv4K_rBaLKLgOFs-bPx1ld6me4OZOanIJzNbCi_beaC&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmC1kaYf9Y9nCJcj6ogPJxJvIA73U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi0xNzUwODU2MjM5MjA0NDE0yAEJ4AIAqAMBqgTvAU_QSslvZVDWJZ_SKJ3KOsJGsPGoC4SUXER94IB4TmpsyYv7Zs4Gk0wCPvEfzeKmLMEIG3nseBvk50XgcZSh279UBhjMUBVkNEf_nWCNUlT5-mXhVJU9doQeFEPL44DF8kN0bBFGaNYNAvJeFNKAQ8ai9lBNc9vBFV6eAR_PBtnLx04bW941_hb-_kFvgVip8BL01rlRwjZrzCeP8zYcM1z8fphzDeGAcUlIfwnJEsW4cTGtYvD8uap_m9liRyWCM0TJ5Tbv_PtudYbGNh0O2mISH94pBLaYCNaofsp-gV3-MAjJFa5anxKUuMnvLH134AQBgAain6y69qaCkmOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Qi7_CJ_jiEP057_nwdMY9YVj4DQ%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2611796
expires
Mon, 26 Jul 1997 05:00:00 GMT
396c5a96b2744665a4ab15ab106665fc_image_ad_300x250.gif
static.criteo.net/design/dt/81802/230220/ Frame 8316 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/81802/230220/396c5a96b2744665a4ab15ab106665fc_image_ad_300x250.gif
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_2HaQAJYVkKaL1IAAbiSUaPxU6tckZbRiKYLQ&u=%7CQM%2BOFsbANfqNmS00sUH%2FVo7RjCCrXBcnJlPD0b%2Fqjuw%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1b-HgoKGHcDU0erJYQXuDDktRIjkjFqfWyKMJGk5gDpy6sljjR310IIxBqHD1trGK9Wa5Jc5W_xceYVpKRzgYVEDx3kUeGG_dzUZb1ctxNWBe1R_W1pV6atajQVHAo_qdXPbhoEi-FlUaZGASykmylGl5XpfITfDy1ll9CkdXMGYALl5hqgQbRk0BUZGEEIgZYIC6heCIoJjIY40VY3a-8jM6FSM_hMn44mivCqLHH7eGQkER2BMqp3y9NbFEhz7iHh0RqdsZs4FVjYE5j-rTNAj_lZbWDZo9ArUCwSZijdvqWNLliJ3-PQG1F32pduuRuvJggcsRJZk8cG3wQDC_S6qBIw_9sk-r5xcbjTLS21cYJzR2jr9e39IVJDlJFNoP1HLqd9y1PeEwEotZkP23mAjR_yDoyKRCm9u67wGR4D2SUPoYZnpHrpI00Q_hiFopFBVDuWkol50CpEO2cZ7Ii1PROSw9wbhBSVkIk_rrvfczlicAfWPJh9DhANaas6l5z5xR32GuTQcygfGMa7VFUgxv4K_rBaLKLgOFs-bPx1ld6me4OZOanIJzNbCi_beaC&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmC1kaYf9Y9nCJcj6ogPJxJvIA73U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi0xNzUwODU2MjM5MjA0NDE0yAEJ4AIAqAMBqgTvAU_QSslvZVDWJZ_SKJ3KOsJGsPGoC4SUXER94IB4TmpsyYv7Zs4Gk0wCPvEfzeKmLMEIG3nseBvk50XgcZSh279UBhjMUBVkNEf_nWCNUlT5-mXhVJU9doQeFEPL44DF8kN0bBFGaNYNAvJeFNKAQ8ai9lBNc9vBFV6eAR_PBtnLx04bW941_hb-_kFvgVip8BL01rlRwjZrzCeP8zYcM1z8fphzDeGAcUlIfwnJEsW4cTGtYvD8uap_m9liRyWCM0TJ5Tbv_PtudYbGNh0O2mISH94pBLaYCNaofsp-gV3-MAjJFa5anxKUuMnvLH134AQBgAain6y69qaCkmOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Qi7_CJ_jiEP057_nwdMY9YVj4DQ%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
01e1f7fd45eb292a1bd3017cdd9c6db612c8b71fc7867c4a8404abb651f86f15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:38 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 20 Feb 2023 17:59:52 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"63f3b518-974c"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
38732
expires
Fri, 23 Feb 2024 04:47:38 GMT
container.html
3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 325F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Feb 2023 04:47:36 GMT
expires
Wed, 28 Feb 2024 04:47:36 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
all
csm.as.criteo.net/ Frame 8316 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=lbia_0Fj8ZQWIixjzDEn02o43KwPnAcjzQoYQqyNnuEx5qrnSjjKZYL00pRuO5z0ltWodyfB7WuL4Xt9utENLssHvouAj1WSv3UgBLa8NNUhxCUXD4C-q7EmErvRpwn00gpytCb2XNtyVWCxvOm6RArnKyOggZBkXZDa7ggCQHLOJsHHMiK9xVoPYCc2kH9x9QGGTgORYEgqjNmofPXncQcgSemntSj6-ehZWYMBe_QttwlA7088INl00dkyhZsugj-pkA&sds=2&rev=84953&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_2HaQAJYVkKaL1IAAbiSUaPxU6tckZbRiKYLQ&u=%7CQM%2BOFsbANfqNmS00sUH%2FVo7RjCCrXBcnJlPD0b%2Fqjuw%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1b-HgoKGHcDU0erJYQXuDDktRIjkjFqfWyKMJGk5gDpy6sljjR310IIxBqHD1trGK9Wa5Jc5W_xceYVpKRzgYVEDx3kUeGG_dzUZb1ctxNWBe1R_W1pV6atajQVHAo_qdXPbhoEi-FlUaZGASykmylGl5XpfITfDy1ll9CkdXMGYALl5hqgQbRk0BUZGEEIgZYIC6heCIoJjIY40VY3a-8jM6FSM_hMn44mivCqLHH7eGQkER2BMqp3y9NbFEhz7iHh0RqdsZs4FVjYE5j-rTNAj_lZbWDZo9ArUCwSZijdvqWNLliJ3-PQG1F32pduuRuvJggcsRJZk8cG3wQDC_S6qBIw_9sk-r5xcbjTLS21cYJzR2jr9e39IVJDlJFNoP1HLqd9y1PeEwEotZkP23mAjR_yDoyKRCm9u67wGR4D2SUPoYZnpHrpI00Q_hiFopFBVDuWkol50CpEO2cZ7Ii1PROSw9wbhBSVkIk_rrvfczlicAfWPJh9DhANaas6l5z5xR32GuTQcygfGMa7VFUgxv4K_rBaLKLgOFs-bPx1ld6me4OZOanIJzNbCi_beaC&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmC1kaYf9Y9nCJcj6ogPJxJvIA73U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi0xNzUwODU2MjM5MjA0NDE0yAEJ4AIAqAMBqgTvAU_QSslvZVDWJZ_SKJ3KOsJGsPGoC4SUXER94IB4TmpsyYv7Zs4Gk0wCPvEfzeKmLMEIG3nseBvk50XgcZSh279UBhjMUBVkNEf_nWCNUlT5-mXhVJU9doQeFEPL44DF8kN0bBFGaNYNAvJeFNKAQ8ai9lBNc9vBFV6eAR_PBtnLx04bW941_hb-_kFvgVip8BL01rlRwjZrzCeP8zYcM1z8fphzDeGAcUlIfwnJEsW4cTGtYvD8uap_m9liRyWCM0TJ5Tbv_PtudYbGNh0O2mISH94pBLaYCNaofsp-gV3-MAjJFa5anxKUuMnvLH134AQBgAain6y69qaCkmOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Qi7_CJ_jiEP057_nwdMY9YVj4DQ%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
privacy.svg
static.criteo.net/flash/icon/ Frame 8316 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_2HaQAJYVkKaL1IAAbiSUaPxU6tckZbRiKYLQ&u=%7CQM%2BOFsbANfqNmS00sUH%2FVo7RjCCrXBcnJlPD0b%2Fqjuw%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1b-HgoKGHcDU0erJYQXuDDktRIjkjFqfWyKMJGk5gDpy6sljjR310IIxBqHD1trGK9Wa5Jc5W_xceYVpKRzgYVEDx3kUeGG_dzUZb1ctxNWBe1R_W1pV6atajQVHAo_qdXPbhoEi-FlUaZGASykmylGl5XpfITfDy1ll9CkdXMGYALl5hqgQbRk0BUZGEEIgZYIC6heCIoJjIY40VY3a-8jM6FSM_hMn44mivCqLHH7eGQkER2BMqp3y9NbFEhz7iHh0RqdsZs4FVjYE5j-rTNAj_lZbWDZo9ArUCwSZijdvqWNLliJ3-PQG1F32pduuRuvJggcsRJZk8cG3wQDC_S6qBIw_9sk-r5xcbjTLS21cYJzR2jr9e39IVJDlJFNoP1HLqd9y1PeEwEotZkP23mAjR_yDoyKRCm9u67wGR4D2SUPoYZnpHrpI00Q_hiFopFBVDuWkol50CpEO2cZ7Ii1PROSw9wbhBSVkIk_rrvfczlicAfWPJh9DhANaas6l5z5xR32GuTQcygfGMa7VFUgxv4K_rBaLKLgOFs-bPx1ld6me4OZOanIJzNbCi_beaC&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmC1kaYf9Y9nCJcj6ogPJxJvIA73U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi0xNzUwODU2MjM5MjA0NDE0yAEJ4AIAqAMBqgTvAU_QSslvZVDWJZ_SKJ3KOsJGsPGoC4SUXER94IB4TmpsyYv7Zs4Gk0wCPvEfzeKmLMEIG3nseBvk50XgcZSh279UBhjMUBVkNEf_nWCNUlT5-mXhVJU9doQeFEPL44DF8kN0bBFGaNYNAvJeFNKAQ8ai9lBNc9vBFV6eAR_PBtnLx04bW941_hb-_kFvgVip8BL01rlRwjZrzCeP8zYcM1z8fphzDeGAcUlIfwnJEsW4cTGtYvD8uap_m9liRyWCM0TJ5Tbv_PtudYbGNh0O2mISH94pBLaYCNaofsp-gV3-MAjJFa5anxKUuMnvLH134AQBgAain6y69qaCkmOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Qi7_CJ_jiEP057_nwdMY9YVj4DQ%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Feb 2024 04:47:38 GMT
truncated
/ Frame 4CC6 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f9c0f456ef438213561c640e5284be12e358ba09dbd3121df50b196a7aa0432

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 2858 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d75cddb432ae2991c9575f6fb6b5f299dc078644796c45fa33c643e7bcf4426b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
all
csm.as.criteo.net/ Frame 5AB9 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=XbdZD0Fj8ZQWIixjQwtOxHpit67jPCAL7oVEIgM_njy1mT834VTfWu-MyajxVOUAaANgGHkClz6uamng7oWu1NeSVL24tf0Xm3eH8ewSusGDT9IKO-sehvfTZceU9FKlh3gwm_7R1IS0tygLxxxZz1PFwAwMI96DfR7TzUUQ17VyBU_tYi0otkGB4ikKc7K6tc50J91mfMkjgNN7a4Jv4BYH_FbBNTtDNzi59tjUj9UXo5Nzy-EsU-N_3JWIDR8QWEUXBw&sds=2&rev=84953&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_2HaAALaY4KaM8EAA5HaBA-3LGLBVhqYTcpzA&u=%7CUKt1300XUf6k%2BL44jS1uCLkHP45dmV7azRkKIUS7leQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2FeT-DQ8f6hYCLXxbRAsQQkXFNAtexRdGEEhufCpMWqN_hB3HDpSvT1uav1RsdIXOxSPHdaaBJcAyiDZmeS5lAceDpfSdDUVJQnlpRpBbJI0-2dfO5pXWTJkStzfzFXEMpiFj3FoLgHvj11NCqmN-gOZm7oWCAbk0uATz0AYdPxXri3W5AVvylyVfXyUhEkO9czK4j24-CkJNOa7HrVNTA652noXVjx_b9EShAbXOTdMZp6qRme-dfULQYsxqdlDe4Jd_rElr0luJICzJ5-KpT9Xq1MUvyPV7abBUUA7EzILINpj0sUmynKB4JxWh6j0ScNjYZjyBQ7YPD7o1Xo4cc3_GLhw27V5U9HZr0oMxmXy20dfl8mIkl4bzACPcub3Qi3v_Y_oy7n9DQh23KWaq7WfYyu2gehLg-AJ1rPhpNS9vR4Dn0dM0EkCKNlpTtb9-aj8OvxW_sH3qcLxJCVmwJC5SQvN-CZ_c7nzIaSh-oZNX0s3Qtz9xGBxo4KqrAzuuPIeZmf5UTjQXPPNS3rm6v4dRFm-qfDeaNHMZjsoG-4wxgMbBkKLEw5RMdtSnJDFqyMkICZXriaLU3_pBkYjFiN&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-dr7aIf9Y47TLYSeowPojrn4D73U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJ4AIAqAMBqgT1AU_QzB45TDr4wVysj5EsjiYLRo7GYZXwhUWCiYP6XUVcNkDzEIHBYPjlV8O1ohS1QEbVf0iQsZRdr28KnZWpxpORl1pOXK7ZPax5gv6hsf-1fxAtKo2MzP-CYmq0mXM02TSxmC0AGonr5TfbS8yEN1-59NjQRofLRRiMlFuMraKCEyRkKeRkuGKSjrYZaAwEv9mInIcW69K66oU0k3FO7MXEMOc00wlgGb7a9TXIo5MMoRW3l2zYcIgHAIYwblnlFyKpOWklRdFA7XoaFx7hIxF6efAf7X7SuNpdfQpzH3weGYwC5Qunp9fykRLu7XwPO4xgSnA24AQBgAain6y69qaCkmOgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lqwHOGTT7Kz15vpq_nb3E8hj1Mw%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js
pagead2.googlesyndication.com/bg/ Frame 6836 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8deb16eb44574c11f7fc262b3fb21c23016e46f1d8b8cc4e0184adc0c38d097
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 09:20:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
156431
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14401
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 26 Feb 2024 09:20:27 GMT
6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js
pagead2.googlesyndication.com/bg/ Frame AA63 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8deb16eb44574c11f7fc262b3fb21c23016e46f1d8b8cc4e0184adc0c38d097
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 09:20:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
156431
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14401
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 26 Feb 2024 09:20:27 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 325F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CLS9BaYf9Y5X7O4bSowPpyIa4Ab3U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJ4AIAqAMBqgToAU_Q_eqpCbdzc3NfNiK6LZURdxCkta5GKRzhVspvyGnpeGZvnw38wWQksPxzfOkkUJ0NgThWJfeBzhopuqQ8u6zsQsbjT30xjtZ1VYM8mmVJteFUOTByh13o9d_yM3FMbUrn8gOeO-wpd0QZr99wCcPACHhM8JRq73olCSVtAjKAmYU6cPMuyIuLyUKGmF3MvjlV6GPQSRlePRhulowyKuA4hSkH0gmB66syXxeU2KJHQFCirVR2IRsOEfTl19GsdUpk0foHA3LexfQF4qH9WVyYAr_mAmeGGoPhoyR_xLv3o_AXS6ft1sPgBAGABqKfrLr2poKSY6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTk2MDI1MTk1MDI2MTgyNjIY-t58&sigh=Uftn2-ZryOo&uach_m=[UACH]&cid=CAQSSwDUE5ym8wA9wBGkd7E1LFpY0G9ePYdfmEoslwmy5yriLtMiV9ytbN1gjLpeyV-vKbd2nI5SithN02n4yLW34AVpPhVkGJYbvmWxahgB
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 325F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kMWDFdf-BqAB2ATgvNldAgAAADJCIdTnX8kaEGmH_WM6GcbR1KoN4BK4AAASAAAKDkFRVUJEUVlCRFFFQkRR&wp=Y_2HaQAO_ZUKaOkGAAGkaV4jMFizxAMdo8COmA
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::13 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:38 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
198682
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 6E8B 		52 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y_2HaQAO_ZUKaOkGAAGkaV4jMFizxAMdo8COmA&u=%7C6FcdCPACiwMbFixTyOVCArDnBg3VTiuGCbKgwxakNSg%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHFVqzVo_Eqe-eoQewzSOrrC24WLdcTehYhuzs-jGO9Ot3KO6NhQEI1OUgJZ8KNcvd7kUVqMbFKiKheImZ_xGe-pmAgzAwRONZOpeSTxvnm9rVwEWjajZo24ImpumRsrmUdORKcUhn1GcyHgog844tM4gBWaZdEoC350bdP_h6SfE_DjQ244pii5zQWhGOy8veHKkFOf02ABL32PtviryzFaL-zc9ITXGXFB8m7adt2sFJom3IPEGRFLh0q2ehF9_qP_UNuWQWK4p3NLM3cB3-Ioi_ivyIvvzNhOQvYOswZr7VoOI0kZfrQmFwLiXxv17kzykE5Q53-asyA5XqdUJUe501g08JILIL12MJGbQecBztGv6qKiTCOfSMIoGreegdk1NmMfviW9D5-wzkBw1s4IFtWWkC3fYmwG6wTHLTWrSEDnLLVhr3elGtUJuQP2G3AO6bO5SywEJEUJSwP_ITtVh_-_dezwIu2xnQcmY5pjyuSPunUMHug2V_akzb0is9upyRbWa3LbvHGL-OqgxyxrEzQVuA2iwI10VNwLEHMqKFNbpa5uu3Dx5ARW_IHjmpE0i2Gw9ypOpjWHqNlWu6mUnvHyPgSZhd6&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZccPaYf9Y5X7O4bSowPpyIa4Ab3U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJ4AIAqAMBqgTrAU_Q_eqpCbdzc3NfNiK6LZURdxCkta5GKRzhVspvyGnpeGZvnw38wWQksPxzfOkkUJ0NgThWJfeBzhopuqQ8u6zsQsbjT30xjtZ1VYM8mmVJteFUOTByh13o9d_yM3FMbUrn8gOeO-wpd0QZr99wCcPACHhM8JRq73olCSVtAjKAmYU6cPMuyIuLyUKGmF3MvjlV6GPQSRlePRhulowyKuA4hSkH0gmB66syXxeU2KJHQFCirVR2IRsOEfTl19GsdUpkk_gmkfMVaJr_T9xMiXMt-vXxCJKPNJtxBOxQcUlIvdwPyElYuDmS9HbgBAGABqKfrLr2poKSY6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3BzqZIosiaUFdiSiQsPqkJlBbrjQ%26client%3Dca-pub-9602519502618262%26adurl%3D
Requested by
Host: 3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com
URL: https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::15 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e831a1355a7116d32a4492ef683bdbca34e8c92f86f8930f69766527ddb73196
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 28 Feb 2023 04:47:37 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=KgoFxkFj8ZQWIixjMM8tUK59WrQu9Q-pXYw7ilF6-TCnyfcKcbciBHHNBXguNNonDMgeH3A0nEe_h5uiVDUy99h4u_WOcuOaOEFHfEejnY9Q5nAx8tFjXZz7yJR6dPq4UrmhToLIraNTpn0wAmHeWixAdknIexAD0Eg1kWcHX_2bOZOIl1_DXRZhVhM9oq9SdtMwF-Evm_SkH0vs8W0OtOR50ez39fyYZLGecRRxgt-3Vzu4iqXTIagFAZXGGXVJSSug8g"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
2893075
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 325F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com
URL: https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 23:01:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
20772
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Mar 2023 23:01:26 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 325F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com
URL: https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 20:48:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
28726
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5959907985313552934
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Mar 2023 20:48:52 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 325F 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com
URL: https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:06:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
477681
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 22 Feb 2024 16:06:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 325F 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com
URL: https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
184f7e9267bf77e6df354fcbd8c87029012a59f9aa277fde93f376349ee0f0a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49360
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677501794595172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 28 Feb 2023 04:47:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 63E9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bvms1aYf9Y_XeD5T-z7sPksCDuAcAAAAAOAHgBAI&bg=!ra6lrvrNAAZYlHKzeJQ7ADkAdvg8Wm6sgvrWdUJWMXM8GlvdUgxiri7J4DAj0caw_yKrvs94EpK2l2bRkC9MVyC_-80dNoRlFbACAAACEVIAAAACaAEHmQK2Pchyp-XYuwOkNgMf5fF-_79hoA6ICjyH15FSL10o3NN1_xl9A0su8W-kJRCHPvmxVM1FUKN3Q3lbiWjQnPE9WGE2t-eVXvNsDRxWig-TJbwdA0yXWz6dDcGqEf56E7LYeSwK_Xs5L51rM--1jXWPXSsCi2iIKtkvaXxw6T6UAEIzLW3Ks0l8raHoXgVZbdF74YlXui1QHW5VOdp56aSI9yVwqXbddxximwp4fqRYr1gIGBRXPijr6ahWpWpL9FtQlEtRZz9EivLBvcYOHn_f1sHlee4JnajjD8ctPvVR05CDt6VYCeGVwA7mgmCc4k-sCDjaFLKNmylBVHyQFimXCuUSiA97zKpoHZJFDO_5vjX9xdTdfeq697py4Y_YCCcQopYua-CL-7mtPY-rCdo4xPLxLMq7PQvFijuQjAUXrFjp5mazSp1MDWlHpG1ClFH9Isa7u71KNlPsm75js5G9nQm_f7wubZz53LqPCRlqZLVLcAmpaY2T4BsxAeExcBc-965zr3ngd4AYDQecUhyBEEK_XBU3NqkbmDfsITwk9nzY3TDAxVzZ55tEbgv7BsHFyVDRMgjS_IYeW5xWGOgAglds-oCZKysc_X9nFAjVyO7hqZ8Ttbmg74pdGsxpX-H5b30N3VQNWR6kM1TsDMJ6UZK9zg59CCR5sN_yNE-dmtOiwKq7v0L6wl8optjWEH1qaOFQJvlfuehdMedUiUfcpuIiQ-ygzr-_Yg3i2JvgeFmSzC6e3Z3pNlJszdRg38mj9vj2Kn6QCCAj-3TK1GJvI4i3CelofI_wXM30_oRHntFMaRc47ToQwleRXJpKqfXf_cJ1ANO8N3PVwHNytDfI1252dQakqsiG18PKT0MP8VbRWMeD0bxIhGbbXZMXQCuXbQN9y-mlei_3tmpIvaXD6NmoroUFwA
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cGFzdGVsaW5rLm5ldA==
tcheck.outbrainimg.com/tcheck/check/ Frame 2858 		15 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/cGFzdGVsaW5rLm5ldA==
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.189.202 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-189-202.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 28 Feb 2023 04:47:38 GMT
ETag
W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=40997
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
2d5560a0fb2a0281e119e4a98b7d3dba
Content-Length
15
Expires
Tue, 28 Feb 2023 16:10:55 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ Frame 2858 		43 B
381 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.241.105 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-241-105.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Thu, 30 Mar 2023 04:47:38 GMT
date
Tue, 28 Feb 2023 04:47:38 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
access-control-request-headers
X-OB-STG,X-OB-PRD
privacy_small.svg
static.criteo.net/flash/icon/ Frame 6E8B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_2HaQAO_ZUKaOkGAAGkaV4jMFizxAMdo8COmA&u=%7C6FcdCPACiwMbFixTyOVCArDnBg3VTiuGCbKgwxakNSg%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHFVqzVo_Eqe-eoQewzSOrrC24WLdcTehYhuzs-jGO9Ot3KO6NhQEI1OUgJZ8KNcvd7kUVqMbFKiKheImZ_xGe-pmAgzAwRONZOpeSTxvnm9rVwEWjajZo24ImpumRsrmUdORKcUhn1GcyHgog844tM4gBWaZdEoC350bdP_h6SfE_DjQ244pii5zQWhGOy8veHKkFOf02ABL32PtviryzFaL-zc9ITXGXFB8m7adt2sFJom3IPEGRFLh0q2ehF9_qP_UNuWQWK4p3NLM3cB3-Ioi_ivyIvvzNhOQvYOswZr7VoOI0kZfrQmFwLiXxv17kzykE5Q53-asyA5XqdUJUe501g08JILIL12MJGbQecBztGv6qKiTCOfSMIoGreegdk1NmMfviW9D5-wzkBw1s4IFtWWkC3fYmwG6wTHLTWrSEDnLLVhr3elGtUJuQP2G3AO6bO5SywEJEUJSwP_ITtVh_-_dezwIu2xnQcmY5pjyuSPunUMHug2V_akzb0is9upyRbWa3LbvHGL-OqgxyxrEzQVuA2iwI10VNwLEHMqKFNbpa5uu3Dx5ARW_IHjmpE0i2Gw9ypOpjWHqNlWu6mUnvHyPgSZhd6&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZccPaYf9Y5X7O4bSowPpyIa4Ab3U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJ4AIAqAMBqgTrAU_Q_eqpCbdzc3NfNiK6LZURdxCkta5GKRzhVspvyGnpeGZvnw38wWQksPxzfOkkUJ0NgThWJfeBzhopuqQ8u6zsQsbjT30xjtZ1VYM8mmVJteFUOTByh13o9d_yM3FMbUrn8gOeO-wpd0QZr99wCcPACHhM8JRq73olCSVtAjKAmYU6cPMuyIuLyUKGmF3MvjlV6GPQSRlePRhulowyKuA4hSkH0gmB66syXxeU2KJHQFCirVR2IRsOEfTl19GsdUpkk_gmkfMVaJr_T9xMiXMt-vXxCJKPNJtxBOxQcUlIvdwPyElYuDmS9HbgBAGABqKfrLr2poKSY6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3BzqZIosiaUFdiSiQsPqkJlBbrjQ%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Feb 2024 04:47:38 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 6E8B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_2HaQAO_ZUKaOkGAAGkaV4jMFizxAMdo8COmA&u=%7C6FcdCPACiwMbFixTyOVCArDnBg3VTiuGCbKgwxakNSg%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHFVqzVo_Eqe-eoQewzSOrrC24WLdcTehYhuzs-jGO9Ot3KO6NhQEI1OUgJZ8KNcvd7kUVqMbFKiKheImZ_xGe-pmAgzAwRONZOpeSTxvnm9rVwEWjajZo24ImpumRsrmUdORKcUhn1GcyHgog844tM4gBWaZdEoC350bdP_h6SfE_DjQ244pii5zQWhGOy8veHKkFOf02ABL32PtviryzFaL-zc9ITXGXFB8m7adt2sFJom3IPEGRFLh0q2ehF9_qP_UNuWQWK4p3NLM3cB3-Ioi_ivyIvvzNhOQvYOswZr7VoOI0kZfrQmFwLiXxv17kzykE5Q53-asyA5XqdUJUe501g08JILIL12MJGbQecBztGv6qKiTCOfSMIoGreegdk1NmMfviW9D5-wzkBw1s4IFtWWkC3fYmwG6wTHLTWrSEDnLLVhr3elGtUJuQP2G3AO6bO5SywEJEUJSwP_ITtVh_-_dezwIu2xnQcmY5pjyuSPunUMHug2V_akzb0is9upyRbWa3LbvHGL-OqgxyxrEzQVuA2iwI10VNwLEHMqKFNbpa5uu3Dx5ARW_IHjmpE0i2Gw9ypOpjWHqNlWu6mUnvHyPgSZhd6&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZccPaYf9Y5X7O4bSowPpyIa4Ab3U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJ4AIAqAMBqgTrAU_Q_eqpCbdzc3NfNiK6LZURdxCkta5GKRzhVspvyGnpeGZvnw38wWQksPxzfOkkUJ0NgThWJfeBzhopuqQ8u6zsQsbjT30xjtZ1VYM8mmVJteFUOTByh13o9d_yM3FMbUrn8gOeO-wpd0QZr99wCcPACHhM8JRq73olCSVtAjKAmYU6cPMuyIuLyUKGmF3MvjlV6GPQSRlePRhulowyKuA4hSkH0gmB66syXxeU2KJHQFCirVR2IRsOEfTl19GsdUpkk_gmkfMVaJr_T9xMiXMt-vXxCJKPNJtxBOxQcUlIvdwPyElYuDmS9HbgBAGABqKfrLr2poKSY6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3BzqZIosiaUFdiSiQsPqkJlBbrjQ%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Feb 2024 04:47:38 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 6E8B 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_2HaQAO_ZUKaOkGAAGkaV4jMFizxAMdo8COmA&u=%7C6FcdCPACiwMbFixTyOVCArDnBg3VTiuGCbKgwxakNSg%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHFVqzVo_Eqe-eoQewzSOrrC24WLdcTehYhuzs-jGO9Ot3KO6NhQEI1OUgJZ8KNcvd7kUVqMbFKiKheImZ_xGe-pmAgzAwRONZOpeSTxvnm9rVwEWjajZo24ImpumRsrmUdORKcUhn1GcyHgog844tM4gBWaZdEoC350bdP_h6SfE_DjQ244pii5zQWhGOy8veHKkFOf02ABL32PtviryzFaL-zc9ITXGXFB8m7adt2sFJom3IPEGRFLh0q2ehF9_qP_UNuWQWK4p3NLM3cB3-Ioi_ivyIvvzNhOQvYOswZr7VoOI0kZfrQmFwLiXxv17kzykE5Q53-asyA5XqdUJUe501g08JILIL12MJGbQecBztGv6qKiTCOfSMIoGreegdk1NmMfviW9D5-wzkBw1s4IFtWWkC3fYmwG6wTHLTWrSEDnLLVhr3elGtUJuQP2G3AO6bO5SywEJEUJSwP_ITtVh_-_dezwIu2xnQcmY5pjyuSPunUMHug2V_akzb0is9upyRbWa3LbvHGL-OqgxyxrEzQVuA2iwI10VNwLEHMqKFNbpa5uu3Dx5ARW_IHjmpE0i2Gw9ypOpjWHqNlWu6mUnvHyPgSZhd6&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZccPaYf9Y5X7O4bSowPpyIa4Ab3U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJ4AIAqAMBqgTrAU_Q_eqpCbdzc3NfNiK6LZURdxCkta5GKRzhVspvyGnpeGZvnw38wWQksPxzfOkkUJ0NgThWJfeBzhopuqQ8u6zsQsbjT30xjtZ1VYM8mmVJteFUOTByh13o9d_yM3FMbUrn8gOeO-wpd0QZr99wCcPACHhM8JRq73olCSVtAjKAmYU6cPMuyIuLyUKGmF3MvjlV6GPQSRlePRhulowyKuA4hSkH0gmB66syXxeU2KJHQFCirVR2IRsOEfTl19GsdUpkk_gmkfMVaJr_T9xMiXMt-vXxCJKPNJtxBOxQcUlIvdwPyElYuDmS9HbgBAGABqKfrLr2poKSY6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3BzqZIosiaUFdiSiQsPqkJlBbrjQ%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:38 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 23 Feb 2024 04:47:38 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 6E8B 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_2HaQAO_ZUKaOkGAAGkaV4jMFizxAMdo8COmA&u=%7C6FcdCPACiwMbFixTyOVCArDnBg3VTiuGCbKgwxakNSg%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHFVqzVo_Eqe-eoQewzSOrrC24WLdcTehYhuzs-jGO9Ot3KO6NhQEI1OUgJZ8KNcvd7kUVqMbFKiKheImZ_xGe-pmAgzAwRONZOpeSTxvnm9rVwEWjajZo24ImpumRsrmUdORKcUhn1GcyHgog844tM4gBWaZdEoC350bdP_h6SfE_DjQ244pii5zQWhGOy8veHKkFOf02ABL32PtviryzFaL-zc9ITXGXFB8m7adt2sFJom3IPEGRFLh0q2ehF9_qP_UNuWQWK4p3NLM3cB3-Ioi_ivyIvvzNhOQvYOswZr7VoOI0kZfrQmFwLiXxv17kzykE5Q53-asyA5XqdUJUe501g08JILIL12MJGbQecBztGv6qKiTCOfSMIoGreegdk1NmMfviW9D5-wzkBw1s4IFtWWkC3fYmwG6wTHLTWrSEDnLLVhr3elGtUJuQP2G3AO6bO5SywEJEUJSwP_ITtVh_-_dezwIu2xnQcmY5pjyuSPunUMHug2V_akzb0is9upyRbWa3LbvHGL-OqgxyxrEzQVuA2iwI10VNwLEHMqKFNbpa5uu3Dx5ARW_IHjmpE0i2Gw9ypOpjWHqNlWu6mUnvHyPgSZhd6&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZccPaYf9Y5X7O4bSowPpyIa4Ab3U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJ4AIAqAMBqgTrAU_Q_eqpCbdzc3NfNiK6LZURdxCkta5GKRzhVspvyGnpeGZvnw38wWQksPxzfOkkUJ0NgThWJfeBzhopuqQ8u6zsQsbjT30xjtZ1VYM8mmVJteFUOTByh13o9d_yM3FMbUrn8gOeO-wpd0QZr99wCcPACHhM8JRq73olCSVtAjKAmYU6cPMuyIuLyUKGmF3MvjlV6GPQSRlePRhulowyKuA4hSkH0gmB66syXxeU2KJHQFCirVR2IRsOEfTl19GsdUpkk_gmkfMVaJr_T9xMiXMt-vXxCJKPNJtxBOxQcUlIvdwPyElYuDmS9HbgBAGABqKfrLr2poKSY6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3BzqZIosiaUFdiSiQsPqkJlBbrjQ%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:38 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 23 Feb 2024 04:47:38 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 6E8B 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=bEOIlvU5I_HO4HMHAKAk4YGfPFWZVJSbKs8YkUf5H-Wj_WF0s9qLYHuHSr7tTCbN6geL0QHbtxlVAfpnJ1NT_ydY5aYCyLEWNqltYhH5aegoXjwPV9YnSX891lvv7zEnGEPVXTANrJ-3Wd318p2ZSg7yunOnml-Wuum8jTp7WoBNZtZD4fufXnhNbma6sozGA1SQv5v6ImmIKylSv1Ed5Lkfq84tnOdsAB-nSRb_LsRdd-GrNGl1yu8TJE_EPa4LzgbYl_Y-QccJHTN82tNr-xGrXA4zRIjmroevhKVthtHyqowLroopsVvWJ-zUZxbBb-Ye1g29aBTjwidCMzKInUBsYKKvoklXEo8Hz9ikRBIy5qifzHfr8ehBJNeLExbvbGM7Z_I6GhmnvPgeoP6DzyDpQJy4gAYfG1NYeZ4g9y9kwjvy
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_2HaQAO_ZUKaOkGAAGkaV4jMFizxAMdo8COmA&u=%7C6FcdCPACiwMbFixTyOVCArDnBg3VTiuGCbKgwxakNSg%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHFVqzVo_Eqe-eoQewzSOrrC24WLdcTehYhuzs-jGO9Ot3KO6NhQEI1OUgJZ8KNcvd7kUVqMbFKiKheImZ_xGe-pmAgzAwRONZOpeSTxvnm9rVwEWjajZo24ImpumRsrmUdORKcUhn1GcyHgog844tM4gBWaZdEoC350bdP_h6SfE_DjQ244pii5zQWhGOy8veHKkFOf02ABL32PtviryzFaL-zc9ITXGXFB8m7adt2sFJom3IPEGRFLh0q2ehF9_qP_UNuWQWK4p3NLM3cB3-Ioi_ivyIvvzNhOQvYOswZr7VoOI0kZfrQmFwLiXxv17kzykE5Q53-asyA5XqdUJUe501g08JILIL12MJGbQecBztGv6qKiTCOfSMIoGreegdk1NmMfviW9D5-wzkBw1s4IFtWWkC3fYmwG6wTHLTWrSEDnLLVhr3elGtUJuQP2G3AO6bO5SywEJEUJSwP_ITtVh_-_dezwIu2xnQcmY5pjyuSPunUMHug2V_akzb0is9upyRbWa3LbvHGL-OqgxyxrEzQVuA2iwI10VNwLEHMqKFNbpa5uu3Dx5ARW_IHjmpE0i2Gw9ypOpjWHqNlWu6mUnvHyPgSZhd6&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZccPaYf9Y5X7O4bSowPpyIa4Ab3U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJ4AIAqAMBqgTrAU_Q_eqpCbdzc3NfNiK6LZURdxCkta5GKRzhVspvyGnpeGZvnw38wWQksPxzfOkkUJ0NgThWJfeBzhopuqQ8u6zsQsbjT30xjtZ1VYM8mmVJteFUOTByh13o9d_yM3FMbUrn8gOeO-wpd0QZr99wCcPACHhM8JRq73olCSVtAjKAmYU6cPMuyIuLyUKGmF3MvjlV6GPQSRlePRhulowyKuA4hSkH0gmB66syXxeU2KJHQFCirVR2IRsOEfTl19GsdUpkk_gmkfMVaJr_T9xMiXMt-vXxCJKPNJtxBOxQcUlIvdwPyElYuDmS9HbgBAGABqKfrLr2poKSY6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3BzqZIosiaUFdiSiQsPqkJlBbrjQ%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:37 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2677120
expires
Mon, 26 Jul 1997 05:00:00 GMT
f4bb061d58454dfeac6cba0612b0dc8a_image_ad_160x600.gif
static.criteo.net/design/dt/81802/230220/ Frame 6E8B 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/81802/230220/f4bb061d58454dfeac6cba0612b0dc8a_image_ad_160x600.gif
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_2HaQAO_ZUKaOkGAAGkaV4jMFizxAMdo8COmA&u=%7C6FcdCPACiwMbFixTyOVCArDnBg3VTiuGCbKgwxakNSg%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHFVqzVo_Eqe-eoQewzSOrrC24WLdcTehYhuzs-jGO9Ot3KO6NhQEI1OUgJZ8KNcvd7kUVqMbFKiKheImZ_xGe-pmAgzAwRONZOpeSTxvnm9rVwEWjajZo24ImpumRsrmUdORKcUhn1GcyHgog844tM4gBWaZdEoC350bdP_h6SfE_DjQ244pii5zQWhGOy8veHKkFOf02ABL32PtviryzFaL-zc9ITXGXFB8m7adt2sFJom3IPEGRFLh0q2ehF9_qP_UNuWQWK4p3NLM3cB3-Ioi_ivyIvvzNhOQvYOswZr7VoOI0kZfrQmFwLiXxv17kzykE5Q53-asyA5XqdUJUe501g08JILIL12MJGbQecBztGv6qKiTCOfSMIoGreegdk1NmMfviW9D5-wzkBw1s4IFtWWkC3fYmwG6wTHLTWrSEDnLLVhr3elGtUJuQP2G3AO6bO5SywEJEUJSwP_ITtVh_-_dezwIu2xnQcmY5pjyuSPunUMHug2V_akzb0is9upyRbWa3LbvHGL-OqgxyxrEzQVuA2iwI10VNwLEHMqKFNbpa5uu3Dx5ARW_IHjmpE0i2Gw9ypOpjWHqNlWu6mUnvHyPgSZhd6&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZccPaYf9Y5X7O4bSowPpyIa4Ab3U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJ4AIAqAMBqgTrAU_Q_eqpCbdzc3NfNiK6LZURdxCkta5GKRzhVspvyGnpeGZvnw38wWQksPxzfOkkUJ0NgThWJfeBzhopuqQ8u6zsQsbjT30xjtZ1VYM8mmVJteFUOTByh13o9d_yM3FMbUrn8gOeO-wpd0QZr99wCcPACHhM8JRq73olCSVtAjKAmYU6cPMuyIuLyUKGmF3MvjlV6GPQSRlePRhulowyKuA4hSkH0gmB66syXxeU2KJHQFCirVR2IRsOEfTl19GsdUpkk_gmkfMVaJr_T9xMiXMt-vXxCJKPNJtxBOxQcUlIvdwPyElYuDmS9HbgBAGABqKfrLr2poKSY6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3BzqZIosiaUFdiSiQsPqkJlBbrjQ%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90d86acebfdd00dc757ea4b78f92667172bc871ade3175c4dde4dd3ad69a7781
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:38 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 20 Feb 2023 17:59:52 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"63f3b518-b2d4"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
45780
expires
Fri, 23 Feb 2024 04:47:38 GMT
truncated
/ Frame 325F 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
024e07eb0a3f53098a85d87d5df3003465e427a8060c310a6fa2d69cff63f23d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
yv
beap-bc.yahoo.com/ Frame 855D 		43 B
768 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://beap-bc.yahoo.com/yv?sek=8637481164250994112:1677559655847&as=YAMPViewableImpressionPayload&av=2.19.0&kv=0&ea=1&ap=Np8rupzJHmYdzmuwtwqRjcslmSBDXpRzy3ScePhdKV1HmkPhO4c3aHkfnVPNe2i4LE5KJZgM3v0WrHMZe4ULS00rM7zJlmrqYbggMxdhPNPd2yeceu97PkX2GcwFPk8GYIDvzo_z5l2ULcmPiHj-oOGxZ0xZ_fha63JYKCd-e5w4GZu0ZPpUipLRgidnOd5dQCSYMr6hKJatw4QkJbcGHnGl9x74lX8DvAJ06dlMpZ49LjW5ImtnKC7vCVY9emG4BDCw_yTthst3KoJNHsYyV_rdZFTX5z9YVFbgbJEc35A&iv=100&v=1&m=2&r=1677559658446&im=1&b=100&ad=jv=1.0.261:vd=0:na=0:ed=1:tpv=:tp=1:mt=7
Requested by
Host: cdn.js7k.com
URL: https://cdn.js7k.com/rq/iv/inside.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2000:98:800::e6 , Taiwan, ASN38032 (YAHOO-HK2-AP internet content provider, HK),
Reverse DNS
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:38 GMT
strict-transport-security
max-age=31536000
accept-charset
utf-8
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
x-content-type-options
nosniff
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type
image/gif
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control
no-cache, private
content-length
43
x-xss-protection
1; mode=block
view
securepubads.g.doubleclick.net/pcs/ Frame 2858 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5lX43qzBqMaXmxGc5M9bFdqBW-hAIlKL5arVXODW8kQ3Zr6o84kxYqQqe3Wcg_PehR46JUXFDtZGqPR26i0f_30OaqnL-owIQgA1u-CeTacrkOleS-y_ZiFU-89la9uq4ANXMFAiFASkONJft0l8E5b5lVZLEjzCbgHUnvRTlWfKu9IgCHQt1jsDwdG4dOvR6eHSz4mM5XQDB_Ja-_9vO4dlv5EFuo6LD8tHYBIgsNih3xRgXm0uEzdp-oQMLk9NZxnHmV9qOJMAT9GxUsLZv3p8Ku_bGO_lvJlZGNb-ITv8jeq6GIrZAjTMl-1v9Phk7bqLIHOq6GtWsvhAugMEQ&sai=AMfl-YRrZfdwsDGoTYBwRR3T_-4rMYYnWlJozrFvm42B2EZaTohjT5lVfBOlvvLeuBIQOgemcCM460T_LT2nukHqh-nSK1szukSA6T9bhd4RMYv7IJyq4dwEWGy7iOPhhX-lgDAsl5nStSui4L1URGU&sig=Cg0ArKJSzFsjpqrmAJieEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 28 Feb 2023 04:47:38 GMT
all
csm.as.criteo.net/ Frame 6E8B 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=KgoFxkFj8ZQWIixjMM8tUK59WrQu9Q-pXYw7ilF6-TCnyfcKcbciBHHNBXguNNonDMgeH3A0nEe_h5uiVDUy99h4u_WOcuOaOEFHfEejnY9Q5nAx8tFjXZz7yJR6dPq4UrmhToLIraNTpn0wAmHeWixAdknIexAD0Eg1kWcHX_2bOZOIl1_DXRZhVhM9oq9SdtMwF-Evm_SkH0vs8W0OtOR50ez39fyYZLGecRRxgt-3Vzu4iqXTIagFAZXGGXVJSSug8g&sds=2&rev=84953&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_2HaQAO_ZUKaOkGAAGkaV4jMFizxAMdo8COmA&u=%7C6FcdCPACiwMbFixTyOVCArDnBg3VTiuGCbKgwxakNSg%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHFVqzVo_Eqe-eoQewzSOrrC24WLdcTehYhuzs-jGO9Ot3KO6NhQEI1OUgJZ8KNcvd7kUVqMbFKiKheImZ_xGe-pmAgzAwRONZOpeSTxvnm9rVwEWjajZo24ImpumRsrmUdORKcUhn1GcyHgog844tM4gBWaZdEoC350bdP_h6SfE_DjQ244pii5zQWhGOy8veHKkFOf02ABL32PtviryzFaL-zc9ITXGXFB8m7adt2sFJom3IPEGRFLh0q2ehF9_qP_UNuWQWK4p3NLM3cB3-Ioi_ivyIvvzNhOQvYOswZr7VoOI0kZfrQmFwLiXxv17kzykE5Q53-asyA5XqdUJUe501g08JILIL12MJGbQecBztGv6qKiTCOfSMIoGreegdk1NmMfviW9D5-wzkBw1s4IFtWWkC3fYmwG6wTHLTWrSEDnLLVhr3elGtUJuQP2G3AO6bO5SywEJEUJSwP_ITtVh_-_dezwIu2xnQcmY5pjyuSPunUMHug2V_akzb0is9upyRbWa3LbvHGL-OqgxyxrEzQVuA2iwI10VNwLEHMqKFNbpa5uu3Dx5ARW_IHjmpE0i2Gw9ypOpjWHqNlWu6mUnvHyPgSZhd6&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZccPaYf9Y5X7O4bSowPpyIa4Ab3U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJ4AIAqAMBqgTrAU_Q_eqpCbdzc3NfNiK6LZURdxCkta5GKRzhVspvyGnpeGZvnw38wWQksPxzfOkkUJ0NgThWJfeBzhopuqQ8u6zsQsbjT30xjtZ1VYM8mmVJteFUOTByh13o9d_yM3FMbUrn8gOeO-wpd0QZr99wCcPACHhM8JRq73olCSVtAjKAmYU6cPMuyIuLyUKGmF3MvjlV6GPQSRlePRhulowyKuA4hSkH0gmB66syXxeU2KJHQFCirVR2IRsOEfTl19GsdUpkk_gmkfMVaJr_T9xMiXMt-vXxCJKPNJtxBOxQcUlIvdwPyElYuDmS9HbgBAGABqKfrLr2poKSY6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3BzqZIosiaUFdiSiQsPqkJlBbrjQ%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 28 Feb 2023 04:47:38 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
privacy.svg
static.criteo.net/flash/icon/ Frame 6E8B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_2HaQAO_ZUKaOkGAAGkaV4jMFizxAMdo8COmA&u=%7C6FcdCPACiwMbFixTyOVCArDnBg3VTiuGCbKgwxakNSg%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHFVqzVo_Eqe-eoQewzSOrrC24WLdcTehYhuzs-jGO9Ot3KO6NhQEI1OUgJZ8KNcvd7kUVqMbFKiKheImZ_xGe-pmAgzAwRONZOpeSTxvnm9rVwEWjajZo24ImpumRsrmUdORKcUhn1GcyHgog844tM4gBWaZdEoC350bdP_h6SfE_DjQ244pii5zQWhGOy8veHKkFOf02ABL32PtviryzFaL-zc9ITXGXFB8m7adt2sFJom3IPEGRFLh0q2ehF9_qP_UNuWQWK4p3NLM3cB3-Ioi_ivyIvvzNhOQvYOswZr7VoOI0kZfrQmFwLiXxv17kzykE5Q53-asyA5XqdUJUe501g08JILIL12MJGbQecBztGv6qKiTCOfSMIoGreegdk1NmMfviW9D5-wzkBw1s4IFtWWkC3fYmwG6wTHLTWrSEDnLLVhr3elGtUJuQP2G3AO6bO5SywEJEUJSwP_ITtVh_-_dezwIu2xnQcmY5pjyuSPunUMHug2V_akzb0is9upyRbWa3LbvHGL-OqgxyxrEzQVuA2iwI10VNwLEHMqKFNbpa5uu3Dx5ARW_IHjmpE0i2Gw9ypOpjWHqNlWu6mUnvHyPgSZhd6&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZccPaYf9Y5X7O4bSowPpyIa4Ab3U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJ4AIAqAMBqgTrAU_Q_eqpCbdzc3NfNiK6LZURdxCkta5GKRzhVspvyGnpeGZvnw38wWQksPxzfOkkUJ0NgThWJfeBzhopuqQ8u6zsQsbjT30xjtZ1VYM8mmVJteFUOTByh13o9d_yM3FMbUrn8gOeO-wpd0QZr99wCcPACHhM8JRq73olCSVtAjKAmYU6cPMuyIuLyUKGmF3MvjlV6GPQSRlePRhulowyKuA4hSkH0gmB66syXxeU2KJHQFCirVR2IRsOEfTl19GsdUpkk_gmkfMVaJr_T9xMiXMt-vXxCJKPNJtxBOxQcUlIvdwPyElYuDmS9HbgBAGABqKfrLr2poKSY6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3BzqZIosiaUFdiSiQsPqkJlBbrjQ%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Feb 2024 04:47:38 GMT
placement_invocation
rock.defybrick.com/ Frame 2858 		48 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21e1:4200:1a:ba5c:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Caddy /
Resource Hash
620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 01:42:43 GMT
content-encoding
gzip
via
1.1 a43db2746d5ea9543e11897b6654f9b6.cloudfront.net (CloudFront)
server
Caddy
x-amz-cf-pop
HKG62-C1
age
11094
etag
"bf8f-sbLSqLgrhMmD0M6HbtAQ/QtX6WE"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=43200
content-length
18460
x-amz-cf-id
OyEPhOhDmoMd52gYGIaHi8sV3u8n8XoqmdeHIIeSmVJbsoDQx3lN6A==
expires
Tue, 28 Feb 2023 13:42:43 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6836 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6a1HaYf9Y5z8KMLFmsMPl9mqwA0AAAAAOAHgBAI&bg=!kpGlkcXNAAZYlHKzeJQ7ADkAdvg8WmDNoU6WaR1dkATYJxg7ZIZKi6Faha-qKnvF6YJZNsnHjMgq8FrJBNZKCD988V1hxVxQcr8CAAAA6FIAAAAEaAEHCgBtlfPzT9psSJLeu1UXWOaYPqm1JezRu4lgDgB_BCn-ePIARyFWesZNzVOGS6ueVIckSV7aGiaTJhCid-hU2f4GBimqx3a3Bb5dHy79jaULe9JqmMwIaovvSppA8TPIY0hjrvPKF4MHh7Hc2x9-L5kCtOVnG6Fa2aJAkXHU231D0MKF96x3oO8ix0QKe_uoLw7l7oMlE0VFS0hOa5iCFvRpeq5T4kHdBKAn4LhrZoaB1YRurmuKB61EEcpSaeMrLFSBFgIj4YpYuK9jhgYWRkoH6iTFzYSJJig-GsrOiq5qa6WG5jo3xif6V6j1lucza1b-VIIZR1TdEG-sy16afLI8O4pdbXxIsXAtYHqT0zL7AnjEcRmP5yjdKxDOP-BkHEW_zmlz1dp1LJVFAY593JPO_j2JFRv5noJv5QxUi4QyNCXM2QzJUztMxy9xMkB_VXuXhhJwy_SwEYdLvr83i7D2HxFgyN6fZbT0p2WFBtZakzpgVuYzARsvMF_v98eLN3k20augyNosnvktxV_JR_cy49-gjfwb6CqsKZjIXmMJSdtL2D4fkmmYHFsW08jN6A_RUwLrxjeCEYneNbzwgzVRiuqxca81cD4U9EtwxHKhFYOKSww7AlXNWE4S2-xA-ZRncXhCP8vDriSEn2sgT1RBCeNuUsoibOjebGs6ipBD-Lwal4qqKwdvnWxVzw3GtDGhGGh4D2IjE1MKk3fjaceCijDFMQW-o-xK92HCeSq-r3iBzHebL0R_M0TpEObUcp48P2yDXBAg0lPU7nsZcdHNjM9J0iwjKvr1j-6n7tYQZ3LlIrtkaRJgNz9Ba88F9WjdP9yM2Jit75ojCRpH6iQJK3wECtTpnEi8KFlAE6exJxvGLc56kPlAEWz-UA8uVxV1fx9jVKotAZVg0fczrr0g_LJcDDY5AeYj9L-mCkDCAMCZN1-yBP4S8gFQOCsOdc4p8IJIyqpSvrpMBhRsAIB8bDkkobrLFzGb1tRr8Box2bkxCOB2iL6LE3824NTja3I63bjQ1czoUoJqKnGl7WtyCZBB7qDPzB64GHhgauk8NsyhfEHk
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AA63 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BBGBqaYf9Y6CUKb7S4t4P2MyM0AYAAAAAOAHgBAI&bg=!WFulWw_NAAZYlHKzeJQ7ADkAdvg8Ws2WdlzyBg89-kh1cty6-sEdaMU_D5krj4daFDZ-m4SBQLZ639Yt6Yw4Hdwx0BlFeiuxlhMCAAAA3VIAAAADaAEHCgDC_iRKTYVsB_FUlAHsQUEwf3ctCfPeAo8s3yBrRITg_QOIlgF9IEUJW4SrC_Tlw8Kx-pODpuPVlrVqxenA9akNLrp_hNAZWygF_W6ljeBHsyFv6gaJFJprw7c5EDg6HBy7Ok5Qlg0qlws6-vOUX7FwieXDfjzOXCPn0AT6QrzbToulf8kI5iG6wUeJGh_FtWlHk0W2wucSf1X6Y2_l9neQ_pP95HaVt6obCPHKTR-g60Ii-xmLksarZ7ODOxlGjQp7iSOZArScHkOOCEIRlF4jzR2F7ZANQbVGEU0uvYeLd4XNpPgDRPsP5z8cScSmEpF34nVy0EzDDcmp8SCAyP9sPDfpi7hTpwdXZ10rwjcho0Ujw51oTFkfIMlRfXdbG0H8zogtkUR2dc0LxmcUAXEHgQB5I-2nYcOp24Amd6WVvK0QSpM4rGb8lfteoYm04I_Pq_rM7i8RKhMlsSYnUFpIx6m7sxDh_MjCyB3zceRi7TqpPxvFvLqCuiO_HaFJeMmrAgp8zLChe5G-qS3kMMfdKAhHQIngP2J0c_LGAj4_ObJI4GStqpTra_8kPeuDwFyufM6RVWVGc3An1DsGug_Jtrfc-9dPNWjefje1Ew0SQzYXFyRhrs1sF2yYIsk_mwajq5VMznBXDnucy3CAtWgjpgmW0wapaN7y56hamqJoAyh5huoyxJJYssqPmr0Vsgruo93hryA_CZXcVyZVC5FslBErzKrRD6HvBDOX5Tl1SMs5bvHbmyg4C8lG7gc9oP8MXdfvg_M5lkmIZ0nRzFf1AlnAuOkQ6wzyOMUp9nnM8Cb0nQnaqA36U94KffwqUo1w4LfsKWKAEoF1xIhVJGRgMDaklnS_Vzy0KPfOBpabKSDblDxBaVq1TDI7_vvjCKkNmQOuuGlbapfBC-gn4SN5zxUADb1FXn-RjNVijy4CRVNHhZU9EB0DxYBPSTIzJsb85bWJiwIjlEu8qbOQx_BymdQoSiqErNUwalWBzIL9CTgEUTVwzCFdSoyLO7h_sPIon_jtfO2TeRIT5W9st49Amyaztw-kETeF7C8o2-s-xOJecrYWKsJLDE6CAHmi9czzZOSHgwNfIvvEQcCH8e-0bnFx9eVT2cIlkBLv8_taH88YHQeeSwbMykX46St4BzDjxUApy_3cM_1XU89c9M5D9CZo4tNJpuOCGg
Requested by
Host: pastelink.net
URL: https://pastelink.net/o3zyl3g7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 855D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstDFhxfpy00Q2t2norUpbE2L_b1PwYJcVZgs3nSpL_Ja4awPNa_yo6-s-tq8yhd1X5BwynMobBEvyiOi3SY_12lQkG5-IgB&sig=Cg0ArKJSzDPMaCvO9TRdEAE&id=lidar2&mcvt=1001&p=0,0,250,300&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230227&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=635666931&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677559657100&rpt=498&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 855D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssPWiQRJL-yEU-9CZPXr6FXymrIBUVW6XWKP1zIs9HbRxKHYYW4_dTgGli324qTPMo-zHhMZke5WQ4D4OC8URWDnEE27o1JVmYTEmyZnjT0s0rW7OIr&sig=Cg0ArKJSzF7RD8yY7o-REAE&id=lidar2&mcvt=1003&p=313,310,567,610&mtos=0,1003,1003,1003,1003&tos=0,1003,0,0,0&v=20230227&bin=7&avms=nio&bs=1600,1200&mc=0.98&vu=1&app=0&itpl=19&adk=2603746535&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677559657100&rpt=494&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_pla
flint.defybrick.com/ Frame 2858 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flint.defybrick.com/show_pla?id=65349&url=https%3A%2F%2Fpastelink.net%2Fo3zyl3g7&sf=0&k=&idx=0&ch=&ext=&np=win32&nv=google%20inc.&rand=23205110827927726201151821167816832681358009682477081208501892621215&nc=0&tsf=0&tsfmi=&pv=0&cb=1677559658714&ref=&pit=1&hl=2&op=0&fs=300x250&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=2826626440&at=&bid=e30%3D&di=W1siZWYiLDkyMzRdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImludGVsIGluYy5c%0D%0AIixcInJcIjpcImludGVsIGlyaXMgb3BlbmdsIGVuZ2luZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNs%0D%0AIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndl%0D%0AYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwi%0D%0AYmVuXCI6OCxcIndnbFwiOjEsXCJncmVuXCI6XCJ3ZWJraXQgd2ViZ2xcIixcInNlZlwiOjMyMDI4%0D%0AODQzODksXCJzZWNcIjpcIlwifSJdLFszNywiWzMzMTYyMjQwNDksZnVuY3Rpb24obmV3VmFsdWUp%0D%0AIHtcbiAgICAgICAgICAgICAgYWRkQ29udGVudFdpbmRvd1Byb3h5KHRoaXMpXG4gICAgICAgICAg%0D%0AICAgIC8vIFJlc2V0IHByb3BlcnR5LCB0aGUgaG9vayBpcyBvbmx5IG5lZWRlZCBvbmNlXG4gICAg%0D%0AICAgICAgICAgIE9iamVjdC5kZWZpbmVQcm9wZXJ0eShpZnJhbWUsICdzcmNkb2MnLCB7XG4gICAg%0D%0AICAgICAgICAgICAgY29uZmlndXJhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB3cml0YWJs%0D%0AZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgdmFsdWU6IF9zcmNkb2NcbiAgICAgICAgICAgICAg%0D%0AfSlcbiAgICAgICAgICAgICAgX2lmcmFtZS5zcmNkb2MgPSBuZXdWYWx1ZVxuICAgICAgICAgICAg%0D%0AfV0iXSxbLTEsIi0iXSxbLTIsIjgsZVlHOVgxL1gxdFpsUzIyZDUxeDhZTlk5TXhKUUVNQ2RVQkhK%0D%0ATDg2TDIzQUNHVWhCSXdJU1NFRUFjSUpmUmVBZ1FJRUZvSW5kQ3h3UVhqaG8yNzE5Nm1Nak92L3I4%0D%0ANzB1eHFGeCJdLFstMywiW1wiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwibWhqZmJtZGdjZmpiYnBh%0D%0AZW9qb2ZvaG9lZmdpZWhqYWlcIixcImludGVybmFsLW5hY2wtcGx1Z2luXCJdIl0sWy00LCItIl0s%0D%0AWy01LCItIl0sWy02LCItIl0sWy03LCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFst%0D%0AMTEsIntcInRcIjpcIlwiLFwibVwiOltcIm9nOnRpdGxlXCIsXCJkZXNjcmlwdGlvblwiLFwib2c6%0D%0AZGVzY3JpcHRpb25cIl19Il0sWy0xMiwibnVsbCJdLFstMTMsIi0iXSxbLTE0LCJ7XCJvXCI6MC4y%0D%0AfSJdLFstMTUsIi0iXSxbLTE2LCIwIl0sWy0xNywiNCJdLFstMTgsIlswLDAsMCwxXSJdLFstMTks%0D%0AIlswLDAsMCwwLDAsMCwxLDI0LDI0LFwiLVwiLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAw%0D%0ALDMwMCwyNTAsMCwwLDAsMCxcIi1cIixcIi1cIl0iXSxbLTIwLCIxNTczNjczMDIyLjE2Nzc1NTk2%0D%0ANTUiXSxbLTIxLCItIl0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFstMjMsIisiXSxbLTI0LCJbXSJd%0D%0ALFstMjUsIi0iXSxbLTI2LCJ7XCJ0amhzXCI6Mjk0MDAwMDAsXCJ1amhzXCI6MTgyMDAwMDAsXCJq%0D%0AaHNsXCI6Mzc2MDAwMDAwMH0iXSxbLTI3LCJbMCw5LjQsMCxcIjRnXCIsbnVsbF0iXSxbLTI4LCJl%0D%0Abi1VUyxlbiJdLFstMjksIntcInZcIjpbMiwyLDIsMiwwLDAsMCwyLDAsMiwwLDIsMCwwLDIsMiwy%0D%0ALDIsMF19Il0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCItIl0sWy0zMywi%0D%0ALSJdLFstMzQsIi0iXSxbLTM1LCJbMTY3NzU1OTY1ODY5MCwwXSJdLFstMzYsIltcIjQvM1wiLFwi%0D%0ANC8zXCJdIl0sWy0zNywiLTEwOS02Ni03MC0iXSxbLTM4LCJjLC0xLC0xLC0xNjc3NTU5NjU4MDQx%0D%0ALDAsMCwwLDAsMCwxNjc3NTU5NjU4MDQ2LDAsMCwyMzQuNCwyMzQuNCw2NTEsNjUyIl0sWy0zOSwi%0D%0AW1wiMjAwMzAxMDdcIiw0LFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsbnVsbCxu%0D%0AdWxsLHRydWUsOCxmYWxzZSxudWxsLDNdIl0sWy00MCwiMzMiXSxbLTQxLCItIl0sWy00MiwiMTcy%0D%0ANDI5NzY1MyJdLFstNDMsIjAwMDAwMDAxMDEwMDAwMDEwMDExMTAxMTAwIl0sWy00NCwiMCwwLDAs%0D%0ANSJdLFstNDUsIi0iXSxbLTQ2LCIwIl0sWy00NywiRXRjL1Vua25vd24sZW4tVVMsbGF0bixncmVn%0D%0Ab3J5Il0sWy00OCwiMCwwIl0sWy00OSwiLSJdLFsiYm5jaCIsNjRdXQ%3D%3D&tsfu=&fst=1600x1200&dep=1&cpos=%5B%7B%22x%22%3A0%2C%22y%22%3A0%2C%22w%22%3A300%2C%22h%22%3A0%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22x%22%3A512%2C%22y%22%3A2838%2C%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=N1iZwLwag1&sdd=%7B%7D&pto=677&ao=https%3A%2F%2Fpastelink.net&aol=1
Requested by
Host: rock.defybrick.com
URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd04:9b88:a313:d24d:af44 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
746a537339fc5045e13cfd4ea61bfb967cfc00d9c7ca7eda89fb50ef8a54d7c1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/javascript
pragma
no-cache
date
Tue, 28 Feb 2023 04:47:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
3077
expires
Fri, 01 Jan 1990 00:00:00 GMT
yv
beap-bc.yahoo.com/ Frame 2D0B 		43 B
78 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://beap-bc.yahoo.com/yv?sek=2523659764204880234:1677559655851&as=YAMPViewableImpressionPayload&av=2.19.0&kv=0&ea=1&ap=-snswgn6hBrwSgDsusAOCai6dCR-VsR1Fl3M2_P-Sb1BmfNpKLo8DyRPRum7YFB_RCsF0DWWBj3yWSSRCif9bIhriW3ihpYEyX5O-z8P38y08d9HrBdofPvvZh2oz5zO7_PoKdR-nYocYeqaUwWeozPmNepfjZoXPiBD0LtvIylckFzwJt1JsUmXQEqXNEmeotRFQuZ-OoXgL3yJytdJVdWuFyNb6RJxoMgdifRzUkGg47TY6RINl1jLFuzyjjT9eGeqI7nazyXQuY-AkkYnVapSKR3cwOZui3AjosxHm_I&iv=100&v=1&m=2&r=1677559658919&im=1&b=100&ad=jv=1.0.261:vd=0:na=0:ed=1:tpv=:tp=1:mt=7
Requested by
Host: cdn.js7k.com
URL: https://cdn.js7k.com/rq/iv/inside.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2000:98:800::e6 , Taiwan, ASN38032 (YAHOO-HK2-AP internet content provider, HK),
Reverse DNS
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:38 GMT
strict-transport-security
max-age=31536000
accept-charset
utf-8
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
x-content-type-options
nosniff
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type
image/gif
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control
no-cache, private
content-length
43
x-xss-protection
1; mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame 2D0B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssQlHzO5Pww9VL8aJRHbRKT3Mlf5t6Wdi_mUclmGdpGB_TLRLFdJj7YBPHXHN7dLDcx0sT3QaKx4AvtTGp03iok6C42ct-O&sig=Cg0ArKJSzAnWLfJujRAFEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230227&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=635666931&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677559657285&rpt=678&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2D0B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssTXUTUZ_ND5eWHRUXITlddCFdpdW-ZAGZAvVj33nNXJhXYvfzBGPaGl2hpKQhcm0SifVM9t4kYTcqgHG_QHTZFpZI4BNEzxSLKlQxhUPkyASQ1Akwk&sig=Cg0ArKJSzMB4maBtJsrjEAE&id=lidar2&mcvt=1001&p=812,513,1066,813&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20230227&bin=7&avms=nio&bs=1600,1200&mc=0.98&vu=1&app=0&itpl=19&adk=245733266&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677559657285&rpt=675&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dwce_cheq_events
log.outbrainimg.com/loggerServices/ Frame 2858 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1677559658988&sessionId=f02b76ef-ff6e-4649-b458-2b3f08fe4421&url=pastelink.net&cheqSource=1&cheqEvent=0&exitReason=3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.225.223.95 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 04:47:39 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
8d484b030949fd88224330100d3369ee
Content-Length
4
Expires
0
get
odb.outbrain.com/utils/ Frame 2858 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fpastelink.net%2Fo3zyl3g7&idx=0&rand=12642&key=NANOWDGT01&widgetJSId=AR_1&va=true&et=true&format=html&adblck=false&abwl=false&clid=f02b76ef-ff6e-4649-b458-2b3f08fe4421&fdu=pastelink.net&px=0&py=0&vpd=0&cw=300&activeTab=true&ab=0&wl=0&settings=true&recs=true&version=2010194&sig=oXwSNKqJ&apv=false&&osLang=en-US&winW=300&winH=250&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&iframe=true&chs=1&ref=https%3A%2F%2Fpastelink.net%2Fo3zyl3g7&ogn=https%3A%2F%2Fpastelink.net%2Fo3zyl3g7
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.46.132 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
97a855ebf67e1d2a8f41f220f6afbb02ce6f00d6f8c59c9c341a3da83acb4cbf

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Tue, 28 Feb 2023 04:47:39 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
traffic-path
SADC1, SJC, QPG, APAC1
x-cache
MISS, MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
x-traceid
cf9824350e2d400bba6ddd2fef841899
content-length
2061
x-served-by
cache-sjc10072-SJC, cache-qpg1244-QPG
pragma
no-cache
x-timer
S1677559659.100572,VS0,VE220
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
cache-control
no-cache
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
test.html
widgets.outbrain.com/nanoWidget/externals/obUserFrame/ Frame 2A05 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obUserFrame/test.html?lsd=176b62de-65b5-446e-84cc-4e18121a1a1f
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.241.105 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-241-105.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
45f0f27fb78191006375051ee3046fae3105b652d11680432511cba61b32c330

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-encoding
gzip
content-length
686
content-type
text/html
date
Tue, 28 Feb 2023 04:47:39 GMT
etag
"1e015194a0e596827cb8971f884eb43c:1677492923.683462"
expires
Tue, 07 Mar 2023 04:47:39 GMT
last-modified
Mon, 27 Feb 2023 09:35:56 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
put.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 4D7B 		416 B
753 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.241.105 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-241-105.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-length
416
content-type
text/html
date
Tue, 28 Feb 2023 04:47:39 GMT
etag
"c0311cf15c21ddda054005e92fad3f9e:1677492920.885047"
expires
Tue, 07 Mar 2023 04:47:39 GMT
last-modified
Mon, 27 Feb 2023 09:35:56 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ Frame 2858 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=b93a823b5bcbee5557575affe54713f0&pvId=b93a823b5bcbee5557575affe54713f0&sid=8304254&pid=113125&idx=0&wId=100&pad=0&org=0&tm=999&eT=0&widgetWidth=300&widgetHeight=0&widgetX=0&widgetY=0&wRV=2010194&pVis=0&lsd=176b62de-65b5-446e-84cc-4e18121a1a1f&eIdx=&cheq=2&rtt=334&oo=false&lo=256&odbreq=949&odbres=1283&cet=4g&to=1677559658041&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.225.223.95 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 04:47:39 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
ca9310b03d0d2b3940d2d649e5b4252a
Content-Length
4
Expires
0
obUserSync.html
widgets.outbrain.com/widgetOBUserSync/ Frame 479A 		19 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.241.105 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-241-105.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9a989106fc47c155cd266905e8ed02b593b6f617a4fcb034a5c36eb15514beff

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-encoding
gzip
content-length
6020
content-type
text/html
date
Tue, 28 Feb 2023 04:47:39 GMT
etag
"4ae5cc90d64a24f34b8cd677a2a407e7:1677400048.661814"
expires
Tue, 07 Mar 2023 04:47:39 GMT
last-modified
Sun, 26 Feb 2023 08:19:54 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
test.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 4D7B 		610 B
946 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.241.105 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-241-105.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

Referer
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-length
610
content-type
text/html
date
Tue, 28 Feb 2023 04:47:39 GMT
etag
"48053d50141031b1511dbd30f9a31288:1677492921.656458"
expires
Tue, 07 Mar 2023 04:47:39 GMT
last-modified
Mon, 27 Feb 2023 09:35:56 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
ddp
pippio.com/api/sync/ Frame 479A
Redirect Chain
  • https://idsync.rlcdn.com/420046.gif?partner_uid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N
  • https://idsync.rlcdn.com/1000.gif?memo=CM7RGRJMCkgIARC-ngEaQGFrN2ZSODlkaFh0YzdMS0lpeURaQ0xYNHVSVW91ellGNUU3Z2YyZkFUVEhEU01YeFJUWVdoSmhGdG1jZUFkNE4QABoNCOuO9p8GEgUI6AcQAEIASgA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=0e24e4ec0f6f37114e0b4519acd0939857a974830ee8035af7c1a82ad4d3a763791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAwZTI0ZTRlYzBmNmYzNzExNGUwYjQ1MTlhY2QwOTM5ODU3YTk3NDgzMGVlODAzNWFmN2MxYTgyYWQ0ZDNhNzYzNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAwZTI0ZTRlYzBmNmYzNzExNGUwYjQ1MTlhY2QwOTM5ODU3YTk3NDgzMGVlODAzNWFmN2MxYTgyYWQ0ZDNhNzYzNzkxNDI2YjU0MTdkY2UyMRAAGgwI6472nwYSBAgCEABCAEoA&goog...
0
0
/
b1sync.zemanta.com/usersync/outbrain/ Frame 479A 		0
0
cookie-sync
sync.outbrain.com/ Frame 479A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N&gdpr=0&gdpr_consent=&us_privacy=1---&ini...
  • https://sync.outbrain.com/cookie-sync?p=appnexus&uid=7998148270748583470&obUid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
0
0
demconf.jpg
dpm.demdex.net/ Frame 479A
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=133726&dpuuid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N&gdpr=0&gdpr_pd=1&gdpr_consent=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N&gdpr=0&gdpr_pd=1&gdpr_consent=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N&gdpr=0&gdpr_pd=1&gdpr_consent=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
13.250.187.106 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-apse-2-v043-0fa4601c8.edge-apse.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
AXLC9+BjR0Q=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-apse-1-v043-0b35213b9.edge-apse.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
h91rdbuSSHw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N&gdpr=0&gdpr_pd=1&gdpr_consent=
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
set
sync-jp.im-apps.net/imid/ Frame 479A 		43 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-jp.im-apps.net/imid/set?cid=1000047&tid=obid&uid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.223.18.115 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 28 Feb 2023 04:47:39 GMT
Cache-Control
private, max-age=3000
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cookie-sync
sync.outbrain.com/ Frame 479A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://sync.outbrain.com/cookie-sync?p=ttd&uid=8617581c-fe7a-45a1-88ea-d9c42be8be2e&gdpr=0&gdpr_consent=
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=ttd&uid=8617581c-fe7a-45a1-88ea-d9c42be8be2e&gdpr=0&gdpr_consent=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
66.225.223.95 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 28 Feb 2023 04:47:40 GMT
Cache-Control
no-cache
X-TraceId
b529302ee8620f7083e0112a0c5d0fca
Content-Length
0

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:39 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.outbrain.com/cookie-sync?p=ttd&uid=8617581c-fe7a-45a1-88ea-d9c42be8be2e&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
241
usermatch.gif
beacon.krxd.net/ Frame 479A 		0
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=outbrain&partner_uid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.225.201.131 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
beacon-n005-pdx-prod.krxd.net
date
Tue, 28 Feb 2023 04:47:39 GMT
cache-control
private, no-cache, no-store
x-request-time
D=24 t=1677559659
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
g.pixel
aa.agkn.com/adscores/ Frame 479A 		43 B
657 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212295978&puid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.18.100 -, , ASN (),
Reverse DNS
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:39 GMT
via
1.1 acfb1cd944f7bc93838f5d68a454df62.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
HKG62-C2
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
QxLgyB-JBO-5dhnYrUORtg8XPxGrxTreKDkt0QidZ2ICUDqzADoGHg==
expires
0
sync
rtb.mfadsrvr.com/ul_cb/ Frame 479A
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=outbrain&ssp_user_id=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=outbrain&ssp_user_id=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N
0
0
cookie-sync
sync.outbrain.com/ Frame 479A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=outbrain&user_id=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent=
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Doutb...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=b1513c181bab46b7ad1130098277c525&ssp=outbrain&bsw_param=e119dc05-085a-4847-8297-b3a8107c30a2&gdpr=0&consent=&gdpr_pd=1&expires=7
  • https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=e119dc05-085a-4847-8297-b3a8107c30a2&gdpr=0&gdpr_consent=&gdpr_pd=1&us_privacy=
0
0
usersync.aspx
dis.criteo.com/dis/ Frame 479A 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcriteo%26obUid%3Dak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob%26uid%3D%40%40CRITEO_USERID%40%40
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:39 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
312575
expires
Tue, 28 Feb 2023 00:00:00 GMT
bswsync
crb.kargo.com/api/v1/ Frame 479A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&google_dbm
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEPnHN6Yx5peaQ2ucuFLMlUw&google_cver=1
  • https://crb.kargo.com/api/v1/bswsync?bsw_uuid=e119dc05-085a-4847-8297-b3a8107c30a2&dsp_uuid=&dsp_id=&krg_ids=&gdpr=&gdpr_consent=&us_privacy=
0
0
cookie-sync
sync.outbrain.com/ Frame 479A
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=25&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7205063872508131479&gdpr=0&gdpr_consent=
0
0
match
ps.eyeota.net/ Frame 479A
Redirect Chain
  • https://ps.eyeota.net/match?bid=1mpn7m0&uid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N
  • https://ps.eyeota.net/match/bounce/?bid=1mpn7m0&uid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MnZjUzZnUDF6MGttN1pMVW9yWHpSZmZMRHQ5Y2lmdUt6TXhfQnczM1JPV3c&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&...
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=1mpn7m0&google_gid=CAESEFdrshrplJTc6_0sWFScc3I&google_cver=1
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26dc_rc%3D2%26dc_mr%3D5%26dc_orig%3D1mpn7m0%26
  • https://ps.eyeota.net/match?uid=7998148270748583470&bid=2cr76e1&dc_rc=2&dc_mr=5&dc_orig=1mpn7m0&
  • https://i.w55c.net/ping_match.gif?st=EYEOTA&rurl=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D9sn4omv%26uid%3D_wfivefivec_%26newuser%3D1%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D1mpn7m0%26
  • https://pm.w55c.net/ping_match.gif?scc=1&st=EYEOTA&rurl=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D9sn4omv%26uid%3D_wfivefivec_%26newuser%3D1%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D1mpn7m0%26
  • https://ps.eyeota.net/match?bid=9sn4omv&uid=0HbQZVuT1PwRTR5&newuser=1&dc_rc=3&dc_mr=5&dc_orig=1mpn7m0&
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=4&dc_mr=5&dc_orig=1mpn7m0&
  • https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=2880075393854299393&newuser=1&dc_rc=4&dc_mr=5&dc_orig=1mpn7m0&
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/match?uid=8617581c-fe7a-45a1-88ea-d9c42be8be2e&bid=1e2n4ou
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=8617581c-fe7a-45a1-88ea-d9c42be8be2e&bid=1e2n4ou
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
18.141.109.184 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Date
Tue, 28 Feb 2023 04:47:40 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:39 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ps.eyeota.net/match?uid=8617581c-fe7a-45a1-88ea-d9c42be8be2e&bid=1e2n4ou
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
191
ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N
id.geistm.com/m/OB/ Frame 479A 		0
0
cookie-sync
sync.outbrain.com/ Frame 479A
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=outbrain&obUid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
  • https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=e9IEjN0e608AkFlPRvOk&pi=outbrain&obUid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N&gdpr=0&gdpr_consent=&us_privacy=1---&ini...
0
0
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 479A 		0
0
tpid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N
sync.crwdcntrl.net/map/c=14516/tp=OBRN/ Frame 479A 		49 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=14516/tp=OBRN/tpid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.34.179 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:39 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.12.183
content-length
49
expires
0
adsct
analytics.twitter.com/i/ Frame 479A
Redirect Chain
  • https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N
  • https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N&xl8blockcheck=1
  • https://analytics.twitter.com/i/adsct?p_user_id=026502c72fcae0acb1aaae729eed0231&p_id=28539
0
0
cookie-sync
sync.outbrain.com/ Frame 479A
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3Dak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHD...
  • https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=Y_2Han7pZgUREwcC7NCsAgAAEuYAAAAB&obUid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N&gdpr=0&gdpr_consent=&us_privacy=1---&ini...
0
0
pubmatic
um.simpli.fi/ Frame 479A
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=-1&gdpr_consent=PM_CONSENT
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=-1&gdpr_consent=PM_CONSENT&piggybackCookie=CAESEFZ0OL3bTePz0Udc5QlY-ZI&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=PM_CONSENT
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=PM_CONSENT
43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=PM_CONSENT
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Server
34.124.209.251 , Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.209.124.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:39 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 27 Feb 2023 04:47:39 GMT

Redirect headers

location
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=PM_CONSENT
date
Tue, 28 Feb 2023 04:47:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
217
content-type
text/html; charset=utf-8
cookie-sync
sync.outbrain.com/ Frame 479A
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob%26...
  • https://sync.outbrain.com/cookie-sync?p=openx&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&obUid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N&uid=64e31ff1-2d5c-452c-b8b1-13...
0
0
occ
ups.analytics.yahoo.com/ups/58523/ Frame 479A 		0
0
um
cs.emxdgt.com/ Frame 479A 		0
0
server_match
ice.360yield.com/ Frame 479A 		0
0
/
s.ad.smaato.net/c/ Frame 479A 		0
0
sync
ssbsync.smartadserver.com/api/ Frame 479A 		0
0
c.gif
c.bing.com/ Frame 479A 		42 B
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?red3=MSOB_pd&uid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:39 GMT
last-modified
Fri, 17 Feb 2023 00:56:25 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 66DA3E57DD73451FA08A5B9F73ABC12E Ref B: SIN30EDGE0505 Ref C: 2023-02-28T04:47:39Z
etag
"625d0a86a42d91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
services
sync.technoratimedia.com/ Frame 479A 		0
0
711945.gif
id.rlcdn.com/ Frame 479A 		0
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 479A 		0
0
cookie-sync
sync.outbrain.com/ Frame 479A
Redirect Chain
  • https://cms.quantserve.com/pixel/p-cxanv6hYFn1kw.gif?idmatch=0&obUid%3Dak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://sync.outbrain.com/cookie-sync?p=quantcast&gdpr=0&initiator=ob&uid=oKwwtK6oYOm7pzO1pqd7taarb-K7-mDlo_4LcD9O
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=quantcast&gdpr=0&initiator=ob&uid=oKwwtK6oYOm7pzO1pqd7taarb-K7-mDlo_4LcD9O
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
66.225.223.95 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 28 Feb 2023 04:47:40 GMT
Cache-Control
no-cache
X-TraceId
8df58e9af57be660c1cf2151ad0b5b73
Content-Length
0

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:39 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://sync.outbrain.com/cookie-sync?p=quantcast&gdpr=0&initiator=ob&uid=oKwwtK6oYOm7pzO1pqd7taarb-K7-mDlo_4LcD9O
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 479A 		0
0
outbrain
trace.mediago.io/cs/ Frame 479A 		0
0
9.gif
id5-sync.com/s/164/ Frame 479A 		0
0
sync
t.adx.opera.com/pub/ Frame 479A 		0
0
m.js
cheqzone.b-cdn.net/ Frame 2858 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheqzone.b-cdn.net/m.js?v=30
Requested by
Host: rock.defybrick.com
URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1500::868:1 -, , ASN (),
Reverse DNS
Software
BunnyCDN-SG1-868 /
Resource Hash
b14463d5ba2d89151d1e1c0913eae5f190f4b64703726e682d43d1ac2b97edde

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:39 GMT
content-encoding
br
cdn-edgestorageid
868
cdn-storageserver
DE-167
cdn-cachedat
01/22/2023 00:25:34
cdn-pullzone
47782
last-modified
Sun, 01 Mar 2020 11:55:08 GMT
server
BunnyCDN-SG1-868
cdn-fileserver
56
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"5e5ba29c-2970"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
2642aeaf-0ebf-4c43-9f87-c153981605b2
cache-control
public, max-age=43200
cdn-requestid
0fd649ce222f84f05c27b0ac26c37dd0
cdn-requestcountrycode
SG
cdn-status
200
cdn-requestpullsuccess
True
dwce_cheq_events
log.outbrainimg.com/loggerServices/ Frame 2858 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1677559659450&sessionId=f02b76ef-ff6e-4649-b458-2b3f08fe4421&url=pastelink.net&cheqSource=1&cheqEvent=2&responseTime=963
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.225.223.95 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 04:47:39 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
590f3861419ac58b1165b8a2c5691131
Content-Length
4
Expires
0
imp.gif
flint.defybrick.com/tracker/ Frame 2858 		43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flint.defybrick.com/tracker/imp.gif?e=37dfbd8ee84e00136de9c230e3418f949225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163343714593d65632f478afeed6e3471ebd49debd39e820d861c45085052aae2d05f91e46042cc95b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c1250616e9656ca0990a63ecc89825d957bd1fad811bc551c8c96dd82a77c3d835d2779186bdfbdebde61e22f72db4bda9215061bfda6698e616e111470983585fd0d5c38681eb923bce6a88de93a349cd5c5513a2377ac493c71e7382e920a807b7c41ac271f479431103cf66bf57d8c6fa2aefd5638752a798ccd527d619566eec48135d7545778ba064a208d99d9f3fabcf60a8d0629a84eebe25dcfea74f617d99e4520483e6471a12faacba0da72687eb5ee8fc2db07abc32965ac809d4ad39db0721e4af8e7b3c39641f37085a17b6fc8a6cd06fab571d5123ead738cd840a5eecb2dea6ae2993ffeef89aeaeca4090969b934d9f3072ada1d3209dd271f3439ea69ec360bc8eb8c&cb=1677559659449&cri=N1iZwLwag1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd04:9b88:a313:d24d:af44 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
date
Tue, 28 Feb 2023 04:47:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
activeview
pagead2.googlesyndication.com/pcs/ Frame 325F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvk6pxDiAf3mvOM11l0udwkNy2C-VZwPWzESQLok0T2RvXaom8vwP-4FJe1_g9hKko0yQq42ASEi5XOkeU7YpYkURc&sig=Cg0ArKJSzKhAcgQHbXmtEAE&id=lidar2&mcvt=1009&p=521,1071,1121,1231&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&v=20230227&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3854452215&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677559658209&rpt=220&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.as.criteo.net/ Frame 6E8B 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=KgoFxkFj8ZQWIixjMM8tUK59WrQu9Q-pXYw7ilF6-TCnyfcKcbciBHHNBXguNNonDMgeH3A0nEe_h5uiVDUy99h4u_WOcuOaOEFHfEejnY9Q5nAx8tFjXZz7yJR6dPq4UrmhToLIraNTpn0wAmHeWixAdknIexAD0Eg1kWcHX_2bOZOIl1_DXRZhVhM9oq9SdtMwF-Evm_SkH0vs8W0OtOR50ez39fyYZLGecRRxgt-3Vzu4iqXTIagFAZXGGXVJSSug8g&sds=2&rev=84953&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_2HaQAO_ZUKaOkGAAGkaV4jMFizxAMdo8COmA&u=%7C6FcdCPACiwMbFixTyOVCArDnBg3VTiuGCbKgwxakNSg%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHFVqzVo_Eqe-eoQewzSOrrC24WLdcTehYhuzs-jGO9Ot3KO6NhQEI1OUgJZ8KNcvd7kUVqMbFKiKheImZ_xGe-pmAgzAwRONZOpeSTxvnm9rVwEWjajZo24ImpumRsrmUdORKcUhn1GcyHgog844tM4gBWaZdEoC350bdP_h6SfE_DjQ244pii5zQWhGOy8veHKkFOf02ABL32PtviryzFaL-zc9ITXGXFB8m7adt2sFJom3IPEGRFLh0q2ehF9_qP_UNuWQWK4p3NLM3cB3-Ioi_ivyIvvzNhOQvYOswZr7VoOI0kZfrQmFwLiXxv17kzykE5Q53-asyA5XqdUJUe501g08JILIL12MJGbQecBztGv6qKiTCOfSMIoGreegdk1NmMfviW9D5-wzkBw1s4IFtWWkC3fYmwG6wTHLTWrSEDnLLVhr3elGtUJuQP2G3AO6bO5SywEJEUJSwP_ITtVh_-_dezwIu2xnQcmY5pjyuSPunUMHug2V_akzb0is9upyRbWa3LbvHGL-OqgxyxrEzQVuA2iwI10VNwLEHMqKFNbpa5uu3Dx5ARW_IHjmpE0i2Gw9ypOpjWHqNlWu6mUnvHyPgSZhd6&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZccPaYf9Y5X7O4bSowPpyIa4Ab3U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJ4AIAqAMBqgTrAU_Q_eqpCbdzc3NfNiK6LZURdxCkta5GKRzhVspvyGnpeGZvnw38wWQksPxzfOkkUJ0NgThWJfeBzhopuqQ8u6zsQsbjT30xjtZ1VYM8mmVJteFUOTByh13o9d_yM3FMbUrn8gOeO-wpd0QZr99wCcPACHhM8JRq73olCSVtAjKAmYU6cPMuyIuLyUKGmF3MvjlV6GPQSRlePRhulowyKuA4hSkH0gmB66syXxeU2KJHQFCirVR2IRsOEfTl19GsdUpkk_gmkfMVaJr_T9xMiXMt-vXxCJKPNJtxBOxQcUlIvdwPyElYuDmS9HbgBAGABqKfrLr2poKSY6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3BzqZIosiaUFdiSiQsPqkJlBbrjQ%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 28 Feb 2023 04:47:38 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
get
idrs.adtelligent.com/ Frame 		0
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpastelink.net%2F&domain=pastelink.net&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::9 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://pastelink.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 28 Feb 2023 04:47:39 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
265377
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
get
idrs.adtelligent.com/ 		0
0
/
id.a-mx.com/sync/ 		131 B
784 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.a-mx.com/sync/?tagId=&ref=null&u=https://pastelink.net/o3zyl3g7&v=7.35.0&vg=advpbjs&us_privacy=null&gdpr=0&gdpr_consent=
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9a47 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
a02019cb9cade35408f7d3cfec607b1a24b753fad5c053de28a7c309b3e697e2

Request headers

Referer
https://pastelink.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Feb 2023 04:47:39 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bwxNertc4%2FQ8bZJ1PWMZVU0e5SPSHL6WqkIalZVisoY%2BhANcGUjyrtfdsnZX7E5YYweD0qJhqLc%2FrqnpWhiH8dDAJPVKE2QN1TdoNbovZ28CoDkp1kCi%2F2emOguZeqxTJ6MdYp0lwx2jwA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,OPTIONS
access-control-allow-origin
*
content-type
application/json
cache-control
private,max-age=3600
access-control-allow-credentials
true
cf-ray
7a068600f9154943-SIN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpastelink.net%2F&domain=pastelink.net&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=yIleLXxHQTFhK1IxUkVud1NNTE5seHh6cklwRmE0eG44RWxMYVJoYnRLVko3ditSaEJoQ1htaE4wQ1ljSTBMdTMvVXdpQmU1UytNT0NSMXNQUVowdVBuWWFlYUhiRWxNZzk0WjFaNnU4ekhsVjBPWjlnbDMzSmJ0cTBXV3...
362 B
662 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=yIleLXxHQTFhK1IxUkVud1NNTE5seHh6cklwRmE0eG44RWxMYVJoYnRLVko3ditSaEJoQ1htaE4wQ1ljSTBMdTMvVXdpQmU1UytNT0NSMXNQUVowdVBuWWFlYUhiRWxNZzk0WjFaNnU4ekhsVjBPWjlnbDMzSmJ0cTBXV3hEak4zdU9SRGNMZlhzZDFMY3FOMlFtQzA4bnUwWVIvME5Lb0g4RXBZQnkwbEdXRXY5TzRtR1FXR25aaTZPOGJoV21tRHV6blRTdTF0b2FobFlJcS9wZlR4Y0xjTEtYZjIrZkxZSEUrV0ZpVm12Y2JBNnB3PXw&cppv=2
Protocol
H2
Server
182.161.73.136 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
9c5511e8a28cc28738945dc57b00c9a659bb926f970e89bfa1e287178e305a90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:38 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1501652
expires
0

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:39 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=yIleLXxHQTFhK1IxUkVud1NNTE5seHh6cklwRmE0eG44RWxMYVJoYnRLVko3ditSaEJoQ1htaE4wQ1ljSTBMdTMvVXdpQmU1UytNT0NSMXNQUVowdVBuWWFlYUhiRWxNZzk0WjFaNnU4ekhsVjBPWjlnbDMzSmJ0cTBXV3hEak4zdU9SRGNMZlhzZDFMY3FOMlFtQzA4bnUwWVIvME5Lb0g4RXBZQnkwbEdXRXY5TzRtR1FXR25aaTZPOGJoV21tRHV6blRTdTF0b2FobFlJcS9wZlR4Y0xjTEtYZjIrZkxZSEUrV0ZpVm12Y2JBNnB3PXw&cppv=2
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
683774
content-length
0
expires
0
prebid
id5-sync.com/api/config/ 		0
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame DC95 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.240.199 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 28 Feb 2023 04:47:39 GMT
ETag
"623de86a-cf34"
Expires
Wed, 01 Mar 2023 04:47:41 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
sspmatch-iframe
ads.betweendigital.com/ Frame 608D 		604 B
783 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.195.121.141 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
bc3bf758c71142120a4978067618f7361107499f07a06650cb958ad7a0283a3d

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
604
content-type
text/html
sync-all.html
adxbid.info/ Frame A584 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5dd2 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e5483b471efb54b215576c0695bcce703c62385a7e78c268e058d7fe43a94fbd

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7a068600f9526ba5-SIN
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 28 Feb 2023 04:47:39 GMT
last-modified
Thu, 26 Jan 2023 09:50:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M7fS0D3MWURl9mhU0dpyCAFibYxC0vbILuUsYDLyc51rAzrG76rSemLOZPoOWyIIkyyuzbIl%2BBOhh34TAImaZYGjXQMsq4i95NSpo1yZbQm5LIeY83PpSgXwqVajTXzdzFMen2ikl5u21w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
checksync.php
contextual.media.net/ Frame EDBE 		34 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU658616&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C2067%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.136.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
55d75e04bc4d5b97ba3a087f671080b48ac59a8d4e63dbc53dd2483abd143e70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11526
content-type
text/html; charset=UTF-8
date
Tue, 28 Feb 2023 04:47:39 GMT
expires
Thu, 02 Mar 2023 04:47:39 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
setuid
a-prebid.vidoomy.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=7998148270748583470
0
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=7998148270748583470
Protocol
H2
Server
18.159.227.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-227-187.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Accept-Encoding, Origin
expires
0

Redirect headers

Date
Tue, 28 Feb 2023 04:47:39 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
209.58.162.217; 209.58.162.217; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
40bcce42-5591-4fba-9d13-b2a3ebaef45a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=7998148270748583470
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
9.gif
id5-sync.com/s/441/ 		0
0
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=vidoomy
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=vidoomy&ssp_user_id=e119dc05-085a-4847-8297-b3a8107c30a2&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-Ax5WEXZE2pmEk859p1.aMGJmRf1qKnvJF8vaqw--~A&expires=5&ssp=vidoomy
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=e119dc05-085a-4847-8297-b3a8107c30a2
43 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=e119dc05-085a-4847-8297-b3a8107c30a2
Protocol
H2
Server
18.159.227.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-227-187.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:39 GMT
content-encoding
none
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
43

Redirect headers

Location
//a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=e119dc05-085a-4847-8297-b3a8107c30a2
Date
Tue, 28 Feb 2023 04:47:39 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixelSync
pixel-sync.sitescout.com/dmp/
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=120&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
0
0
setuid
a-prebid.vidoomy.com/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent=
  • https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-7NSKkltE2uHr0SU0ke3vx0Pc2xV1C_dzPV4SwjI-~A&gdpr=0
0
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-7NSKkltE2uHr0SU0ke3vx0Pc2xV1C_dzPV4SwjI-~A&gdpr=0
Protocol
H2
Server
18.159.227.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-227-187.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Accept-Encoding, Origin
expires
0

Redirect headers

location
https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-7NSKkltE2uHr0SU0ke3vx0Pc2xV1C_dzPV4SwjI-~A&gdpr=0
date
Tue, 28 Feb 2023 04:47:39 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cookie
cm.adform.net/ 		0
0
sync
pool.admedo.com/ul_cb/ Frame 608D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=e119dc05-085a-4847-8297-b3a8107c30a2
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=e119dc05-085a-4847-8297-b3a8107c30a2
0
0
btw
sync.dmp.otm-r.com/match/ Frame 608D 		0
0
btw
px.adhigh.net/p/cm/ Frame 608D 		0
0
match
ads.betweendigital.com/ Frame 608D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent=
  • https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS03TlNLa2x0RTJ1SHIwU1Uwa2UzdngwUGMyeFYxQ19kelBWNFN3akktfkE%3D&gdpr=0
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS03TlNLa2x0RTJ1SHIwU1Uwa2UzdngwUGMyeFYxQ19kelBWNFN3akktfkE%3D&gdpr=0
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
203.195.121.141 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS03TlNLa2x0RTJ1SHIwU1Uwa2UzdngwUGMyeFYxQ19kelBWNFN3akktfkE%3D&gdpr=0
date
Tue, 28 Feb 2023 04:47:39 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
bidder_18.html
cache.betweendigital.com/code/ Frame DBB5 		0
0
sync
gum.criteo.com/ Frame EDBE 		61 B
301 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU658616&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C2067%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::9 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:39 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
500533
expires
60
usync.html
eus.rubiconproject.com/ Frame 3D69
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU658616&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C2067%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 28 Feb 2023 04:47:40 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 28 Feb 2023 04:47:39 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cm
p.rfihub.com/ Frame FA89 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BEC6 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3205612588092160000V10%26type%3Dpba%26refUrl%3D%26vid%3D75596597793205612588092160000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU658616&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C2067%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.240.213 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=166390
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 28 Feb 2023 04:47:39 GMT
expires
Thu, 02 Mar 2023 03:00:49 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
us
sync.go.sonobi.com/ Frame EDBE 		0
0
cksync.html
contextual.media.net/ Frame EDBE
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3205612588092160...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3205612588092160000V10&type=opx&refUrl=&vid=75596597793205612588092160000V10&ovsid=1cde5f69-f9b2-4230-b891-3f611cf73e35
411 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3205612588092160000V10&type=opx&refUrl=&vid=75596597793205612588092160000V10&ovsid=1cde5f69-f9b2-4230-b891-3f611cf73e35
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU658616&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C2067%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.51.136.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 28 Feb 2023 04:47:39 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
411
x-mnet-hl2
E
expires
Tue, 28 Feb 2023 04:47:39 GMT

Redirect headers

date
Tue, 28 Feb 2023 04:47:39 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=8&vsid=3205612588092160000V10&type=opx&refUrl=&vid=75596597793205612588092160000V10&ovsid=1cde5f69-f9b2-4230-b891-3f611cf73e35
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync
cs.media.net/ Frame EDBE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzIwNTYxMjU4ODA5MjE2MDAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEAvHUxmeVZhFdzfhtbKqWVM&google_cver=1
237 B
803 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEAvHUxmeVZhFdzfhtbKqWVM&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU658616&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C2067%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
96.17.188.24 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 04:47:39 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
237
X-MNET-HL2
E
Expires
Tue, 28 Feb 2023 04:47:39 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEAvHUxmeVZhFdzfhtbKqWVM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame EDBE
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3205612588092160000V10%26type%3Ddxu%26refUrl%3D%26vid%3D75596597793205612588092...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3205612588092160000V10&type=dxu&refUrl=&vid=75596597793205612588092160000V10&ovsid=0HbQZVuT1PwRTR5
237 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3205612588092160000V10&type=dxu&refUrl=&vid=75596597793205612588092160000V10&ovsid=0HbQZVuT1PwRTR5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU658616&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C2067%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.51.136.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 28 Feb 2023 04:47:39 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
237
x-mnet-hl2
E
expires
Tue, 28 Feb 2023 04:47:39 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 04:47:39 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-769-g9857bbc#rel-ec2-master i-002b15eadf69dc4b3@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3205612588092160000V10&type=dxu&refUrl=&vid=75596597793205612588092160000V10&ovsid=0HbQZVuT1PwRTR5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame EDBE
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=5cf22069-aa04-4638-b604-6ca9d33707fc
237 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=5cf22069-aa04-4638-b604-6ca9d33707fc
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU658616&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C2067%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.51.136.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 28 Feb 2023 04:47:39 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
237
x-mnet-hl2
E
expires
Tue, 28 Feb 2023 04:47:39 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:39 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=5cf22069-aa04-4638-b604-6ca9d33707fc
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2157114
content-length
0
expires
Tue, 28 Feb 2023 00:00:00 GMT
cksync.php
contextual.media.net/ Frame EDBE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dmedianet%26bsw_param%3De119dc05-085a-4847-8297-b3a8107c30...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=aad563fd-8769-4d00-956a-16a72f02942f&expires=30&ssp=medianet&bsw_param=e119dc05-085a-4847-8297-b3a8107c30a2&gdpr=0&gdpr_consent=
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=e119dc05-085a-4847-8297-b3a8107c30a2&gdpr=0&gdpr_consent=&gdpr_pd=
237 B
658 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=e119dc05-085a-4847-8297-b3a8107c30a2&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU658616&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C2067%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.51.136.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 28 Feb 2023 04:47:40 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
237
x-mnet-hl2
E
expires
Tue, 28 Feb 2023 04:47:40 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=e119dc05-085a-4847-8297-b3a8107c30a2&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Tue, 28 Feb 2023 04:47:39 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
b1sync.zemanta.com/usersync/medianet/ Frame EDBE 		0
0
sync
rtb.mfadsrvr.com/ Frame EDBE 		0
0
cksync
cs.media.net/ Frame EDBE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=8617581c-fe7a-45a1-88ea-d9c42be8be2e
237 B
814 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=8617581c-fe7a-45a1-88ea-d9c42be8be2e
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU658616&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C2067%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
96.17.188.24 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 04:47:39 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
237
X-MNET-HL2
E
Expires
Tue, 28 Feb 2023 04:47:39 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:39 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=8617581c-fe7a-45a1-88ea-d9c42be8be2e
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=yIleLXxHQTFhK1IxUkVud1NNTE5seHh6cklwRmE0eG44RWxMYVJoYnRLVko3ditSaEJoQ1htaE4wQ1ljSTBMdTMvVXdpQmU1UytNT0NSMXNQUVowdVBuWWFlYUhiRWxNZzk0WjFaNnU4ekhsVjBPWjlnbDMzSmJ0cTBXV3hEak4zdU9SRGNMZlhzZDFMY3FOMlFtQzA4bnUwWVIvME5Lb0g4RXBZQnkwbEdXRXY5TzRtR1FXR25aaTZPOGJoV21tRHV6blRTdTF0b2FobFlJcS9wZlR4Y0xjTEtYZjIrZkxZSEUrV0ZpVm12Y2JBNnB3PXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 28 Feb 2023 04:47:39 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
278142
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame DC95 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 04:47:40 GMT
AN-X-Request-Uuid
971f7ac4-4d71-4595-932c-e419b7ac3a73
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
209.58.162.217; 209.58.162.217; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
rtb.adxpremium.services/ Frame A584
Redirect Chain
  • https://eb2.3lift.com/getuid?limit=50&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
  • https://rtb.adxpremium.services/setuid?bidder=triplelift&uid=4201761885516150637312
0
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adxpremium.services/setuid?bidder=triplelift&uid=4201761885516150637312
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 04:47:39 GMT
Server
nginx
Vary
Origin
Content-Type
text/html
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0

Redirect headers

location
https://rtb.adxpremium.services/setuid?bidder=triplelift&uid=4201761885516150637312
date
Tue, 28 Feb 2023 04:47:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
PugMaster
image6.pubmatic.com/AdServer/ Frame BEC6 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=32904380&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3205612588092160000V10%26type%3Dpba%26refUrl%3D%26vid%3D75596597793205612588092160000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
18030506e0ca72c140c3c178e5a37c55d96ff824eab6c26140f1fda989cb51d1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 28 Feb 2023 04:47:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
prebid.gif
as.ck-ie.com/ Frame A584 		0
0
match
c1.adform.net/serving/cookie/ Frame FDF8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=1C19B134-CD28-4161-A2B4-3CBE3D8A7DF1&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1C19B134-CD28-4161-A2B4-3CBE3D8A7DF1&gdpr=0&gdpr_consent=
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1C19B134-CD28-4161-A2B4-3CBE3D8A7DF1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3205612588092160000V10%26type%3Dpba%26refUrl%3D%26vid%3D75596597793205612588092160000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Tue, 28 Feb 2023 04:47:40 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Tue, 28 Feb 2023 04:47:40 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1C19B134-CD28-4161-A2B4-3CBE3D8A7DF1&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
ImgSync
image8.pubmatic.com/AdServer/ Frame F2FB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:aad563fd-8769-4d00-956a-16a72f02942f&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3205612588092160000V10%26type%3Dpba%26refUrl%3D%26vid%3D75596597793205612588092160000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
private,max-age=86400
date
Tue, 28 Feb 2023 04:47:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 28 Feb 2023 04:47:40 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame C509 		0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 7D4F
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=z4e4179hvg8
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3205612588092160000V10%26type%3Dpba%26refUrl%3D%26vid%3D75596597793205612588092160000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
private,max-age=86400
date
Tue, 28 Feb 2023 04:47:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 28 Feb 2023 04:47:40 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
getuid
ib.adnxs.com/ Frame 4776 		0
0
cookie-sync
sync.outbrain.com/ Frame 44B5
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-xzmk_UYts7gF-WS_Retkv0bucXgSrbC-E7jVmIf
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3Dak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmc...
  • https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N&gdpr=0&initiator=ob&gdpr_consent=&us_privacy=1---&uid=1C19B134-CD28-4161-A2B4...
0
0
cookie-sync
sync.outbrain.com/ Frame F4D7
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3Dak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmc...
  • https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N&gdpr=0&initiator=ob&gdpr_consent=&us_privacy=1---&uid=1C19B134-CD28-4161-A2B4...
0
0
Pug
image2.pubmatic.com/AdServer/ Frame 852D
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=Ydf6CgF-DImETTYQbIf9Yw
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=Ydf6CgF-DImETTYQbIf9Yw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3205612588092160000V10%26type%3Dpba%26refUrl%3D%26vid%3D75596597793205612588092160000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 28 Feb 2023 04:47:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Tue, 28 Feb 2023 04:47:40 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=Ydf6CgF-DImETTYQbIf9Yw
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 3D41 		0
0
sync
sync.srv.stackadapt.com/ Frame 56DC 		0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame F734
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=bfvkl9s58b3l
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3205612588092160000V10%26type%3Dpba%26refUrl%3D%26vid%3D75596597793205612588092160000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
private,max-age=86400
date
Tue, 28 Feb 2023 04:47:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 28 Feb 2023 04:47:40 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
pxd
dps.jp.cinarra.com/ Frame ADAB 		0
0
cm
ipac.ctnsnet.com/int/ Frame B7F9 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3205612588092160000V10%26type%3Dpba%26refUrl%3D%26vid%3D75596597793205612588092160000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Tue, 28 Feb 2023 04:48:09 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame 9DB1
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=9e0a550007f34b6b813128b85cb47d25
42 B
303 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=9e0a550007f34b6b813128b85cb47d25
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3205612588092160000V10%26type%3Dpba%26refUrl%3D%26vid%3D75596597793205612588092160000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 28 Feb 2023 04:47:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html;charset=UTF-8
date
Tue, 28 Feb 2023 04:47:33 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=9e0a550007f34b6b813128b85cb47d25
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
status
302
via
1.1 google
x-xss-protection
1; mode=block
Pug
simage2.pubmatic.com/AdServer/ Frame 4B19
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:0HbQZVuT1PwRTR5&gdpr=0&gdpr_consent=
42 B
248 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:0HbQZVuT1PwRTR5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3205612588092160000V10%26type%3Dpba%26refUrl%3D%26vid%3D75596597793205612588092160000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 28 Feb 2023 04:47:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Tue, 28 Feb 2023 04:47:40 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:0HbQZVuT1PwRTR5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-769-g9857bbc#rel-ec2-master i-002b15eadf69dc4b3@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
bridge
cm.adgrx.com/ Frame 6EED 		0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 3346
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1677559660117
  • https://ad.turn.com/r/cs?pid=45&rndcb=8360631824
  • https://sync.1rx.io/usersync/turn/2880075393854299393?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-2d3c2bc4-bba4-4dca-a344-fe094d534118-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-2d3c2bc4-bba4-4dca-a344-fe094d534118-004
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3205612588092160000V10%26type%3Dpba%26refUrl%3D%26vid%3D75596597793205612588092160000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
private,max-age=86400
date
Tue, 28 Feb 2023 04:47:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 28 Feb 2023 04:47:40 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
i.match
a.tribalfusion.com/ Frame 4E61 		0
0
cookiesync
core.iprom.net/ Frame D068 		0
0
/
csync.loopme.me/ Frame 88B1 		0
0
141
match.deepintent.com/usersync/ Frame A235 		0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 3641
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AB13E9F4CF804DFDB8BB2CF6FA17A233&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3205612588092160000V10%26type%3Dpba%26refUrl%3D%26vid%3D75596597793205612588092160000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
private,max-age=86400
date
Tue, 28 Feb 2023 04:47:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 28 Feb 2023 04:47:40 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
cksync.php
contextual.media.net/ Frame 8322 		237 B
661 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3205612588092160000V10&type=pba&refUrl=&vid=75596597793205612588092160000V10&ovsid=1C19B134-CD28-4161-A2B4-3CBE3D8A7DF1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3205612588092160000V10%26type%3Dpba%26refUrl%3D%26vid%3D75596597793205612588092160000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.136.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
237
content-type
image/gif
date
Tue, 28 Feb 2023 04:47:40 GMT
expires
Tue, 28 Feb 2023 04:47:40 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BEC6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=HBmxNM0oQWGitDy-PYp98Q%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3205612588092160000V10%26type%3Dpba%26refUrl%3D%26vid%3D75596597793205612588092160000V10%26ovsid%3DPM_UID
Protocol
H2
Server
184.51.240.213 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:40 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=166389
accept-ranges
bytes
content-length
5554
expires
Thu, 02 Mar 2023 03:00:49 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
420486.gif
idsync.rlcdn.com/ Frame BEC6 		0
0
info
uipglob.semasio.net/pubmatic/1/ Frame BEC6 		0
0
1C19B134-CD28-4161-A2B4-3CBE3D8A7DF1
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame BEC6 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/1C19B134-CD28-4161-A2B4-3CBE3D8A7DF1?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3205612588092160000V10%26type%3Dpba%26refUrl%3D%26vid%3D75596597793205612588092160000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:da18:929:5a01:aca1:9a76:84d1:4d91 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame BEC6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8617581c-fe7a-45a1-88ea-d9c42be8be2e&gdpr=0&gdpr_consent=
42 B
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8617581c-fe7a-45a1-88ea-d9c42be8be2e&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3205612588092160000V10%26type%3Dpba%26refUrl%3D%26vid%3D75596597793205612588092160000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 28 Feb 2023 04:47:40 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:40 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8617581c-fe7a-45a1-88ea-d9c42be8be2e&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
SPug
image4.pubmatic.com/AdServer/ Frame BEC6
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=1C19B134-CD28-4161-A2B4-3CBE3D8A7DF1&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-8YgTUKpE2uW_NFf98jKNyGDhkZXfnzM-~A&gdpr=0
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-8YgTUKpE2uW_NFf98jKNyGDhkZXfnzM-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3205612588092160000V10%26type%3Dpba%26refUrl%3D%26vid%3D75596597793205612588092160000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.85 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:47:40 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-8YgTUKpE2uW_NFf98jKNyGDhkZXfnzM-~A&gdpr=0
date
Tue, 28 Feb 2023 04:47:40 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame BEC6
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1349367368919156554
42 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1349367368919156554
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3205612588092160000V10%26type%3Dpba%26refUrl%3D%26vid%3D75596597793205612588092160000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 28 Feb 2023 04:47:40 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1349367368919156554
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sync
a.sportradarserving.com/ Frame BEC6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame BEC6
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=1C19B134-CD28-4161-A2B4-3CBE3D8A7DF1&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1521249daa321b1b&is_secure=true&networkId=17100&version=1&nuid=1C19B134-CD28-4161-A2B4-3CBE3D8A7DF1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJoUCuXvgbFwMESW__AAAAAAA&expiration=1677646060&nuid=1C19B134-CD28-4161-A2B4-3CBE3D8A7DF1&...
42 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJoUCuXvgbFwMESW__AAAAAAA&expiration=1677646060&nuid=1C19B134-CD28-4161-A2B4-3CBE3D8A7DF1&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3205612588092160000V10%26type%3Dpba%26refUrl%3D%26vid%3D75596597793205612588092160000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 28 Feb 2023 04:47:40 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 04:47:40 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJoUCuXvgbFwMESW__AAAAAAA&expiration=1677646060&nuid=1C19B134-CD28-4161-A2B4-3CBE3D8A7DF1&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame BEC6
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2880075393854299393&gdpr=0&gdpr_consent=&us_privacy=
1 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2880075393854299393&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3205612588092160000V10%26type%3Dpba%26refUrl%3D%26vid%3D75596597793205612588092160000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 28 Feb 2023 04:47:40 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2880075393854299393&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 28 Feb 2023 04:47:39 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
getuid
secure.adnxs.com/ Frame BEC6
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
0
0
usync.js
eus.rubiconproject.com/ Frame 3D69 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e23d352249f4fd7a802305ceabc1dbd9c8ff63c4d061815d95ad556c1b0c1633

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 28 Feb 2023 04:47:40 GMT
Content-Encoding
gzip
Last-Modified
Mon, 27 Feb 2023 10:26:12 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=20224
Connection
keep-alive
Content-Length
10007
Expires
Tue, 28 Feb 2023 10:24:44 GMT
cksync.php
contextual.media.net/ Frame 3D69
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LENRPG73-J-9NF0
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LENRPG73-J-9NF0
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pippio.com
URL
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAwZTI0ZTRlYzBmNmYzNzExNGUwYjQ1MTlhY2QwOTM5ODU3YTk3NDgzMGVlODAzNWFmN2MxYTgyYWQ0ZDNhNzYzNzkxNDI2YjU0MTdkY2UyMRAAGgwI6472nwYSBAgCEABCAEoA&google_gid=CAESEKciHO-ml_pcF8EegefYVpI&google_cver=1
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/outbrain/?puid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=7998148270748583470&obUid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Domain
rtb.mfadsrvr.com
URL
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=outbrain&ssp_user_id=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=e119dc05-085a-4847-8297-b3a8107c30a2&gdpr=0&gdpr_consent=&gdpr_pd=1&us_privacy=
Domain
crb.kargo.com
URL
https://crb.kargo.com/api/v1/bswsync?bsw_uuid=e119dc05-085a-4847-8297-b3a8107c30a2&dsp_uuid=&dsp_id=&krg_ids=&gdpr=&gdpr_consent=&us_privacy=
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7205063872508131479&gdpr=0&gdpr_consent=
Domain
id.geistm.com
URL
https://id.geistm.com/m/OB/ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=e9IEjN0e608AkFlPRvOk&pi=outbrain&obUid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Domain
pixel-us-east.rubiconproject.com
URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=15268&gdpr=0&gdpr_consent=&us_privacy=1---
Domain
analytics.twitter.com
URL
https://analytics.twitter.com/i/adsct?p_user_id=026502c72fcae0acb1aaae729eed0231&p_id=28539
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=Y_2Han7pZgUREwcC7NCsAgAAEuYAAAAB&obUid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/cookie-sync?p=openx&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&obUid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N&uid=64e31ff1-2d5c-452c-b8b1-13a216a36bc2
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58523/occ?gdpr=0&gdpr_consent=&us_privacy=1---&redir=true
Domain
cs.emxdgt.com
URL
https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24UID%26obUid%3Dak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob
Domain
ice.360yield.com
URL
https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3Dak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob
Domain
s.ad.smaato.net
URL
https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3Dak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3Dak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob
Domain
sync.technoratimedia.com
URL
https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsynacor%26uid%3D%5BUSER_ID%5D%26obUid%3Dak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N%26us_privacy%3D1---%26initiator%3Dob
Domain
id.rlcdn.com
URL
https://id.rlcdn.com/711945.gif?ct=4&cv=
Domain
pixel-sync.sitescout.com
URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=127&gdpr=0&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26obUid%3Dak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob
Domain
bh.contextweb.com
URL
https://bh.contextweb.com/bh/rtset?pid=562709&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpulsepoint%26uid%3D%25%25VGUID%25%25%26obUid%3Dak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob
Domain
trace.mediago.io
URL
https://trace.mediago.io/cs/outbrain?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dbaidu%26uid%3D%7Buserid%7D%26obUid%3Dak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob
Domain
id5-sync.com
URL
https://id5-sync.com/s/164/9.gif?puid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N&gdpr=0&gdpr_consent=&us_privacy=1---
Domain
t.adx.opera.com
URL
https://t.adx.opera.com/pub/sync?pubid=pub8006743166848&initiator=ob
Domain
idrs.adtelligent.com
URL
https://idrs.adtelligent.com/get?gdpr=0&gdprConsent=
Domain
idrs.adtelligent.com
URL
https://idrs.adtelligent.com/get?gdpr=0&gdprConsent=
Domain
id5-sync.com
URL
https://id5-sync.com/api/config/prebid
Domain
id5-sync.com
URL
https://id5-sync.com/s/441/9.gif?puid=a_636e71bb-a50e-4fe8-a2a3-e631b683f5a6&gdpr=0&gdpr_consent=
Domain
pixel-sync.sitescout.com
URL
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=120&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
Domain
cm.adform.net
URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadf%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Domain
pool.admedo.com
URL
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=e119dc05-085a-4847-8297-b3a8107c30a2
Domain
sync.dmp.otm-r.com
URL
https://sync.dmp.otm-r.com/match/btw?id=96d11292-0b59-543b-8c07-8202effa0565
Domain
px.adhigh.net
URL
https://px.adhigh.net/p/cm/btw
Domain
cache.betweendigital.com
URL
https://cache.betweendigital.com/code/bidder_18.html?USER_ID=96d11292-0b59-543b-8c07-8202effa0565&CACHEBUSTER=599319
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3205612588092160000V10%26type%3Drkt%26refUrl%3D%26vid%3D75596597793205612588092160000V10%26ovsid%3D%7Buserid%7D
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3205612588092160000V10&type=son&refUrl=&vid=75596597793205612588092160000V10&ovsid=[UID]
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3205612588092160000V10%26type%3Dzem%26refUrl%3D%26vid%3D75596597793205612588092160000V10%26ovsid%3D__ZUID__
Domain
rtb.mfadsrvr.com
URL
https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3205612588092160000V10
Domain
as.ck-ie.com
URL
https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N&gdpr=0&initiator=ob&gdpr_consent=&us_privacy=1---&uid=1C19B134-CD28-4161-A2B4-3CBE3D8A7DF1
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N&gdpr=0&initiator=ob&gdpr_consent=&us_privacy=1---&uid=1C19B134-CD28-4161-A2B4-3CBE3D8A7DF1
Domain
sync-dsp.ad-m.asia
URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Domain
sync.srv.stackadapt.com
URL
https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
Domain
dps.jp.cinarra.com
URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=1C19B134-CD28-4161-A2B4-3CBE3D8A7DF1
Domain
cm.adgrx.com
URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Domain
a.tribalfusion.com
URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Domain
core.iprom.net
URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Domain
idsync.rlcdn.com
URL
https://idsync.rlcdn.com/420486.gif?partner_uid=1C19B134-CD28-4161-A2B4-3CBE3D8A7DF1
Domain
uipglob.semasio.net
URL
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=1C19B134-CD28-4161-A2B4-3CBE3D8A7DF1&sInitiator=external&gdpr=0&gdpr_consent=
Domain
a.sportradarserving.com
URL
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
Domain
secure.adnxs.com
URL
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LENRPG73-J-9NF0

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 boolean| credentialless function| $ function| jQuery function| Cookies object| dataLayer object| googletag object| advally object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| find_height function| setCookie function| copyToClipboard function| getCookie function| eraseCookie function| validateEmail function| unsure function| clearexplain function| resize function| changeGenerateButtonState function| notify function| removeNotification function| refreshView function| captchaLoaded function| callCustomAjax function| retrieveGetVariables function| setGetVariables string| size object| advpbjs undefined| cmd object| google_tag_manager object| google_tag_data object| recaptcha string| GoogleAnalyticsObject function| ga object| ggeac object| google_js_reporting_queue object| advpbjsChunk object| _pbjsGlobals object| ADAGIO object| mnet string| nobidVersion object| nobid function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData undefined| google_measure_js_timing undefined| conf undefined| ret string| x object| slotRules object| sas object| apntag object| _ADAGIO object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| ONFOCUS object| googDdmPs object| google_image_requests

66 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQx-zjsukwCgkIOhCq7OOy6TA=
pastelink.net/ Name: PHPSESSID
Value: m2ddk2kog5pi68sg3nb18cavbi
.pastelink.net/ Name: _gcl_au
Value: 1.1.306075825.1677559655
.pastelink.net/ Name: _ga
Value: GA1.2.1573673022.1677559655
.pastelink.net/ Name: _gid
Value: GA1.2.538662924.1677559655
.pastelink.net/ Name: _gat_UA-55088947-2
Value: 1
pastelink.net/ Name: plTest
Value: false
.pastelink.net/ Name: _gat_advallyTrackerpl
Value: 1
pastelink.net/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.yahoo.com/ Name: A3
Value: d=AQABBGeH_WMCEAhEd91SF6i_nsSIPRXSt3IFEgEBAQHY_mMHZAAAAAAA_eMAAA&S=AQAAAmnPrWK1L7eZ_LCCNsgg0C8
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: xjOdZf-XVn14X9MFtHUH8sl58wmph_OkPMk0KJ5LPYqOv9gw2EdgnFgrRnyg027UjKzP7XFn4OZjrLLo47OKc9Mvzwli9SlfLbrMvLxSSRrlSHW8OEG7PmPx15vANbj9
.gumgum.com/ Name: vst
Value: a_636e71bb-a50e-4fe8-a2a3-e631b683f5a6
.betweendigital.com/ Name: dc
Value: sin1
.betweendigital.com/ Name: tuuid
Value: 96d11292-0b59-543b-8c07-8202effa0565
.betweendigital.com/ Name: ut
Value: Y_2HZwAMe1CcaV_5dTDQR03lTe3a5Oyhu2FOtQ==
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: unm
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUk9iPkz4vrywdUEvJadNNJI7RIu5Lnsvq8ObRU-bGKo7sRK8nU6JsyfkFdNnpM
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.adnxs.com/ Name: uuid2
Value: 7998148270748583470
.uplynk.com/ Name: COMBOID
Value: "comboid=y-PWCQ2GVE2uEOtAwtYR3hD7C5UuRXDW3n~A|expires_at=1685335657"
.quantserve.com/ Name: d
Value: EAIBDQGzKJyLkwA
.quantserve.com/ Name: mc
Value: 63fd8769-8ee08-e0492-e655a
.mathtag.com/ Name: uuid
Value: aad563fd-8769-4d00-956a-16a72f02942f
.bing.com/ Name: MUID
Value: 31738B20D4EE64140CFC99E6D5EF6524
.c.bing.com/ Name: MR
Value: 0
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.adsrvr.org/ Name: TDID
Value: 8617581c-fe7a-45a1-88ea-d9c42be8be2e
.pubmatic.com/ Name: SyncRTB3
Value: 1678752000%3A220
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 1C19B134-CD28-4161-A2B4-3CBE3D8A7DF1
.bidswitch.net/ Name: tuuid
Value: e119dc05-085a-4847-8297-b3a8107c30a2
.bidswitch.net/ Name: c
Value: 1677559657
.bidswitch.net/ Name: tuuid_lu
Value: 1677559657
.pubmatic.com/ Name: pi
Value: 156078:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: SPugT
Value: 1677559657
.analytics.yahoo.com/ Name: IDSYNC
Value: "18zh~2a8s:18p2~2a8s:175s~2a8s:176l~2a8s:173n~2a8s:175u~2a8s:18qt~2a8s:18yl~2a8s:18vj~2a8s:190j~2a8s:1769~2a8s:18z8~2a8s:17kh~2a8s:18xn~2a8s:18yx~2a8s:191q~2a8s:17ol~2a8s:193s~2a8s:1760~2a8s:175w~2a8s:18za~2a8s:18vk~2a8s:195t~2a8s:18xa~2a8s:18yw~2a8s:18xi~2a8s"
.3lift.com/ Name: tluid
Value: 4201761885516150637312
.openx.net/ Name: i
Value: 075e09af-fb35-4727-8108-89e7ca3f9f14|1677559657
.rubiconproject.com/ Name: khaos
Value: LENRPG73-J-9NF0
.yieldmo.com/ Name: yieldmo_id
Value: g5fa4fcc65dcdba85831%7C1677559657813%7C0%7C
.sharethrough.com/ Name: stx_user_id
Value: a0e1a3b3-5507-477b-86a5-c146387d462d
.rubiconproject.com/ Name: audit
Value: 1|UvZEF/P4tQ1EFRnNvLUg59Ox/S5rSnJnXeP0o29vf0SJl7/YsOb2JQa8EkUe45+AEdPSdbMdvflCqQ3+tQhlLHMDvubSxZCGskcDnbo11TuLqlnnESBGSVs7PoCMm1RrjbdT8TNLlXEQ7sQnggAeALKpUjWTmmg0
.casalemedia.com/ Name: CMID
Value: Y-2Han7pZgUREwcC7NCsAgAA
.casalemedia.com/ Name: CMPS
Value: 4838
.casalemedia.com/ Name: CMPRO
Value: 4838
.creativecdn.com/ Name: u
Value: e9IEjN0e608AkFlPRvOk
.creativecdn.com/ Name: ts
Value: 1677559657
.socdm.com/ Name: SOC
Value: Y-2HasCo8YMAADfxVEYAAAAA
.media.net/ Name: visitor-id
Value: 3205612588092160000V10
.media.net/ Name: data-v
Value: y-4I9.3u1E2uF6s3U6HgEwTe853YINtGGe~A~~3
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHc3Z4OXQ1MBILCNbGuLGe1Mw7EAUSFQoGY2FzYWxlEgsIrpeosp7UzDsQBRgBIAIoAjILCNa-u9601Mw7EAU4AVoHc3Z4OXQ1MGAC
.pastelink.net/ Name: __gads
Value: ID=2a2b60c305a1a970:T=1677559656:S=ALNI_MZjHn-I3vfj8eQR2REMHFMYf-kHNw
.pastelink.net/ Name: __gpi
Value: UID=00000bce0ca05f5c:T=1677559656:RT=1677559656:S=ALNI_MaTiBMn55TFZcgKzcKmIkytcczJIw
.simpli.fi/ Name: suid
Value: AB13E9F4CF804DFDB8BB2CF6FA17A233
.pastelink.net/ Name: _ga_S3DKHVPF03
Value: GS1.1.1677559655.1.0.1677559658.0.0.0
.turn.com/ Name: uid
Value: 2880075393854299393
.adnxs.com/ Name: anj
Value: dTM7k!M4.FD>6NRF']wIg2E>5r`S2?!]tbP6j2F-.o$Rg@Gn3HZ/Jhgiqh*#byn3xjB#8-mcUux_9Y]<m*`LrjGmKkC!#Qa??gM6a.xmU%v4VB%nlcj+6g.%
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ2ZXJpem9ubWVkaWEiOnsidWlkIjoieS13aTdZMkdwRTJ1SHhoT0JRRjl0WFJHMW1LdUNLcWctLX5BIiwiZXhwaXJlcyI6IjIwMjMtMDUtMjlUMDQ6NDc6MzhaIn19LCJiaXJ0aGRheSI6IjIwMjMtMDItMjhUMDQ6NDc6MzhaIn0=
.company-target.com/ Name: tuuid
Value: 86606a2e-a0c6-46ec-8593-6577f3f86e60
.company-target.com/ Name: tuuid_lu
Value: 1677559658
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y-2HagAAA2yuQQAh
.bidr.io/ Name: bito
Value: AAE-B07H-w8AACCNFizZLg
.bidr.io/ Name: bitoIsSecure
Value: ok
.lijit.com/ Name: ljt_reader
Value: GOvfJLZH4JgXwGfqTMmcn0Ag

6 Console Messages

Source Level URL
Text
other warning URL: https://3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v95.js(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v95.js(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v95.js(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://id.geistm.com/m/OB/ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.crwdcntrl.net/map/c=14516/tp=OBRN/tpid=ak7fR89dhXtc7LKIiyDZCLX4uRUouzYF5E7gf2fATTHDSMXxRTYWhJhFtmceAd4N
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3c832401222e9f9aa8bc73e7d063dace.safeframe.googlesyndication.com
a-prebid.vidoomy.com
a.sportradarserving.com
a.tribalfusion.com
a.vidoomy.com
aa.agkn.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ads.as.criteo.com
ads.betweendigital.com
ads.pubmatic.com
ads.yieldmo.com
adservice.google.com
adservice.google.com.sg
adxbid.info
analytics.twitter.com
ap.lijit.com
as.ck-ie.com
b1sync.zemanta.com
beacon.krxd.net
beap-bc.yahoo.com
bh.contextweb.com
c.bing.com
c1.adform.net
c2shb.pubgw.yahoo.com
cache.betweendigital.com
cat.sg1.as.criteo.com
cdn.adligature.com
cdn.js7k.com
cdnjs.cloudflare.com
cheqzone.b-cdn.net
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.ambientdsp.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
core.iprom.net
crb.kargo.com
creativecdn.com
cs.emxdgt.com
cs.media.net
csm.as.criteo.net
csync.loopme.me
d.turn.com
d.vidoomy.com
dis.criteo.com
dpm.demdex.net
dps.jp.cinarra.com
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
flint.defybrick.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
gocm.c.appier.net
googleads4.g.doubleclick.net
gum.criteo.com
i.w55c.net
ib.adnxs.com
ice.360yield.com
id.a-mx.com
id.geistm.com
id.rlcdn.com
id5-sync.com
idrs.adtelligent.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
ipac.ctnsnet.com
log.outbrainimg.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mp.4dex.io
mug.criteo.com
odb.outbrain.com
onevideosync.uplynk.com
p.rfihub.com
pagead2.googlesyndication.com
pastelink.net
pippio.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pm.w55c.net
pn.ybp.yahoo.com
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid.media.net
pro.ip-api.com
prod-m-node-2113.ssp.yahoo.com
ps.eyeota.net
pubmatic-match.dotomi.com
px.adhigh.net
rock.defybrick.com
rtb.adxpremium.services
rtb.jp2.as.criteo.com
rtb.mfadsrvr.com
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s.yimg.com
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
service.idsync.analytics.yahoo.com
simage2.pubmatic.com
ssbsync.smartadserver.com
ssp-sync.criteo.com
ssum-sec.casalemedia.com
static.criteo.net
sync-dsp.ad-m.asia
sync-jp.im-apps.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.dmp.otm-r.com
sync.go.sonobi.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
t.adx.opera.com
tag.1rx.io
tcheck.outbrainimg.com
tg.socdm.com
tpc.googlesyndication.com
trace.mediago.io
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
widget-pixels.outbrain.com
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
a.sportradarserving.com
a.tribalfusion.com
analytics.twitter.com
as.ck-ie.com
b1sync.zemanta.com
bh.contextweb.com
cache.betweendigital.com
cm.adform.net
cm.adgrx.com
contextual.media.net
core.iprom.net
crb.kargo.com
cs.emxdgt.com
csync.loopme.me
dps.jp.cinarra.com
ib.adnxs.com
ice.360yield.com
id.geistm.com
id.rlcdn.com
id5-sync.com
idrs.adtelligent.com
idsync.rlcdn.com
match.deepintent.com
p.rfihub.com
pippio.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pool.admedo.com
px.adhigh.net
rtb.mfadsrvr.com
s.ad.smaato.net
secure.adnxs.com
ssbsync.smartadserver.com
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.dmp.otm-r.com
sync.go.sonobi.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.technoratimedia.com
t.adx.opera.com
trace.mediago.io
uipglob.semasio.net
ups.analytics.yahoo.com
103.229.206.240
103.231.98.194
103.231.98.197
104.254.148.251
104.254.150.241
122.248.250.113
124.146.215.50
13.115.235.137
13.228.34.179
13.250.187.106
13.250.192.86
139.5.84.243
145.40.73.4
145.40.73.5
151.101.130.49
172.104.45.159
172.253.118.155
18.138.18.111
18.141.109.184
18.142.65.187
18.159.227.187
182.161.73.132
182.161.73.136
182.161.73.146
184.51.136.24
184.51.240.199
184.51.240.213
184.51.241.105
185.106.140.18
185.184.8.90
185.84.60.29
199.232.46.132
2001:4de0:ac18::1:a:2b
2001:df2:a300:bbbb::135
2001:df2:a300:bbbb::136
203.195.121.141
208.95.112.2
23.223.18.115
23.41.65.80
23.75.85.227
2400:52e0:1500::868:1
2404:6800:4003:c03::84
2404:6800:4003:c03::9b
2404:6800:4003:c04::67
2404:6800:4003:c04::9a
2404:6800:4003:c04::9d
2404:6800:4003:c05::5e
2404:6800:4003:c05::66
2404:6800:4003:c06::61
2404:6800:4003:c0f::5f
2404:6800:4003:c0f::84
2404:6800:4003:c11::5e
2404:6800:4003:c11::95
2406:2000:98:800::e6
2406:2000:e4:1409::2000
2406:2600:4::13
2406:2600:7:100::1
2406:2600:7:100::10
2406:2600:7:100::15
2406:2600:7:100::9
2406:2600:7:100::f
2406:da18:929:5a01:aca1:9a76:84d1:4d91
2600:1f18:e8a:cd04:9b88:a313:d24d:af44
2600:9000:21e1:4200:1a:ba5c:3900:93a1
2606:4700:20::681a:9a9
2606:4700:3031::6815:5dd2
2606:4700:3035::6815:5d0e
2606:4700:3037::ac43:9a47
2606:4700::6811:180e
2606:4700::6812:372
2620:116:800e:21:6c50:dbee:bef5:203d
2620:1ec:c11::200
2a02:fa8:c411:12::1080
34.107.148.139
34.124.209.251
34.96.71.22
35.186.193.173
35.213.12.39
35.244.159.8
35.71.178.8
44.225.201.131
52.220.128.212
52.220.229.2
52.220.243.118
52.220.85.221
52.221.14.40
52.223.40.198
52.46.130.91
52.74.162.2
54.192.18.100
54.64.5.129
63.251.14.14
66.225.223.95
67.199.150.81
67.199.150.85
69.173.158.64
74.125.24.149
74.125.24.154
89.35.29.15
96.17.188.24
96.17.189.202
01408f8061623faa6d2c0f015cd23483c3aa363c095e152f613ed94c87a5803d
015d12e8946606e0b57392ccf8284acc01e4122b75c085547dc9bcbf434b4759
01a0ab39ee5cedddb2902edbfab54e7d303be490bab7018f5d0335036063299b
01e1f7fd45eb292a1bd3017cdd9c6db612c8b71fc7867c4a8404abb651f86f15
024e07eb0a3f53098a85d87d5df3003465e427a8060c310a6fa2d69cff63f23d
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0ec053d7651a067d46aee56c80b0cee3158c6a56e9d4a14decf15ce48717b11b
0f173341da07694e3803f018e983c5e4eab7ae7ac612bc67c374cca3fb47fa02
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13100cd3879e5c1385581d7c88153e60cd7c3e4b0578fe2838daa56da689769b
148b358d5c6a32ff44aa901fdd583519210675846edb6ccf8913a402054196a0
15f20e02ef301e62ed325d633f971c506dcf1be3458c2371b849b505bb8673dc
18030506e0ca72c140c3c178e5a37c55d96ff824eab6c26140f1fda989cb51d1
184f7e9267bf77e6df354fcbd8c87029012a59f9aa277fde93f376349ee0f0a6
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
190d542d8e593c755fd16e67ca62583e183957829dfb69cc2e00c7bf67df237d
1b3f1a6337f21366cf59487bb664dd0983c245ccf100be143f4366a07e005d09
1c9e4c65f9d921b1c0829958cc7b2f307a3e22ac7a23e8315b6db4c0954e1107
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
234951acbc9a47f9696dcf836ca48b8d9c313cb941062be122306a0c8e967ee4
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c052d6fef78cbb874f5ed3ad653b66c386994c9a433e8d468f7ec74adac677f
2efaee055a44041ed506b66b86cec9140cb14e934f1abd4c8e2ac14a89ef3a87
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f9c0f456ef438213561c640e5284be12e358ba09dbd3121df50b196a7aa0432
30ea6cb5b8956f6e5f10148cf6de41df851b61f58040d0255b509180f2fd08fd
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35c4b73ec6b6696b9fc19693bf337abaaa0363ead5f7b57e610d114923b21fe4
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3a73b36061944ebbb33696553917d393280f796e212afcd09057b441c1168606
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3f13c6b3026bf5f9437ea17554965e56be1b5ab25b5cf6f3de7415b5b8bd2f60
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41584519b7ae154b9c5d36e2d05a06a6fffd25839f8618cfc994a4ab97984e26
45f0f27fb78191006375051ee3046fae3105b652d11680432511cba61b32c330
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46f90725442b7c19d4e83a29758a482d4cc8e237ff0ed205089e677cd14d32b2
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
496ef1722cd085b9c4343a54d3df522f363f2345ebce8920a0965c5b8e3bfd3e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311
4d080f148635a59fd89ff3aaf08c33b8bea0e220e02e33eb0c1ae7c8be808b9f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f2a2bf13203d4d051acb0edbfb790789ad5c15b0c4a1755ed33e5fdbaf729d8
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fcd49edd568d0af46903eb9bc06d5db252c1521e395ed52aacb52f435ce9c2a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50677ec62115e1f9bbc8e76964465afd96d13e6d37d5f8c6e5af5ddfbfdfe8a9
50a60e5e5f2e8f10a2f8685031ec9849ba8faff613139f3a402e89f25ccbbabc
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d75e04bc4d5b97ba3a087f671080b48ac59a8d4e63dbc53dd2483abd143e70
57226adbc32c91a8cd4ec9ee08e4f155f3450e79256731c04f81709a58c4c1fc
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5c0b6ffc1eef89682e1eaa3f44083732df26e04839ccc97d2c4e308575977236
6098754ee16daebcb0ada711f717b58cc46a4c1cfd709cc1223f2a60a62708c3
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
613efd0497ff39f53123ca22f71747b75f22d7ab9b6996aa1deaab799cefd334
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a
62ed498484c11cac1be5bb392260e457282e31ecbdc4c766fef8780e14f415ac
656f9fa258fc711a3ea9dafc2188d05e88139d8756b6c0b98b4d361b22cd2c73
670dc66bdd658139d240eedad1274df27975093212b087640ace94fdd41e2038
67cec954dd3c5a51f526f9a5dd721ea65e23acf4d78c5abc03eac702be1ec550
68dd66af3c6e581b9b314bcefa73d9516dcf532e16b6bd55630cafd4eec67ff1
69e462b8ebc77b5549058cddc4257d5b06ec246e32a48033ed1a37325f4a1e5a
6d49f48310a57e3586bd49da220d241c6eaff0df6fdd5a6789321427f13995e8
6d5a69bf6efbe9bfc9502e641f47f0b06f340727897f1aec897878e35b9cc5c1
7205b49d2e586e72b07d05b9821607eb491b46d9b23e5edc2f9f1c2cdd7c5bcf
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
746a537339fc5045e13cfd4ea61bfb967cfc00d9c7ca7eda89fb50ef8a54d7c1
76ffbbe0a327c50bc05feb886774e0ef4a0bfaef4fc937edfa9c7b05979edc80
7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8126b9a567667551bb4c4fb3031b776e6b4fcda0b097b3f7b123932b5ff07010
8172bba3aba108988b1802890600d6a33bc362ccb9d0c14cb84a983942fcd79b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
88aebe77c821689d5497225dda6e0c5ad7b75d71ff3e96430d251bfbc825a63a
8a363d7dc06f19dad28b352230a1fc967085b0412b36e7316653e1321de7f4a4
8af24d7350dbdc8eea22e4737deaa35a795b19b0560d7173113bec7e8a3effb7
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f02ead055cee4bab07393741aa400ff5d883b05710407989a6f0e3e5f3b28d9
90d86acebfdd00dc757ea4b78f92667172bc871ade3175c4dde4dd3ad69a7781
91a930fb5e49cbd21fc74b32d5a01d37b0dc406174f25ad1c70bbceeb768f80d
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
97a855ebf67e1d2a8f41f220f6afbb02ce6f00d6f8c59c9c341a3da83acb4cbf
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99c85857040001a1faa0f5e1267cdd6575bf28aad5f9f2a96ae32834c9a1682c
9a989106fc47c155cd266905e8ed02b593b6f617a4fcb034a5c36eb15514beff
9c5511e8a28cc28738945dc57b00c9a659bb926f970e89bfa1e287178e305a90
9d84a493ce54df793827648468f1b860ee21de67be8dd81d818d40ae68e5ffad
9deaac5d56e16e3ebabea7074260b0fd928a5f1ed99708ce779fba46a83bcdc8
9df6900f7c2b75e50bd1d354e87572c6f6fb2a446c65797ac1b0917ee80e3a6e
a02019cb9cade35408f7d3cfec607b1a24b753fad5c053de28a7c309b3e697e2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aa68e17fb13028f96c0d5b38fcf7006182894eb694625f9dedf5824d5066a5f0
ade91296c87c0f63a6eba55019748f263e2ed8d0225b1e8cf7436e6e4bcf894a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14463d5ba2d89151d1e1c0913eae5f190f4b64703726e682d43d1ac2b97edde
b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3
b3af49db02db719fddf05b025b22d32227228781ac8cf7953991f778362faa20
b3f2d9d1877f7feda21921735f1c36c35c6971c991895bbf5ae3af4b7eea2039
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b8c11aae918fb5cca27cc2197dc4b5c25045b8b292fadf7f869d134b52fff962
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb7d3684cb42a4d70196d25046661222df52254fb53dde71c462d48b5170ee03
bc3bf758c71142120a4978067618f7361107499f07a06650cb958ad7a0283a3d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c24ccee9a35eef9e74411eac871935bdff6bcb895cce80b754b66d3e4292a3ce
c384ac3ddb2d3b6b35f695dfccbe0b69c24a889fef96ffaa4e71a73f99b199af
c5777913e0a429e8b12826d62bdc439f40b1069b4bd3d1debce8682dd685179a
c64cda3c1c7c935b57b27894caec3b370b98d70011c8e5ea2f31691be13c8fe7
ca1375384e2c001d15128b3a8849d4684a8b74907df34fb1f5a6cd0c6aa86d3e
cac1d05e82e4393ef6c051c1042f249c179999282a833e22c827846e1ab61b68
cc512301255515966a31281192fd886494b8ff8a8ce75ecba79d13b1b50e2f96
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cd3f23d219f09c1818c8458fceb827a3184c2f5b731e90aefe5460ad72019aa7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d75cddb432ae2991c9575f6fb6b5f299dc078644796c45fa33c643e7bcf4426b
db2363029b4f54378ff6662b39bc15138122f515494fc54048fd89a70485fe55
de1ece045b6dfcebd8b79656d7dceed989bc33b05b8f2427c74f5dc060e1bc26
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e18780927c3712849df2fffc3d1c08a01252f24c449afcdba57868da817808e4
e23d352249f4fd7a802305ceabc1dbd9c8ff63c4d061815d95ad556c1b0c1633
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5483b471efb54b215576c0695bcce703c62385a7e78c268e058d7fe43a94fbd
e831a1355a7116d32a4492ef683bdbca34e8c92f86f8930f69766527ddb73196
e8deb16eb44574c11f7fc262b3fb21c23016e46f1d8b8cc4e0184adc0c38d097
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ebfd96030683611d9ed054682f1ddf8b9098bc7d10105602b338605b0ae82a9a
ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600
ed6cd01c384db70bedbe24986aa85b0745f994ad71b7e5712f8a60e1ff457d7f
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ee4c70732d477083547d0a15c839a5d60d40673a8b98cde650dabb2a0270e96b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f057c51ba04e3cb1106b37baa3704f1a73bb1fe9f8effab6efde6a08745a36a0
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b
f2dfca51adb5f527dc72370ab5a6d140ca2b62e6eb5a865909a351a551fe297a
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
f97f22fde697c9d8c77639fbbca1a74e82708f3c908d9005107cd2fc71033da1
fc703cca62391956b6a2caf2393650fb55ed749c05ee8533fbb02af72c34425f
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff8935e99942fb1f659c6c0801576ab36350ce5f9a20bc9bd6d440ae6429c13c