www.pastemagazine.com Open in urlscan Pro
2606:4700:3108::ac42:2b60  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://us.umusic-online.com/4YUH-9VIX-3D2TUT-91YA3-0/c.aspx HTTP 302
   https://www.pastemagazine.com/music/lyrical-lemonade/cole-bennett-lyrical-lemonade-interview?utm_source=dotmailer&utm_medium=email&utm_campaign=460761_02.02.24_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,9VIX,3D2TUT,1EYLC,0 Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

• https://rp.liadm.com/j?dtstmp=1706939403542&aid=b-00aw&se=eyJldmVudCI6ImNvbnZzZXJzaW9uIn0&duid=6f8b055d5004--01hnpr8k8m2pdy3yfp6pmp7snt&tv=v2.12.0&pu=https%3A%2F%2Fwww.pastemagazine.com%2Fmusic%2Flyrical-lemonade%2Fcole-bennett-lyrical-lemonade-interview%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D460761_02.02.24_Def%2520Jam_Def%2520Jam%2520Newsletter_Full%2520List_231785_US%26dm_i%3D4YUH%2C9VIX%2C3D2TUT%2C1EYLC%2C0&wpn=lc-bundle&c=PHRpdGxlPkNvbGUgQmVubmV0dCBXYW50cyB0byBDcmVhdGUgYSBDaW5lbWF0aWMgVW5pdmVyc2UgRm9yIE11c2ljPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iVGhlIGhpcC1ob3AgbXVsdGltZWRpYSB0aXRhbiBleHBsYWlucyBob3cgTHlyaWNhbCBMZW1vbmFkZSBldm9sdmVkIGZyb20gYSBibG9nIHRvIGEgYnJhbmQgd2hpbGUga2VlcGluZyB0aGUgdmlzdWFsIGVsZW1lbnQgb2YgbXVzaWMgYWxpdmUuIj48bGluayByZWw9ImNhbm9uaWNhbCIgaHJlZj0iaHR0cHM6Ly93d3cucGFzdGVtYWdhemluZS5jb20vbXVzaWMvbHlyaWNhbC1sZW1vbmFkZS9jb2xlLWJlbm5ldHQtbHlyaWNhbC1sZW1vbmFkZS1pbnRlcnZpZXciPjx0aXRsZT5QYXN0ZSBNYWdhemluZTogWW91ciBHdWlkZSB0byB0aGUgQmVzdCBNdXNpYywgTW92aWVzICZhbXA7IFRWIFNob3dzPC90aXRsZT48aDEgY2xhc3M9InRpdGxlIj5Db2xlIEJlbm5ldHQgV2FudHMgdG8gQ3JlYXRlIGEgQ2luZW1hdGljIFVuaXZlcnNlIEZvciBNdXNpYzwvaDE-&cd=.pastemagazine.com HTTP 302
• https://rp4.liadm.com/j?se=eyJldmVudCI6ImNvbnZzZXJzaW9uIn0&duid=6f8b055d5004--01hnpr8k8m2pdy3yfp6pmp7snt&aid=b-00aw&cd=.pastemagazine.com&dtstmp=1706939403542&tv=v2.12.0&n3pc=true&wpn=lc-bundle&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjU%3D&pu=https%3A%2F%2Fwww.pastemagazine.com%2Fmusic%2Flyrical-lemonade%2Fcole-bennett-lyrical-lemonade-interview%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D460761_02.02.24_Def%2520Jam_Def%2520Jam%2520Newsletter_Full%2520List_231785_US%26dm_i%3D4YUH%2C9VIX%2C3D2TUT%2C1EYLC%2C0&c=PHRpdGxlPkNvbGUgQmVubmV0dCBXYW50cyB0byBDcmVhdGUgYSBDaW5lbWF0aWMgVW5pdmVyc2UgRm9yIE11c2ljPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iVGhlIGhpcC1ob3AgbXVsdGltZWRpYSB0aXRhbiBleHBsYWlucyBob3cgTHlyaWNhbCBMZW1vbmFkZSBldm9sdmVkIGZyb20gYSBibG9nIHRvIGEgYnJhbmQgd2hpbGUga2VlcGluZyB0aGUgdmlzdWFsIGVsZW1lbnQgb2YgbXVzaWMgYWxpdmUuIj48bGluayByZWw9ImNhbm9uaWNhbCIgaHJlZj0iaHR0cHM6Ly93d3cucGFzdGVtYWdhemluZS5jb20vbXVzaWMvbHlyaWNhbC1sZW1vbmFkZS9jb2xlLWJlbm5ldHQtbHlyaWNhbC1sZW1vbmFkZS1pbnRlcnZpZXciPjx0aXRsZT5QYXN0ZSBNYWdhemluZTogWW91ciBHdWlkZSB0byB0aGUgQmVzdCBNdXNpYywgTW92aWVzICZhbXA7IFRWIFNob3dzPC90aXRsZT48aDEgY2xhc3M9InRpdGxlIj5Db2xlIEJlbm5ldHQgV2FudHMgdG8gQ3JlYXRlIGEgQ2luZW1hdGljIFVuaXZlcnNlIEZvciBNdXNpYzwvaDE-

Request Chain 38

• https://googleads.g.doubleclick.net/pagead/id HTTP 302
• https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 54

• https://googleads.g.doubleclick.net/pagead/id HTTP 302
• https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 81

• https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pastemagazine.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
• https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pastemagazine.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 82

• https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
• https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 86

• https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Zb3UDNBwDdMu3Vk8OSvCMAAAFFMAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=Zb3UDNBwDdMu3Vk8OSvCMAAAFFMAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc= HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEP6g4kEgwQvgeB1y9BhzseU&google_cver=1

Request Chain 87

• https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Zb3UDNBwDdMu3Vk8OSvCMAAA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=Zb3UDNBwDdMu3Vk8OSvCMAAA&google_tc= HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPiWUwu3zKBj66yxSULMBz8&google_cver=1

Request Chain 89

• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Zb3UDNBwDdMu3Vk8OSvCMAAAFFMAAAAB&gpp=&gpp_sid= HTTP 302
• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Zb3UDNBwDdMu3Vk8OSvCMAAAFFMAAAAB&gpp=&gpp_sid=&dcc=t

Request Chain 90

• https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=20F0EE997A5049BEBCFB55D27ED55E55

Request Chain 92

• https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
• https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=BasiOBRR1Rw8UJ5

Request Chain 99

• https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=407b559f-8bdb-47a1-b809-285d020652e9 HTTP 302
• https://p.rfihub.com/cm?pub=39342&in=1&userid=95eb1e9b-63a9-47ad-81e1-e13e3cddb303%3A1706939405.6893232&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D95eb1e9b-63a9-47ad-81e1-e13e3cddb303%253A1706939405.6893232%26_%3D1706939405.6917973&cb=1706939405.6918366 HTTP 302
• https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329530210702247&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D95eb1e9b-63a9-47ad-81e1-e13e3cddb303%253A1706939405.6893232%26_%3D1706939405.6917973 HTTP 302
• https://idsync.rlcdn.com/501709.gif?partner_uid=95eb1e9b-63a9-47ad-81e1-e13e3cddb303%3A1706939405.6893232&_=1706939405.6917973

Request Chain 101

• https://x.dlx.addthis.com/e/live_intent_sync?na_exid=407b559f-8bdb-47a1-b809-285d020652e9 HTTP 302
• https://x.dlx.addthis.com/e/live_intent_sync?na_exid=407b559f-8bdb-47a1-b809-285d020652e9&rd=Y

Request Chain 102

• https://dpm.demdex.net/ibs:dpid=127444&dpuuid=407b559f-8bdb-47a1-b809-285d020652e9 HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=407b559f-8bdb-47a1-b809-285d020652e9

Request Chain 103

• https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
• https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3639525877753654479 HTTP 303
• https://x.bidswitch.net/sync?ssp=liveintent&user_id=407b559f-8bdb-47a1-b809-285d020652e9

Request Chain 105

• https://ib.adnxs.com/getuid?https://i.liadm.com/s/81081?bidder_id=91218&bidder_uuid=$UID&gdpr=0 HTTP 302
• https://i.liadm.com/s/81081?bidder_id=91218&bidder_uuid=4483171876162129882&gdpr=0 HTTP 303
• https://sync.mathtag.com/sync/img?mt_exid=36&407b559f-8bdb-47a1-b809-285d020652e9

128 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request cole-bennett-lyrical-lemonade-interview Show response www.pastemagazine.com/music/lyrical-lemonade/ Redirect Chain https://us.umusic-online.com/4YUH-9VIX-3D2TUT-91YA3-0/c.aspx https://www.pastemagazine.com/music/lyrical-lemonade/cole-bennett-lyrical-lemonade-interview?utm_source=dotmailer&utm_medium=email&utm_campaign=460761_02.02.24_Def%20Jam_Def%20Jam%20Newsletter_Full...	73 KB 21 KB	1199ms 1132ms	Document text/html	2606:4700:3108::ac42:2b60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.pastemagazine.com/music/lyrical-lemonade/cole-bennett-lyrical-lemonade-interview?utm_source=dotmailer&utm_medium=email&utm_campaign=460761_02.02.24_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,9VIX,3D2TUT,1EYLC,0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3108::ac42:2b60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 80b78bea6538d1a02f948f1ba40cd9947ab2c2424bbbc22f21ce339a0950aac7 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store cf-apo-via origin,miss cf-cache-status MISS cf-edge-cache cache,platform=wordpress cf-ray 84f864dfbb162c5e-FRA content-encoding br content-type text/html; charset=UTF-8 date Sat, 03 Feb 2024 05:50:03 GMT last-modified Sat, 03 Feb 2024 05:50:03 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9qTECQLeOSW4VX73huA9K5kxueKKD7fZhDRp0vLtcHzPfZ2a0EqnyGZuPJQsFMtnCCla%2B1Rp%2BvHE4LwfZbDKe47rzEL8bP2X8KDVBNKiUh5EG82C8019YhxPbG%2FpX%2BNdegIDiz8fl87jit2So23L0d488A%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers alt-svc h3=":443"; ma=86400 cache-control private, max-age=0 cf-cache-status DYNAMIC cf-ray 84f864dcbc222c32-FRA content-length 0 date Sat, 03 Feb 2024 05:50:02 GMT location https://www.pastemagazine.com:443/music/lyrical-lemonade/cole-bennett-lyrical-lemonade-interview?utm_source=dotmailer&utm_medium=email&utm_campaign=460761_02.02.24_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,9VIX,3D2TUT,1EYLC,0 server cloudflare
GET H2	200	7776D133-B4B9-4A5A-A5B1-7F209757064D.jpeg image-pastemagazine-com-public-bucket.storage.googleapis.com/wp-content/uploads/2024/01/31003918/	40 KB 40 KB	103ms 19ms	Image image/jpeg	2a00:1450:4001:813::201b GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://image-pastemagazine-com-public-bucket.storage.googleapis.com/wp-content/uploads/2024/01/31003918/7776D133-B4B9-4A5A-A5B1-7F209757064D.jpeg Requested by Host: www.pastemagazine.com URL: https://www.pastemagazine.com/music/lyrical-lemonade/cole-bennett-lyrical-lemonade-interview?utm_source=dotmailer&utm_medium=email&utm_campaign=460761_02.02.24_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,9VIX,3D2TUT,1EYLC,0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash b0c4ff48af3395d62fc83b05782fa2311f8ca19c2679bb507a6553af89bebd98 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 05:16:50 GMT age 1993 x-guploader-uploadid ABPtcPqz6OD4MpiosMAmCQ9heGUo06zQO-_eAgjyeZuHIu6X-XkqkEJk5PECtr7AfCrDh4CvHsKMcIm0WQ x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 40936 last-modified Wed, 31 Jan 2024 05:39:19 GMT server UploadServer etag "c45520f370ac82810e677b9b8a48bc4a" x-goog-generation 1706679558997135 x-goog-hash crc32c=jbQqGQ==, md5=xFUg83CsgoEOZ3ubiki8Sg== content-type image/jpeg cache-control max-age=31536000 x-goog-stored-content-length 40936 accept-ranges bytes expires Sun, 02 Feb 2025 05:16:50 GMT
GET H2	200	autoptimize_38d8db655452ee9ef8410f96de8a2486.css www.pastemagazine.com/wp-content/cache/autoptimize/css/	315 KB 70 KB	35ms 34ms	Stylesheet text/css	2606:4700:3108::ac42:2b60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.pastemagazine.com/wp-content/cache/autoptimize/css/autoptimize_38d8db655452ee9ef8410f96de8a2486.css Requested by Host: www.pastemagazine.com URL: https://www.pastemagazine.com/music/lyrical-lemonade/cole-bennett-lyrical-lemonade-interview?utm_source=dotmailer&utm_medium=email&utm_campaign=460761_02.02.24_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,9VIX,3D2TUT,1EYLC,0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3108::ac42:2b60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9b82304aac3147376220986f0e87cb3bcf144963cbd3e5cd73000903d3758ac0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/music/lyrical-lemonade/cole-bennett-lyrical-lemonade-interview?utm_source=dotmailer&utm_medium=email&utm_campaign=460761_02.02.24_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,9VIX,3D2TUT,1EYLC,0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 05:50:03 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Mon, 20 Nov 2023 10:44:22 GMT server cloudflare age 1595485 cf-polished origSize=322524 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A7Njm2nxTZCitKxeJMtsJFtTvlCCT8pD1SnX8vXoWsGDlG6H6wHVJIeRVqiw1Mmb5bJsMPw8krV7vlW9PrCJzJZbWabqxWHfPgnCdI61Ylj7D0U%2B5kZiI2xvxcbUvsc%2BCst%2BQnEje1pdvfrgv3xTKB9Y1Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cf-ray 84f864e6dfad2c5e-FRA alt-svc h3=":443"; ma=86400 expires Sat, 04 Jan 2025 18:12:31 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	236 KB 82 KB	81ms 34ms	Script application/javascript	2a00:1450:4001:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-V3K4873RKC Requested by Host: www.pastemagazine.com URL: https://www.pastemagazine.com/music/lyrical-lemonade/cole-bennett-lyrical-lemonade-interview?utm_source=dotmailer&utm_medium=email&utm_campaign=460761_02.02.24_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,9VIX,3D2TUT,1EYLC,0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 32acc9ca77dfa8cf48046e6d46ea70049c3f391b27aebc11a1dd75feee1236cd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 05:50:03 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 83967 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 03 Feb 2024 05:50:03 GMT
GET H2	200	jquery.min.js Show response www.pastemagazine.com/wp-includes/js/jquery/	86 KB 31 KB	32ms 32ms	Script application/javascript	2606:4700:3108::ac42:2b60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.pastemagazine.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 Requested by Host: www.pastemagazine.com URL: https://www.pastemagazine.com/music/lyrical-lemonade/cole-bennett-lyrical-lemonade-interview?utm_source=dotmailer&utm_medium=email&utm_campaign=460761_02.02.24_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,9VIX,3D2TUT,1EYLC,0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3108::ac42:2b60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/music/lyrical-lemonade/cole-bennett-lyrical-lemonade-interview?utm_source=dotmailer&utm_medium=email&utm_campaign=460761_02.02.24_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,9VIX,3D2TUT,1EYLC,0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 05:50:03 GMT content-encoding br cf-cache-status HIT last-modified Wed, 08 Nov 2023 02:36:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 571404 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hxdjN0fer5mPKj04b5uzOIh2oQNuc7KpONVLTXuqkkZaFtjLHxY4%2BnD40SY9AJVNvVf69Uk6s73ZKRwaISB%2FjxkWEjBylUOSOmNUkTb83YlToxYJQ85mAHLGGsWbI%2FSFXGeIim1lvLtug%2B9Sl%2FlaGaOZMA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cf-ray 84f864e6dfae2c5e-FRA alt-svc h3=":443"; ma=86400
GET H2	200	b-00aw.min.js Show response b-code.liadm.com/	48 KB 16 KB	79ms 20ms	Script application/javascript	2600:9000:225e:8000:8:8845:1500:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://b-code.liadm.com/b-00aw.min.js Requested by Host: www.pastemagazine.com URL: https://www.pastemagazine.com/music/lyrical-lemonade/cole-bennett-lyrical-lemonade-interview?utm_source=dotmailer&utm_medium=email&utm_campaign=460761_02.02.24_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,9VIX,3D2TUT,1EYLC,0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:8000:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 798c2e40f7781e1986f485f1b93289a351a772033a8f2f8d4bd43c86c941cc22 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 04:44:07 GMT content-encoding gzip via 1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P4 age 3956 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control "public, max-age=86400" x-amz-cf-id QMV8d8EJJKsx4_GFnbJuZFbPLlUL5FVAHUWyT0N8bj-07f3qW2DewQ==
GET H3	200	autoptimize_d826393e509635524b3f9f85c6942095.js Show response www.pastemagazine.com/wp-content/cache/autoptimize/js/	56 KB 19 KB	34ms 34ms	Script application/javascript	2606:4700:3108::ac42:2b60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.pastemagazine.com/wp-content/cache/autoptimize/js/autoptimize_d826393e509635524b3f9f85c6942095.js Requested by Host: www.pastemagazine.com URL: https://www.pastemagazine.com/music/lyrical-lemonade/cole-bennett-lyrical-lemonade-interview?utm_source=dotmailer&utm_medium=email&utm_campaign=460761_02.02.24_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,9VIX,3D2TUT,1EYLC,0 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3108::ac42:2b60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bae618d383bf56a0cd95e3c0b0340e67e9f5780caa162ddb99105a020bd2206b Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/music/lyrical-lemonade/cole-bennett-lyrical-lemonade-interview?utm_source=dotmailer&utm_medium=email&utm_campaign=460761_02.02.24_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,9VIX,3D2TUT,1EYLC,0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 05:50:03 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Mon, 20 Nov 2023 10:50:44 GMT server cloudflare age 572283 cf-polished origSize=57729 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yy9OKlKcPjkyTXwq%2FFjL7mBh7xgfxCKkaM5wJDDsBupQrPrgO82wn6PNhHVuR3yvwDkI2A0NHtu0eod0r0LxV76Rcl3OZMSTAid3pJ95QEBYxNNPUURK7s%2FVUC63u9UW3XvtqaleK3FkrzXOHSaypCi0fg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cf-ray 84f864e7bc595c98-FRA alt-svc h3=":443"; ma=86400 expires Fri, 10 Jan 2025 04:20:11 GMT
GET H2	200	v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response static.cloudflareinsights.com/beacon.min.js/	20 KB 7 KB	110ms 53ms	Script text/javascript	2606:4700::6810:3965 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 Requested by Host: www.pastemagazine.com URL: https://www.pastemagazine.com/music/lyrical-lemonade/cole-bennett-lyrical-lemonade-interview?utm_source=dotmailer&utm_medium=email&utm_campaign=460761_02.02.24_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,9VIX,3D2TUT,1EYLC,0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101 Request headers Referer https://www.pastemagazine.com/ Origin https://www.pastemagazine.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 05:50:03 GMT content-encoding gzip last-modified Tue, 10 Oct 2023 21:38:13 GMT server cloudflare etag W/"2023.10.0" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 84f864e80b963a8a-FRA
GET H2	200	Sh0bCn9Iaik Show response www.youtube.com/embed/ Frame 39E8	93 KB 40 KB	168ms 109ms	Document text/html	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/embed/Sh0bCn9Iaik?si=9Hghmzh3c4RnxUFp Requested by Host: www.pastemagazine.com URL: https://www.pastemagazine.com/music/lyrical-lemonade/cole-bennett-lyrical-lemonade-interview?utm_source=dotmailer&utm_medium=email&utm_campaign=460761_02.02.24_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,9VIX,3D2TUT,1EYLC,0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash bc79dbd5532c76031c034f9e40471a9d92bbbebf90f6be0581f98a23615656e2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.pastemagazine.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding br content-type text/html; charset=utf-8 cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" cross-origin-resource-policy cross-origin date Sat, 03 Feb 2024 05:50:03 GMT expires Mon, 01 Jan 1990 00:00:00 GMT origin-trial AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info." permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* pragma no-cache report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} server ESF strict-transport-security max-age=31536000 vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-content-type-options nosniff x-xss-protection 0
GET H2	200	JdXubSf5YUc Show response www.youtube.com/embed/ Frame 2684	92 KB 41 KB	143ms 85ms	Document text/html	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/embed/JdXubSf5YUc?si=4KFLak54X1vsvW4K Requested by Host: www.pastemagazine.com URL: https://www.pastemagazine.com/music/lyrical-lemonade/cole-bennett-lyrical-lemonade-interview?utm_source=dotmailer&utm_medium=email&utm_campaign=460761_02.02.24_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,9VIX,3D2TUT,1EYLC,0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash fd2343f00e52020528b09c4c0338089b7af608a1d976efa36ecfff2cd4941e13 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.pastemagazine.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding br content-type text/html; charset=utf-8 cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" cross-origin-resource-policy cross-origin date Sat, 03 Feb 2024 05:50:03 GMT expires Mon, 01 Jan 1990 00:00:00 GMT origin-trial AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info." permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* pragma no-cache report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} server ESF strict-transport-security max-age=31536000 vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated /	125 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash cc342f227d2ec985f234830f2afa874c3b878cd65905b76c4a1de85e0f52d10d Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	13 KB 13 KB		Font application/octet-stream
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bfb9c4f4b5fa59d0f86083205c2035868127701787711cc0311452a46bebe56f Request headers Referer Origin https://www.pastemagazine.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Content-Type application/octet-stream
GET H3	200	pm_ad_commands.js Show response www.pastemagazine.com/wp-content/themes/pastemagazine/js/	10 KB 1 KB	39ms 39ms	Script application/javascript	2606:4700:3108::ac42:2b60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.pastemagazine.com/wp-content/themes/pastemagazine/js/pm_ad_commands.js Requested by Host: www.pastemagazine.com URL: https://www.pastemagazine.com/music/lyrical-lemonade/cole-bennett-lyrical-lemonade-interview?utm_source=dotmailer&utm_medium=email&utm_campaign=460761_02.02.24_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,9VIX,3D2TUT,1EYLC,0 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3108::ac42:2b60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bfd4865c71dda86acfb5de422c42f597894e212193a0a53dced7a3f58e644575 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/music/lyrical-lemonade/cole-bennett-lyrical-lemonade-interview?utm_source=dotmailer&utm_medium=email&utm_campaign=460761_02.02.24_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,9VIX,3D2TUT,1EYLC,0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 05:50:03 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Fri, 19 May 2023 13:17:03 GMT server cloudflare age 572282 cf-polished origSize=30161 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=643u6mpqiaIkhE8nhIk7jKsNropLW3LCN5Xor5NRp%2FLdLbmIdRMDZx%2B1TGuzpfx2abI4GfSEOmvh%2BFa2Qtw2L9XhiZ320Zn6hveX8uR8YETHiv7wC0uyuxGv%2F0thcVV9SflW3ruyJSXgzl36I%2FsOwe0cxg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cf-ray 84f864e7ec765c98-FRA alt-svc h3=":443"; ma=86400
GET H2	200	landing-header-bg.png cdn.pastemagazine.com/images/	358 B 542 B	169ms 28ms	Image image/png	23.56.203.145 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.pastemagazine.com/images/landing-header-bg.png Requested by Host: www.pastemagazine.com URL: https://www.pastemagazine.com/wp-content/cache/autoptimize/css/autoptimize_38d8db655452ee9ef8410f96de8a2486.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.56.203.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-56-203-145.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 2435dd626c595dc314a346e6be037eb57c615d67b0f83c15671b6426622bf42a Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 05:50:03 GMT last-modified Wed, 19 Sep 2018 18:33:50 GMT server AkamaiNetStorage etag "c44e2355ba5bc5bec860f62a3b035a12:1537382030" content-type image/png cache-control max-age=14400 accept-ranges bytes content-length 358 expires Sat, 03 Feb 2024 09:50:03 GMT
GET H2	200	j Show response rp4.liadm.com/ Redirect Chain https://rp.liadm.com/j?dtstmp=1706939403542&aid=b-00aw&se=eyJldmVudCI6ImNvbnZzZXJzaW9uIn0&duid=6f8b055d5004--01hnpr8k8m2pdy3yfp6pmp7snt&tv=v2.12.0&pu=https%3A%2F%2Fwww.pastemagazine.com%2Fmusic%2Fl... https://rp4.liadm.com/j?se=eyJldmVudCI6ImNvbnZzZXJzaW9uIn0&duid=6f8b055d5004--01hnpr8k8m2pdy3yfp6pmp7snt&aid=b-00aw&cd=.pastemagazine.com&dtstmp=1706939403542&tv=v2.12.0&n3pc=true&wpn=lc-bundle&i6=...	13 B 318 B	490ms 121ms	XHR application/json	18.214.207.120 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://rp4.liadm.com/j?se=eyJldmVudCI6ImNvbnZzZXJzaW9uIn0&duid=6f8b055d5004--01hnpr8k8m2pdy3yfp6pmp7snt&aid=b-00aw&cd=.pastemagazine.com&dtstmp=1706939403542&tv=v2.12.0&n3pc=true&wpn=lc-bundle&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjU%3D&pu=https%3A%2F%2Fwww.pastemagazine.com%2Fmusic%2Flyrical-lemonade%2Fcole-bennett-lyrical-lemonade-interview%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D460761_02.02.24_Def%2520Jam_Def%2520Jam%2520Newsletter_Full%2520List_231785_US%26dm_i%3D4YUH%2C9VIX%2C3D2TUT%2C1EYLC%2C0&c=PHRpdGxlPkNvbGUgQmVubmV0dCBXYW50cyB0byBDcmVhdGUgYSBDaW5lbWF0aWMgVW5pdmVyc2UgRm9yIE11c2ljPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iVGhlIGhpcC1ob3AgbXVsdGltZWRpYSB0aXRhbiBleHBsYWlucyBob3cgTHlyaWNhbCBMZW1vbmFkZSBldm9sdmVkIGZyb20gYSBibG9nIHRvIGEgYnJhbmQgd2hpbGUga2VlcGluZyB0aGUgdmlzdWFsIGVsZW1lbnQgb2YgbXVzaWMgYWxpdmUuIj48bGluayByZWw9ImNhbm9uaWNhbCIgaHJlZj0iaHR0cHM6Ly93d3cucGFzdGVtYWdhemluZS5jb20vbXVzaWMvbHlyaWNhbC1sZW1vbmFkZS9jb2xlLWJlbm5ldHQtbHlyaWNhbC1sZW1vbmFkZS1pbnRlcnZpZXciPjx0aXRsZT5QYXN0ZSBNYWdhemluZTogWW91ciBHdWlkZSB0byB0aGUgQmVzdCBNdXNpYywgTW92aWVzICZhbXA7IFRWIFNob3dzPC90aXRsZT48aDEgY2xhc3M9InRpdGxlIj5Db2xlIEJlbm5ldHQgV2FudHMgdG8gQ3JlYXRlIGEgQ2luZW1hdGljIFVuaXZlcnNlIEZvciBNdXNpYzwvaDE- Requested by Host: www.pastemagazine.com URL: https://www.pastemagazine.com/music/lyrical-lemonade/cole-bennett-lyrical-lemonade-interview?utm_source=dotmailer&utm_medium=email&utm_campaign=460761_02.02.24_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,9VIX,3D2TUT,1EYLC,0 Protocol H2 Server 18.214.207.120 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-214-207-120.compute-1.amazonaws.com Software / Resource Hash efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 05:50:04 GMT x-pixel-event-id 1aee7790-f3ee-4bb0-8478-96132531449f access-control-allow-methods GET content-type application/json access-control-allow-origin null access-control-expose-headers * access-control-allow-credentials true content-length 13 Redirect headers location https://rp4.liadm.com/j?se=eyJldmVudCI6ImNvbnZzZXJzaW9uIn0&duid=6f8b055d5004--01hnpr8k8m2pdy3yfp6pmp7snt&aid=b-00aw&cd=.pastemagazine.com&dtstmp=1706939403542&tv=v2.12.0&n3pc=true&wpn=lc-bundle&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjU%3D&pu=https%3A%2F%2Fwww.pastemagazine.com%2Fmusic%2Flyrical-lemonade%2Fcole-bennett-lyrical-lemonade-interview%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D460761_02.02.24_Def%2520Jam_Def%2520Jam%2520Newsletter_Full%2520List_231785_US%26dm_i%3D4YUH%2C9VIX%2C3D2TUT%2C1EYLC%2C0&c=PHRpdGxlPkNvbGUgQmVubmV0dCBXYW50cyB0byBDcmVhdGUgYSBDaW5lbWF0aWMgVW5pdmVyc2UgRm9yIE11c2ljPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iVGhlIGhpcC1ob3AgbXVsdGltZWRpYSB0aXRhbiBleHBsYWlucyBob3cgTHlyaWNhbCBMZW1vbmFkZSBldm9sdmVkIGZyb20gYSBibG9nIHRvIGEgYnJhbmQgd2hpbGUga2VlcGluZyB0aGUgdmlzdWFsIGVsZW1lbnQgb2YgbXVzaWMgYWxpdmUuIj48bGluayByZWw9ImNhbm9uaWNhbCIgaHJlZj0iaHR0cHM6Ly93d3cucGFzdGVtYWdhemluZS5jb20vbXVzaWMvbHlyaWNhbC1sZW1vbmFkZS9jb2xlLWJlbm5ldHQtbHlyaWNhbC1sZW1vbmFkZS1pbnRlcnZpZXciPjx0aXRsZT5QYXN0ZSBNYWdhemluZTogWW91ciBHdWlkZSB0byB0aGUgQmVzdCBNdXNpYywgTW92aWVzICZhbXA7IFRWIFNob3dzPC90aXRsZT48aDEgY2xhc3M9InRpdGxlIj5Db2xlIEJlbm5ldHQgV2FudHMgdG8gQ3JlYXRlIGEgQ2luZW1hdGljIFVuaXZlcnNlIEZvciBNdXNpYzwvaDE- access-control-allow-origin https://www.pastemagazine.com date Sat, 03 Feb 2024 05:50:04 GMT access-control-expose-headers * access-control-allow-credentials true content-length 0 access-control-allow-methods GET
GET H3	200	ads-gam-a9-ow.js Show response www.pastemagazine.com/wp-content/themes/pastemagazine/js/	22 KB 6 KB	29ms 29ms	Script application/javascript	2606:4700:3108::ac42:2b60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.pastemagazine.com/wp-content/themes/pastemagazine/js/ads-gam-a9-ow.js?ver=b&cb=39.2022.10209.11821.2 Requested by Host: www.pastemagazine.com URL: https://www.pastemagazine.com/music/lyrical-lemonade/cole-bennett-lyrical-lemonade-interview?utm_source=dotmailer&utm_medium=email&utm_campaign=460761_02.02.24_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,9VIX,3D2TUT,1EYLC,0 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3108::ac42:2b60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash adcaf8375043932c8077e929c23ce6710be87e6f86a01b4687e28968adb81856 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/music/lyrical-lemonade/cole-bennett-lyrical-lemonade-interview?utm_source=dotmailer&utm_medium=email&utm_campaign=460761_02.02.24_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,9VIX,3D2TUT,1EYLC,0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 05:50:03 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Fri, 19 May 2023 13:29:18 GMT server cloudflare age 572282 cf-polished origSize=45840 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V3JTnkRR2QHpLcNoNy5EzwYm9T%2BFHGlGo9QfY20kYMiM6XeumULJxjMsUVoUS7rUfcL6WuC38Z6niHQMm5YJ5%2FcvMRinVv8P%2Fv1HjaDMVy78OlY1RJNhSxT7snqzApts%2FwemU%2Fav%2FGgAhDsohA5ivSTMPw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cf-ray 84f864e83ca85c98-FRA alt-svc h3=":443"; ma=86400
POST H2	204	collect region1.analytics.google.com/g/	0 258 B	90ms 26ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-V3K4873RKC&gtm=45je41v0v886301594za200&_p=1706939403450&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&gdid=dZGIzZG&cid=59270143.1706939404&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706939403&sct=1&seg=0&dl=https%3A%2F%2Fwww.pastemagazine.com%2Fmusic%2Flyrical-lemonade%2Fcole-bennett-lyrical-lemonade-interview%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D460761_02.02.24_Def%2520Jam_Def%2520Jam%2520Newsletter_Full%2520List_231785_US%26dm_i%3D4YUH%2C9VIX%2C3D2TUT%2C1EYLC%2C0&dt=Cole%20Bennett%20Wants%20to%20Create%20a%20Cinematic%20Universe%20For%20Music&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=2003 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-V3K4873RKC Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma no-cache date Sat, 03 Feb 2024 05:50:03 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.pastemagazine.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 258 B	78ms 27ms	Ping text/plain	2a00:1450:400c:c07::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-V3K4873RKC&cid=59270143.1706939404&gtm=45je41v0v886301594za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-V3K4873RKC Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma no-cache date Sat, 03 Feb 2024 05:50:03 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.pastemagazine.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 408 B	89ms 29ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-V3K4873RKC&cid=59270143.1706939404&gtm=45je41v0v886301594za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=334668691 Requested by Host: www.pastemagazine.com URL: https://www.pastemagazine.com/music/lyrical-lemonade/cole-bennett-lyrical-lemonade-interview?utm_source=dotmailer&utm_medium=email&utm_campaign=460761_02.02.24_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,9VIX,3D2TUT,1EYLC,0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma no-cache date Sat, 03 Feb 2024 05:50:03 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	286 KB 71 KB	98ms 22ms	Script application/javascript	108.138.6.136 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: www.pastemagazine.com URL: https://www.pastemagazine.com/wp-content/themes/pastemagazine/js/ads-gam-a9-ow.js?ver=b&cb=39.2022.10209.11821.2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.6.136 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-6-136.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 85c59056678912641d9929fea79a132b58398fe84cfbbb5fd63e892db355bde7 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 05:14:24 GMT content-encoding gzip via 1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront), 1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront) last-modified Thu, 01 Feb 2024 21:58:45 GMT server AmazonS3 x-amz-cf-pop FRA60-P1, FRA56-P6 age 2140 x-amz-server-side-encryption AES256 etag W/"e27d9780852534fd18cbcc0472fcbb38" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=3600 x-amz-cf-id WhPMMXxvppP8FqCLM5J4Q9Ik7QDA8U0jyw1g7DxT79AHA2HTJVB45A==
GET H2	200	pwt.js Show response ads.pubmatic.com/AdServer/js/pwt/160494/3742/	527 KB 166 KB	77ms 21ms	Script application/javascript	184.30.16.195 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/pwt/160494/3742/pwt.js Requested by Host: www.pastemagazine.com URL: https://www.pastemagazine.com/wp-content/themes/pastemagazine/js/ads-gam-a9-ow.js?ver=b&cb=39.2022.10209.11821.2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-30-16-195.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 2b32c6242e7b5d41a08c9579b77c12921c5d52867367219474f4ca6206aab133 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 05:50:03 GMT content-encoding gzip last-modified Mon, 05 Jun 2023 18:44:31 GMT server Apache vary Accept-Encoding content-type application/javascript p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" cache-control max-age=85819 accept-ranges bytes content-length 169349 expires Sun, 04 Feb 2024 05:40:22 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	98 KB 29 KB	161ms 73ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: www.pastemagazine.com URL: https://www.pastemagazine.com/wp-content/themes/pastemagazine/js/ads-gam-a9-ow.js?ver=b&cb=39.2022.10209.11821.2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f819284b076b2e77fc03e4e389c5267d100115dd61af58d17e1ca475c83bce75 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 05:50:03 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29543 x-xss-protection 0 server cafe etag 211 / 19756 / 31080791 / config-hash: 8558731290873694684 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Sat, 03 Feb 2024 05:50:03 GMT
GET H2	200	www-player.css www.youtube.com/s/player/a1d7d0f8/ Frame 2684	359 KB 47 KB	26ms 25ms	Stylesheet text/css	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/a1d7d0f8/www-player.css Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/JdXubSf5YUc?si=4KFLak54X1vsvW4K Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 44c265654f8aa883d626e1d54a05281a91bca42ef639fde0458d5018a4ed2a1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/JdXubSf5YUc?si=4KFLak54X1vsvW4K User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 16:24:49 GMT content-encoding br x-content-type-options nosniff age 48314 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 47527 x-xss-protection 0 last-modified Wed, 31 Jan 2024 05:17:15 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Sat, 01 Feb 2025 16:24:49 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 2684	15 KB 16 KB	69ms 19ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/JdXubSf5YUc?si=4KFLak54X1vsvW4K Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ Origin https://www.youtube.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 23:26:56 GMT x-content-type-options nosniff age 109387 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 31 Jan 2025 23:26:56 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 2684	15 KB 15 KB	78ms 28ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/JdXubSf5YUc?si=4KFLak54X1vsvW4K Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ Origin https://www.youtube.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 12:44:28 GMT x-content-type-options nosniff age 61535 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 01 Feb 2025 12:44:28 GMT
GET H2	200	embed.js Show response www.youtube.com/s/player/a1d7d0f8/player_ias.vflset/de_DE/ Frame 2684	54 KB 17 KB	38ms 36ms	Script text/javascript	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/a1d7d0f8/player_ias.vflset/de_DE/embed.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/JdXubSf5YUc?si=4KFLak54X1vsvW4K Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 667f33f3a1371bbc838e7e5be2b8cf58d243645f65f3a9ce9f0207267cb35809 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/JdXubSf5YUc?si=4KFLak54X1vsvW4K User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 23:43:05 GMT content-encoding br x-content-type-options nosniff age 108418 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16930 x-xss-protection 0 last-modified Wed, 31 Jan 2024 05:17:15 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 31 Jan 2025 23:43:05 GMT
GET H2	200	www-embed-player.js Show response www.youtube.com/s/player/a1d7d0f8/www-embed-player.vflset/ Frame 2684	318 KB 95 KB	23ms 22ms	Script text/javascript	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/a1d7d0f8/www-embed-player.vflset/www-embed-player.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/JdXubSf5YUc?si=4KFLak54X1vsvW4K Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bba2653a44f46ed95594b8ca06246d5b5d9df9a31fa4e4dc6fd218ba6e83a194 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/JdXubSf5YUc?si=4KFLak54X1vsvW4K User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 03:11:46 GMT content-encoding br x-content-type-options nosniff age 9497 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 97221 x-xss-protection 0 last-modified Wed, 31 Jan 2024 05:17:15 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Sun, 02 Feb 2025 03:11:46 GMT
GET H2	200	base.js Show response www.youtube.com/s/player/a1d7d0f8/player_ias.vflset/de_DE/ Frame 2684	2 MB 2 MB	40ms 39ms	Script text/javascript	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/a1d7d0f8/player_ias.vflset/de_DE/base.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/JdXubSf5YUc?si=4KFLak54X1vsvW4K Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 09e92ed4d88d04c61425987b0e20ca71df0a0ae884be15c168e83bb54ad814ea Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/JdXubSf5YUc?si=4KFLak54X1vsvW4K User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 31 Jan 2024 08:32:11 GMT x-content-type-options nosniff age 249472 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2487320 x-xss-protection 0 last-modified Wed, 31 Jan 2024 05:17:15 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Thu, 30 Jan 2025 08:32:11 GMT
GET H2	200	www-player.css www.youtube.com/s/player/a1d7d0f8/ Frame 39E8	359 KB 46 KB	71ms 70ms	Stylesheet text/css	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/a1d7d0f8/www-player.css Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/Sh0bCn9Iaik?si=9Hghmzh3c4RnxUFp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 44c265654f8aa883d626e1d54a05281a91bca42ef639fde0458d5018a4ed2a1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/Sh0bCn9Iaik?si=9Hghmzh3c4RnxUFp User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 16:24:49 GMT content-encoding br x-content-type-options nosniff age 48314 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 47527 x-xss-protection 0 last-modified Wed, 31 Jan 2024 05:17:15 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Sat, 01 Feb 2025 16:24:49 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 39E8	15 KB 15 KB	71ms 39ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/Sh0bCn9Iaik?si=9Hghmzh3c4RnxUFp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ Origin https://www.youtube.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 23:26:56 GMT x-content-type-options nosniff age 109387 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 31 Jan 2025 23:26:56 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 39E8	15 KB 15 KB	88ms 56ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/Sh0bCn9Iaik?si=9Hghmzh3c4RnxUFp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ Origin https://www.youtube.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 12:44:28 GMT x-content-type-options nosniff age 61535 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 01 Feb 2025 12:44:28 GMT
GET H2	200	embed.js Show response www.youtube.com/s/player/a1d7d0f8/player_ias.vflset/de_DE/ Frame 39E8	54 KB 17 KB	87ms 86ms	Script text/javascript	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/a1d7d0f8/player_ias.vflset/de_DE/embed.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/Sh0bCn9Iaik?si=9Hghmzh3c4RnxUFp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 667f33f3a1371bbc838e7e5be2b8cf58d243645f65f3a9ce9f0207267cb35809 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/Sh0bCn9Iaik?si=9Hghmzh3c4RnxUFp User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 23:43:05 GMT content-encoding br x-content-type-options nosniff age 108418 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16930 x-xss-protection 0 last-modified Wed, 31 Jan 2024 05:17:15 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 31 Jan 2025 23:43:05 GMT
GET H2	200	www-embed-player.js Show response www.youtube.com/s/player/a1d7d0f8/www-embed-player.vflset/ Frame 39E8	318 KB 95 KB	88ms 88ms	Script text/javascript	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/a1d7d0f8/www-embed-player.vflset/www-embed-player.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/Sh0bCn9Iaik?si=9Hghmzh3c4RnxUFp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bba2653a44f46ed95594b8ca06246d5b5d9df9a31fa4e4dc6fd218ba6e83a194 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/Sh0bCn9Iaik?si=9Hghmzh3c4RnxUFp User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 03:11:46 GMT content-encoding br x-content-type-options nosniff age 9497 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 97221 x-xss-protection 0 last-modified Wed, 31 Jan 2024 05:17:15 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Sun, 02 Feb 2025 03:11:46 GMT
GET H2	200	base.js Show response www.youtube.com/s/player/a1d7d0f8/player_ias.vflset/de_DE/ Frame 39E8	2 MB 2 MB	94ms 94ms	Script text/javascript	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/a1d7d0f8/player_ias.vflset/de_DE/base.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/Sh0bCn9Iaik?si=9Hghmzh3c4RnxUFp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 09e92ed4d88d04c61425987b0e20ca71df0a0ae884be15c168e83bb54ad814ea Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/Sh0bCn9Iaik?si=9Hghmzh3c4RnxUFp User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 31 Jan 2024 08:32:11 GMT x-content-type-options nosniff age 249472 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2487320 x-xss-protection 0 last-modified Wed, 31 Jan 2024 05:17:15 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Thu, 30 Jan 2025 08:32:11 GMT
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	310ms 22ms	XHR application/javascript	108.138.6.136 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.6.136 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-6-136.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers x-amz-version-id 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog content-encoding gzip via 1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront) date Sat, 03 Feb 2024 05:50:04 GMT x-amz-cf-pop FRA56-P6 age 761 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Tue, 29 Aug 2023 08:30:37 GMT server AmazonS3 etag W/"a4d296427fc806b21335359e398c025c" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control public, max-age=86400 vary Accept-Encoding,Origin x-amz-cf-id llviE68hjgCmB8ZwEfADdWsItX6Sn_KwLnMVUSsQRH0Tqg74EkxTAA==
GET H2	200	9d883dc1-db2e-4fb8-960f-4ea07f2b85d8 Show response config.aps.amazon-adsystem.com/configs/	564 B 838 B	354ms 22ms	Script application/javascript	99.86.4.30 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://config.aps.amazon-adsystem.com/configs/9d883dc1-db2e-4fb8-960f-4ea07f2b85d8 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.30 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-30.fra6.r.cloudfront.net Software CloudFront / Resource Hash 5738d9f2462d318777b7291a90fb8d481a6ccec0c9ceca3be77b640137e30b81 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 05:45:49 GMT via 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop FRA6-C1 age 255 x-cache Hit from cloudfront content-type application/javascript cache-control max-age=3600 content-length 564 x-amz-cf-id TFfu06pmVr_VOV9GpcCV-e_9sb88eiNqxNnNqtqnBWi9ITv0OoHgrQ==
GET H2	204	config Show response c.amazon-adsystem.com/cdn/prod/	0 314 B	21ms 21ms	XHR text/plain	108.138.6.136 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.pastemagazine.com&pubid=9d883dc1-db2e-4fb8-960f-4ea07f2b85d8 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.6.136 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-6-136.fra56.r.cloudfront.net Software Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 01:21:52 GMT via 1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA56-P6 age 16091 x-cache Hit from cloudfront access-control-allow-origin https://www.pastemagazine.com cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true x-amz-cf-id phzzQy2l9sANZ4plD6mvDGARYpTFslpSyZUzw-qGRsHQcZ7srscdKA==
GET H2	200	bid Show response aax.amazon-adsystem.com/e/dtb/	23 B 361 B	137ms 58ms	XHR text/javascript	18.245.47.29 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.pastemagazine.com%2Fmusic%2Flyrical-lemonade%2Fcole-bennett-lyrical-lemonade-interview%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D460761_02.02.24_Def%2520Jam_Def%2520Jam%2520Newsletter_Full%2520List_231785_US%26dm_i%3D4YUH%2C9VIX%2C3D2TUT%2C1EYLC%2C0&pid=nGpSPdDuMDP0w&cb=0&ws=1600x1200&v=24.129.1645&t=500&slots=%5B%7B%22sd%22%3A%22top_leaderboard%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F1225956%2Fpaste-viewable%2Ftop_leaderboard%22%7D%2C%7B%22sd%22%3A%22above_logo%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F1225956%2Fpaste-viewable%2Fabove_logo%22%7D%2C%7B%22sd%22%3A%22mid_leaderboard_rectangle_1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1225956%2Fpaste-viewable%2Fmid_leaderboard_rectangle_1%22%7D%2C%7B%22sd%22%3A%22mid_leaderboard_rectangle_2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1225956%2Fpaste-viewable%2Fmid_leaderboard_rectangle_2%22%7D%2C%7B%22sd%22%3A%22mid_leaderboard_rectangle_3%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1225956%2Fpaste-viewable%2Fmid_leaderboard_rectangle_3%22%7D%2C%7B%22sd%22%3A%22mid_leaderboard_rectangle_4%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1225956%2Fpaste-viewable%2Fmid_leaderboard_rectangle_4%22%7D%2C%7B%22sd%22%3A%22mid_leaderboard_rectangle_5%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1225956%2Fpaste-viewable%2Fmid_leaderboard_rectangle_5%22%7D%2C%7B%22sd%22%3A%22mid_leaderboard_rectangle_6%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1225956%2Fpaste-viewable%2Fmid_leaderboard_rectangle_6%22%7D%2C%7B%22sd%22%3A%22mid_leaderboard_rectangle_7%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1225956%2Fpaste-viewable%2Fmid_leaderboard_rectangle_7%22%7D%2C%7B%22sd%22%3A%22mid_leaderboard_rectangle_8%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1225956%2Fpaste-viewable%2Fmid_leaderboard_rectangle_8%22%7D%2C%7B%22sd%22%3A%22mid_leaderboard_rectangle_9%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1225956%2Fpaste-viewable%2Fmid_leaderboard_rectangle_9%22%7D%2C%7B%22sd%22%3A%22mid_leaderboard_rectangle_10%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1225956%2Fpaste-viewable%2Fmid_leaderboard_rectangle_10%22%7D%2C%7B%22sd%22%3A%22top_rectangle%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F1225956%2Fpaste-viewable%2Ftop_rectangle%22%7D%2C%7B%22sd%22%3A%22middle_rectangle%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1225956%2Fpaste-viewable%2Fmiddle_rectangle%22%7D%2C%7B%22sd%22%3A%22bottom_rectangle%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F1225956%2Fpaste-viewable%2Fbottom_rectangle%22%7D%2C%7B%22sd%22%3A%22bottom_leaderboard%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F1225956%2Fpaste-viewable%2Fbottom_leaderboard%22%7D%5D&pubid=9d883dc1-db2e-4fb8-960f-4ea07f2b85d8&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.47.29 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-47-29.fra56.r.cloudfront.net Software Server / Resource Hash 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 05:50:03 GMT via 1.1 e999795aa400a9b7027a66ec4ada5728.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA56-P9 x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://www.pastemagazine.com access-control-allow-credentials true timing-allow-origin * content-length 23 x-amz-cf-id 7fejvLx6XZMRf-pJcupyBjGB47K7YzWAGMcpnMPBKh61FYghoIAaiw==
GET H2	200	floors.json Show response ads.pubmatic.com/AdServer/js/pwt/floors/160494/3743/	5 KB 949 B	69ms 28ms	XHR application/json	184.30.16.195 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/pwt/floors/160494/3743/floors.json Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/160494/3742/pwt.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-30-16-195.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 54a97cee4159137bfc2ac9ac2ec2b39c176c4379e322bce23931caaaf35a9388 Request headers Referer https://www.pastemagazine.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type text/plain Response headers date Sat, 03 Feb 2024 05:50:03 GMT content-encoding gzip last-modified Fri, 02 Feb 2024 16:58:27 GMT server Apache vary Accept-Encoding p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" access-control-allow-origin * content-type application/json cache-control public, max-age=7359 access-control-allow-credentials true accept-ranges bytes content-length 543 expires Sat, 03 Feb 2024 07:52:42 GMT
GET H3	200	id Show response googleads.g.doubleclick.net/pagead/ Frame 2684 Redirect Chain https://googleads.g.doubleclick.net/pagead/id https://googleads.g.doubleclick.net/pagead/id?slf_rd=1	100 B 146 B	27ms 26ms	XHR application/json	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/id?slf_rd=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/JdXubSf5YUc?si=4KFLak54X1vsvW4K Protocol H3 Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 094bf8adc5e9961fd24ea4f48ef3ab4d29d43b9d37bebea8fda3120fd58c38d6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 05:50:04 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 120 x-xss-protection 0 pragma no-cache server cafe content-type application/json; charset=UTF-8 access-control-allow-origin https://www.youtube.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Sat, 03 Feb 2024 05:50:03 GMT x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache server cafe content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/id?slf_rd=1 access-control-allow-origin https://www.youtube.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ad_status.js Show response static.doubleclick.net/instream/ Frame 2684	29 B 495 B	63ms 18ms	Script text/javascript	2a00:1450:4001:82f::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://static.doubleclick.net/instream/ad_status.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/a1d7d0f8/www-embed-player.vflset/www-embed-player.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 05:41:44 GMT x-content-type-options nosniff age 499 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29 x-xss-protection 0 last-modified Thu, 12 Dec 2013 23:40:16 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 03 Feb 2024 05:56:44 GMT
OPTIONS H2	200	Create jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame	0 0	72ms 25ms	Preflight text/html	2a00:1450:4001:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type,x-goog-api-key,x-user-agent Access-Control-Request-Method POST Origin https://www.youtube.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-goog-api-key,x-user-agent access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-origin https://www.youtube.com access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html date Sat, 03 Feb 2024 05:50:04 GMT server ESF vary origin referer x-origin x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 0
POST H2	200	Create Show response jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 2684	87 KB 40 KB	35ms 32ms	XHR application/json+protobuf	2a00:1450:4001:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/a1d7d0f8/player_ias.vflset/de_DE/base.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e6bedb72e40c2ba972814911e6d6c284cb31e26ea2e24695e26224a43e2e375e Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers X-User-Agent grpc-web-javascript/0.1 Referer https://www.youtube.com/ X-Goog-Api-Key AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type application/json+protobuf Response headers date Sat, 03 Feb 2024 05:50:04 GMT content-encoding gzip x-content-type-options nosniff server ESF vary Origin, X-Origin, Referer x-frame-options SAMEORIGIN content-type application/json+protobuf; charset=UTF-8 access-control-allow-origin https://www.youtube.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 40732 x-xss-protection 0
GET H3	200	remote.js Show response www.youtube.com/s/player/a1d7d0f8/player_ias.vflset/de_DE/ Frame 2684	117 KB 33 KB	21ms 21ms	Script text/javascript	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/a1d7d0f8/player_ias.vflset/de_DE/remote.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/a1d7d0f8/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 32569540cca82cee28bd9a023f5438d89122ee024b0fd8c8cb2c96778d8954f8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/JdXubSf5YUc?si=4KFLak54X1vsvW4K User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 31 Jan 2024 08:32:12 GMT content-encoding br x-content-type-options nosniff age 249471 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33870 x-xss-protection 0 last-modified Wed, 31 Jan 2024 05:17:15 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Thu, 30 Jan 2025 08:32:12 GMT
GET H2	200	GmRahjSf3JbDLJ_8drlGuzLn-semBsnMOpTLfEePKCI.js Show response www.google.com/js/th/ Frame 2684	51 KB 20 KB	68ms 21ms	Script text/javascript	2a00:1450:4001:806::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/js/th/GmRahjSf3JbDLJ_8drlGuzLn-semBsnMOpTLfEePKCI.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/a1d7d0f8/player_ias.vflset/de_DE/base.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1a645a86349fdc96c32c9ffc76b946bb32e7fac7a606c9cc3a94cb7c478f2822 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 19:44:45 GMT content-encoding br x-content-type-options nosniff age 36319 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19865 x-xss-protection 0 last-modified Mon, 15 Jan 2024 10:00:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 01 Feb 2025 19:44:45 GMT
GET H2	200	sddefault.jpg i.ytimg.com/vi/JdXubSf5YUc/ Frame 2684	41 KB 42 KB	68ms 19ms	Image image/jpeg	2a00:1450:4001:81c::2016 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ytimg.com/vi/JdXubSf5YUc/sddefault.jpg Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/JdXubSf5YUc?si=4KFLak54X1vsvW4K Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4181d3a234594e67b7ec0e21922fb39eee0af9be2f2328a418af4a9ecdfdf10f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 04:49:56 GMT x-content-type-options nosniff age 3608 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42449 x-xss-protection 0 server sffe etag "1695888587" vary Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type image/jpeg cache-control public, max-age=7200 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Sat, 03 Feb 2024 06:49:56 GMT
GET DATA	200 OK	truncated / Frame 2684	175 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Content-Type image/png
GET H2	200	V45RdYGg9Y3b0fyZqbPY8fdvHa40tHNup5zd048sYFXL1eiVkIOIbNv-AXk12H2ljHl338kUwto=s68-c-k-c0x00ffffff-no-rj yt3.ggpht.com/ Frame 2684	2 KB 3 KB	67ms 18ms	Image image/jpeg	2a00:1450:4001:827::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://yt3.ggpht.com/V45RdYGg9Y3b0fyZqbPY8fdvHa40tHNup5zd048sYFXL1eiVkIOIbNv-AXk12H2ljHl338kUwto=s68-c-k-c0x00ffffff-no-rj Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/JdXubSf5YUc?si=4KFLak54X1vsvW4K Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash b576207161d6c60218516683872e7b9c68ed1d87194b8a49f5351f646c1b9724 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 01:51:01 GMT x-content-type-options nosniff age 14343 content-disposition inline;filename="channels4_profile.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2440 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Sun, 04 Feb 2024 01:51:01 GMT
GET H2	200	topics_frame.html Show response ads.pubmatic.com/AdServer/js/topics/ Frame 1D4A	2 KB 1 KB	20ms 20ms	Document text/html	184.30.16.195 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/160494/3742/pwt.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-30-16-195.deploy.static.akamaitechnologies.com Software Apache / Resource Hash c16a536e9381a97c5d473a2b70aa9057bceebe38f05bb7d90360c96bff579033 Request headers Referer https://www.pastemagazine.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes cache-control max-age=81408 content-encoding gzip content-length 859 content-type text/html date Sat, 03 Feb 2024 05:50:04 GMT expires Sun, 04 Feb 2024 04:26:52 GMT last-modified Tue, 21 Mar 2023 05:02:13 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" server Apache vary Accept-Encoding
POST H2	400	/ Show response ow.pubmatic.com/cookie_sync/	120 B 268 B	140ms 48ms	XHR text/plain	185.64.189.116 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://ow.pubmatic.com/cookie_sync/?sec=1 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/160494/3742/pwt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.64.189.116 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash b6e7aed079d176a0b4dac32e74a1550cb2b219410d5d9bf62295982337ae9b67 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.pastemagazine.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.pastemagazine.com date Sat, 03 Feb 2024 05:50:04 GMT access-control-allow-credentials true x-content-type-options nosniff content-length 120 content-type text/plain; charset=utf-8
POST H2	200	auction Show response ow.pubmatic.com/pbs/openrtb2/	257 B 345 B	144ms 59ms	XHR application/json	185.64.189.116 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://ow.pubmatic.com/pbs/openrtb2/auction Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/160494/3742/pwt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.64.189.116 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash 0f89bd14efedb11a2c21ca3dcf11cc88fff8d67421211a9e2af8eddffad27791 Request headers Referer https://www.pastemagazine.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.pastemagazine.com date Sat, 03 Feb 2024 05:50:04 GMT access-control-allow-credentials true content-length 257 content-type application/json
GET H2	200	fastlane.json Show response fastlane.rubiconproject.com/a/api/	2 KB 4 KB	411ms 319ms	XHR application/json	2602:803:c004:200::140 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17188&site_id=273474&zone_id=1364258&size_id=2%3B15%3B15%3B15%3B15%3B15%3B15%3B15%3B15%3B15&p_pos=atf%3Bbtf%3Bbtf%3Bbtf%3Bbtf%3Bbtf%3Bbtf%3Bbtf%3Bbtf%3Bbtf&eid_pubcid.org=4f40d672-25c4-4183-add4-ac7079705fcc%5E1&rf=https%3A%2F%2Fwww.pastemagazine.com%2Fmusic%2Flyrical-lemonade%2Fcole-bennett-lyrical-lemonade-interview%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D460761_02.02.24_Def%2520Jam_Def%2520Jam%2520Newsletter_Full%2520List_231785_US%26dm_i%3D4YUH%2C9VIX%2C3D2TUT%2C1EYLC%2C0&tg_i.page=https%3A%2F%2Fwww.pastemagazine.com%2Fmusic%2Flyrical-lemonade%2Fcole-bennett-lyrical-lemonade-interview%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D460761_02.02.24_Def%2520Jam_Def%2520Jam%2520Newsletter_Full%2520List_231785_US%26dm_i%3D4YUH%2C9VIX%2C3D2TUT%2C1EYLC%2C0&tg_i.domain=pastemagazine.com&tg_i.pbadslot=top_leaderboard%3Bmid_leaderboard_rectangle_1%3Bmid_leaderboard_rectangle_2%3Bmid_leaderboard_rectangle_3%3Bmid_leaderboard_rectangle_4%3Bmid_leaderboard_rectangle_5%3Bmid_leaderboard_rectangle_6%3Bmid_leaderboard_rectangle_7%3Bmid_leaderboard_rectangle_8%3Bmid_leaderboard_rectangle_9&tk_flint=pbjs_lite_v7.39.0&x_source.tid=95813317-3e7d-44ff-9f6e-e9b8af5cd675%3B9aa5e263-1018-4705-b77c-d9d98cab7c2d%3Bbd30b4d4-3e4d-41a2-8d30-0cf8fb560297%3B1378760b-2245-4a28-9441-935dd4bb431b%3Be7bd71c3-112f-47f9-bd4d-da6db1c6a2ca%3B46018981-6b18-4ba0-af25-bfddd8886bed%3B2b45c68e-84fe-4e8c-a625-85f8b5806aab%3Baa1f6da3-93ba-4d02-9f02-1d24bd42daf0%3Bd199a68f-2644-40ae-bebd-ee3811a4892c%3Bbc8875fe-5b76-4029-80de-46e8094b00d3&l_pb_bid_id=50646f7fa7b182d%3B51e70390105d53a%3B52d1d57c28ba2f5%3B53b162960b82a9e%3B5415469eebe2897%3B55f6cba4a5dffca%3B56a0db2886acc66%3B578d9d9fb71a716%3B58fd13e5a0aa882%3B59b55b598baa37c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=10&rand=0.950497079000648 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/160494/3742/pwt.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.21.4 / Resource Hash 295c3f43ca9437d440c5b3acc73583a873ccdff854c3abce651d11f8e59bea94 Request headers Referer https://www.pastemagazine.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 03 Feb 2024 05:50:04 GMT content-encoding gzip server nginx/1.21.4 vary Accept-Encoding content-type application/json access-control-allow-origin https://www.pastemagazine.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true expires Wed, 17 Sep 1975 21:32:10 GMT
GET H2	200	fastlane.json Show response fastlane.rubiconproject.com/a/api/	1 KB 2 KB	226ms 134ms	XHR application/json	2602:803:c004:200::140 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17188&site_id=273474&zone_id=1364258&size_id=15%3B15%3B15%3B15%3B2&alt_size_ids=%3B10%3B%3B10%3B&p_pos=btf%3Bbtf%3Bbtf%3Batf%3Batf&eid_pubcid.org=4f40d672-25c4-4183-add4-ac7079705fcc%5E1&rf=https%3A%2F%2Fwww.pastemagazine.com%2Fmusic%2Flyrical-lemonade%2Fcole-bennett-lyrical-lemonade-interview%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D460761_02.02.24_Def%2520Jam_Def%2520Jam%2520Newsletter_Full%2520List_231785_US%26dm_i%3D4YUH%2C9VIX%2C3D2TUT%2C1EYLC%2C0&tg_i.page=https%3A%2F%2Fwww.pastemagazine.com%2Fmusic%2Flyrical-lemonade%2Fcole-bennett-lyrical-lemonade-interview%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D460761_02.02.24_Def%2520Jam_Def%2520Jam%2520Newsletter_Full%2520List_231785_US%26dm_i%3D4YUH%2C9VIX%2C3D2TUT%2C1EYLC%2C0&tg_i.domain=pastemagazine.com&tg_i.pbadslot=mid_leaderboard_rectangle_10%3Btop_rectangle%3Bmiddle_rectangle%3Bbottom_rectangle%3Bbottom_leaderboard&tk_flint=pbjs_lite_v7.39.0&x_source.tid=d07a517a-244c-41fe-936b-f87c3b1b555b%3B677a651d-aaa7-4553-9e18-7e1056d6e928%3B6c0305ac-b669-4c7f-9871-ffb2d7c9fcc4%3B73556d6d-4b1d-488c-b304-847c4ec5de4b%3Bc1f6a486-430e-4e54-a6b0-c04bf1ce1a11&l_pb_bid_id=60781a6460a5f88%3B614666a5164ffc8%3B6260ac1ebda181c%3B6327d120023711a%3B64c6ae7303a6dc1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=5&rand=0.8593698302255695 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/160494/3742/pwt.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.21.4 / Resource Hash fe57c2eec797383306a8b4b8604ce21a7532ca949bb538d1e1c115ec6f04c143 Request headers Referer https://www.pastemagazine.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 03 Feb 2024 05:50:04 GMT content-encoding gzip server nginx/1.21.4 vary Accept-Encoding content-type application/json access-control-allow-origin https://www.pastemagazine.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true expires Wed, 17 Sep 1975 21:32:10 GMT
POST H2	204	translator Show response hbopenbid.pubmatic.com/	0 117 B	136ms 62ms	XHR text/plain	185.64.189.112 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=361 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/160494/3742/pwt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.pastemagazine.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.pastemagazine.com date Sat, 03 Feb 2024 05:50:03 GMT cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true
POST H2	204	25 Show response web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/	0 219 B	146ms 36ms	XHR text/plain	2a02:fa8:8806:12::1460 VCLK-EU-SE
General Check archive.org Show headers Download Go to Full URL https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/160494/3742/pwt.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.pastemagazine.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 03 Feb 2024 05:50:04 GMT server nginx accept-ch Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness access-control-allow-origin https://www.pastemagazine.com cache-control no-cache access-control-allow-credentials true expires 0
GET H3	200	id Show response googleads.g.doubleclick.net/pagead/ Frame 39E8 Redirect Chain https://googleads.g.doubleclick.net/pagead/id https://googleads.g.doubleclick.net/pagead/id?slf_rd=1	100 B 146 B	27ms 26ms	XHR application/json	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/id?slf_rd=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/Sh0bCn9Iaik?si=9Hghmzh3c4RnxUFp Protocol H3 Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 91637bf45a4c4bb3f65e0713458ebd0b951382acd54db7662ce70d11fe477c1d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 05:50:04 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 120 x-xss-protection 0 pragma no-cache server cafe content-type application/json; charset=UTF-8 access-control-allow-origin https://www.youtube.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Sat, 03 Feb 2024 05:50:04 GMT x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache server cafe content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/id?slf_rd=1 access-control-allow-origin https://www.youtube.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ad_status.js Show response static.doubleclick.net/instream/ Frame 39E8	29 B 92 B	24ms 20ms	Script text/javascript	2a00:1450:4001:82f::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://static.doubleclick.net/instream/ad_status.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/a1d7d0f8/www-embed-player.vflset/www-embed-player.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 05:41:44 GMT x-content-type-options nosniff age 500 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29 x-xss-protection 0 last-modified Thu, 12 Dec 2013 23:40:16 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 03 Feb 2024 05:56:44 GMT
OPTIONS H3	200	Create jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame	0 0	27ms 26ms	Preflight text/html	2a00:1450:4001:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type,x-goog-api-key,x-user-agent Access-Control-Request-Method POST Origin https://www.youtube.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-goog-api-key,x-user-agent access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-origin https://www.youtube.com access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html date Sat, 03 Feb 2024 05:50:04 GMT server ESF vary origin referer x-origin x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 0
POST H3	200	Create Show response jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 39E8	87 KB 40 KB	35ms 34ms	XHR application/json+protobuf	2a00:1450:4001:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/a1d7d0f8/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f7c451b9a99f258417bd3fc9d5631dc7533387303a836067589929522f20a256 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers X-User-Agent grpc-web-javascript/0.1 Referer https://www.youtube.com/ X-Goog-Api-Key AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type application/json+protobuf Response headers date Sat, 03 Feb 2024 05:50:04 GMT content-encoding gzip x-content-type-options nosniff server ESF vary Origin, X-Origin, Referer x-frame-options SAMEORIGIN content-type application/json+protobuf; charset=UTF-8 access-control-allow-origin https://www.youtube.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 40747 x-xss-protection 0
GET H3	200	remote.js Show response www.youtube.com/s/player/a1d7d0f8/player_ias.vflset/de_DE/ Frame 39E8	117 KB 33 KB	21ms 20ms	Script text/javascript	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/a1d7d0f8/player_ias.vflset/de_DE/remote.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/a1d7d0f8/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 32569540cca82cee28bd9a023f5438d89122ee024b0fd8c8cb2c96778d8954f8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/Sh0bCn9Iaik?si=9Hghmzh3c4RnxUFp User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 31 Jan 2024 08:32:12 GMT content-encoding br x-content-type-options nosniff age 249472 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33870 x-xss-protection 0 last-modified Wed, 31 Jan 2024 05:17:15 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Thu, 30 Jan 2025 08:32:12 GMT
GET H2	200	GmRahjSf3JbDLJ_8drlGuzLn-semBsnMOpTLfEePKCI.js Show response www.google.com/js/th/ Frame 39E8	51 KB 19 KB	21ms 20ms	Script text/javascript	2a00:1450:4001:806::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/js/th/GmRahjSf3JbDLJ_8drlGuzLn-semBsnMOpTLfEePKCI.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/a1d7d0f8/player_ias.vflset/de_DE/base.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1a645a86349fdc96c32c9ffc76b946bb32e7fac7a606c9cc3a94cb7c478f2822 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 19:44:45 GMT content-encoding br x-content-type-options nosniff age 36319 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19865 x-xss-protection 0 last-modified Mon, 15 Jan 2024 10:00:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 01 Feb 2025 19:44:45 GMT
GET H2	200	sddefault.webp i.ytimg.com/vi_webp/Sh0bCn9Iaik/ Frame 39E8	24 KB 24 KB	20ms 20ms	Image image/webp	2a00:1450:4001:81c::2016 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ytimg.com/vi_webp/Sh0bCn9Iaik/sddefault.webp Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/Sh0bCn9Iaik?si=9Hghmzh3c4RnxUFp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 85f4ecf71dfa5406b7dc042efadf36cad0423a60ae619a2608da32a6c4f7d3cb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 04:53:56 GMT x-content-type-options nosniff age 3368 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24822 x-xss-protection 0 server sffe etag "1706487903" vary Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type image/webp cache-control public, max-age=7200 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Sat, 03 Feb 2024 06:53:56 GMT
POST H3	200	GenerateIT Show response jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 2684	90 B 134 B	31ms 31ms	XHR application/json+protobuf	2a00:1450:4001:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/a1d7d0f8/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 35775b1ca85b6a7d32f03ba26b0f4435eae1af269458496ca1129370aab75786 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers X-User-Agent grpc-web-javascript/0.1 Referer https://www.youtube.com/ X-Goog-Api-Key AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type application/json+protobuf Response headers date Sat, 03 Feb 2024 05:50:04 GMT content-encoding gzip x-content-type-options nosniff server ESF vary Origin, X-Origin, Referer x-frame-options SAMEORIGIN content-type application/json+protobuf; charset=UTF-8 access-control-allow-origin https://www.youtube.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 110 x-xss-protection 0
OPTIONS H3	200	GenerateIT jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame	0 0	26ms 26ms	Preflight text/html	2a00:1450:4001:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type,x-goog-api-key,x-user-agent Access-Control-Request-Method POST Origin https://www.youtube.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-goog-api-key,x-user-agent access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-origin https://www.youtube.com access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html date Sat, 03 Feb 2024 05:50:04 GMT server ESF vary origin referer x-origin x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 0
GET DATA	200 OK	truncated / Frame 39E8	175 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Content-Type image/png
GET H2	200	V45RdYGg9Y3b0fyZqbPY8fdvHa40tHNup5zd048sYFXL1eiVkIOIbNv-AXk12H2ljHl338kUwto=s68-c-k-c0x00ffffff-no-rj yt3.ggpht.com/ Frame 39E8	2 KB 2 KB	19ms 18ms	Image image/jpeg	2a00:1450:4001:827::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://yt3.ggpht.com/V45RdYGg9Y3b0fyZqbPY8fdvHa40tHNup5zd048sYFXL1eiVkIOIbNv-AXk12H2ljHl338kUwto=s68-c-k-c0x00ffffff-no-rj Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/Sh0bCn9Iaik?si=9Hghmzh3c4RnxUFp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash b576207161d6c60218516683872e7b9c68ed1d87194b8a49f5351f646c1b9724 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 01:51:01 GMT x-content-type-options nosniff age 14343 content-disposition inline;filename="channels4_profile.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2440 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Sun, 04 Feb 2024 01:51:01 GMT
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/	436 KB 136 KB	19ms 18ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080791 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 30f626b7d89b4a108dea23a3840cb1f923334a36f485ebcc8075f06a79904cbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 17:34:01 GMT content-encoding br x-content-type-options nosniff age 44163 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 139565 x-xss-protection 0 server cafe etag 12534472742743793976 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Sat, 01 Feb 2025 17:34:01 GMT
OPTIONS H3	200	GenerateIT jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame	0 0	36ms 35ms	Preflight text/html	2a00:1450:4001:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type,x-goog-api-key,x-user-agent Access-Control-Request-Method POST Origin https://www.youtube.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-goog-api-key,x-user-agent access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-origin https://www.youtube.com access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html date Sat, 03 Feb 2024 05:50:04 GMT server ESF vary origin referer x-origin x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 0
POST H3	200	GenerateIT Show response jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 39E8	90 B 134 B	30ms 30ms	XHR application/json+protobuf	2a00:1450:4001:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/a1d7d0f8/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f6b483746ba35aa6892bb91452a412758d4d2465b0dc6631c5bd99ebc2406789 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers X-User-Agent grpc-web-javascript/0.1 Referer https://www.youtube.com/ X-Goog-Api-Key AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type application/json+protobuf Response headers date Sat, 03 Feb 2024 05:50:04 GMT content-encoding gzip x-content-type-options nosniff server ESF vary Origin, X-Origin, Referer x-frame-options SAMEORIGIN content-type application/json+protobuf; charset=UTF-8 access-control-allow-origin https://www.youtube.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 110 x-xss-protection 0
GET H2	200	cast_sender.js Show response www.gstatic.com/cv/js/sender/v1/ Frame 2684	4 KB 2 KB	81ms 34ms	Script text/javascript	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/a1d7d0f8/player_ias.vflset/de_DE/base.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 05:50:04 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2007 x-xss-protection 0 last-modified Tue, 16 Feb 2021 23:57:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview" vary Accept-Encoding report-to {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sat, 03 Feb 2024 05:50:04 GMT
GET H3	204	generate_204 www.youtube.com/ Frame 2684	0 10 B	21ms 20ms	Image text/plain	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.youtube.com/generate_204?lMAO0g Requested by Host: www.pastemagazine.com URL: https://www.pastemagazine.com/music/lyrical-lemonade/cole-bennett-lyrical-lemonade-interview?utm_source=dotmailer&utm_medium=email&utm_campaign=460761_02.02.24_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,9VIX,3D2TUT,1EYLC,0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/JdXubSf5YUc?si=4KFLak54X1vsvW4K User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 05:50:04 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	cast_sender.js Show response www.gstatic.com/cv/js/sender/v1/ Frame 39E8	4 KB 2 KB	28ms 27ms	Script text/javascript	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/a1d7d0f8/player_ias.vflset/de_DE/base.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 05:50:04 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2007 x-xss-protection 0 last-modified Tue, 16 Feb 2021 23:57:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview" vary Accept-Encoding report-to {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sat, 03 Feb 2024 05:50:04 GMT
GET H3	204	generate_204 www.youtube.com/ Frame 39E8	0 10 B	20ms 19ms	Image text/plain	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.youtube.com/generate_204?gcfvVg Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/Sh0bCn9Iaik?si=9Hghmzh3c4RnxUFp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/Sh0bCn9Iaik?si=9Hghmzh3c4RnxUFp User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 05:50:04 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	1225956 Show response fundingchoicesmessages.google.com/i/	183 KB 61 KB	124ms 63ms	Script application/javascript	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/i/1225956?ers=3 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080791 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 5189e303de1602aee94e0a2f43c77a5b97665e1a4d06aac7764c059dc87025c2 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-Ys2QwLY_hM8e0FyoKg-GvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 05:50:04 GMT content-security-policy script-src 'report-sample' 'nonce-Ys2QwLY_hM8e0FyoKg-GvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjusKoxSXF4KQhxXDy1m2mi0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgLsh-zlQBxIx_XjBxAvG7Ly-ZeL6-ZJIAYg0gfif5iukbEO_w8WB5Ez6dlStiOitbxXRWPiCOq5vOmgfEfOums-qun8665cx01j1AHPN8OmsKEC9mncG6GoinBM5gnQPELdFANhA7pc9gDQLiz5kzWH8DsU_9DNYYIC67fY61DoiF5c6zSgOxEA9Hz4rva9kEOvbuu8QEACW1Xrc" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	async_usersync.html Show response acdn.adnxs.com/dmp/ Frame 580D	52 KB 17 KB	88ms 22ms	Document text/html	151.101.129.108 FASTLY
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/160494/3742/pwt.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.108 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd Request headers Referer https://www.pastemagazine.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Access-Control-Allow-Origin * Age 1377 Cache-Control max-age=86402 Connection keep-alive Content-Encoding gzip Content-Length 17053 Content-Type text/html Date Sat, 03 Feb 2024 05:50:04 GMT ETag W/"623de86a-cf34" Expires Thu, 18 Jan 2024 05:26:34 GMT Last-Modified Fri, 25 Mar 2022 16:06:02 GMT Server nginx/1.18.0 (Ubuntu) Vary Accept-Encoding Via 1.1 varnish, 1.1 varnish X-Cache HIT, HIT X-Cache-Hits 328, 5594 X-Served-By cache-lga21982-LGA, cache-fra-eddf8230086-FRA X-Timer S1706939405.686967,VS0,VE0
GET H2	200	user_sync.html Show response ads.pubmatic.com/AdServer/js/ Frame 83E7	16 KB 6 KB	21ms 20ms	Document text/html	184.30.16.195 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160494 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/160494/3742/pwt.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-30-16-195.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652 Request headers Referer https://www.pastemagazine.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes cache-control max-age=129765 content-encoding gzip content-length 5622 content-type text/html date Sat, 03 Feb 2024 05:50:04 GMT expires Sun, 04 Feb 2024 17:52:49 GMT last-modified Thu, 16 Nov 2023 09:11:44 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" server Apache vary Accept-Encoding
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame 0A82	281 B 555 B	76ms 17ms	Document text/html	184.30.22.30 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/160494/3742/pwt.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-30-22-30.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Referer https://www.pastemagazine.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Connection keep-alive Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Sat, 03 Feb 2024 05:50:04 GMT ETag "280524-119-60b38417c4040" Last-Modified Tue, 28 Nov 2023 15:41:45 GMT Server Apache/2.2.15 (CentOS) Vary Accept-Encoding
GET H2	200	ixmatch.html Show response js-sec.indexww.com/um/ Frame C894	3 KB 2 KB	74ms 26ms	Document text/html	104.18.38.76 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-sec.indexww.com/um/ixmatch.html Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/160494/3742/pwt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb Request headers Referer https://www.pastemagazine.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 481 cache-control public, max-age=14400 cf-cache-status HIT cf-ray 84f864ef2aa75902-TXL content-encoding gzip content-type text/html; charset=UTF-8 date Sat, 03 Feb 2024 05:50:04 GMT expires Sat, 03 Feb 2024 09:50:04 GMT last-modified Mon, 25 Jul 2022 19:18:19 GMT p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" server cloudflare vary Accept-Encoding
GET H3	200	cast_sender.js Show response www.gstatic.com/eureka/clank/121/ Frame 2684	50 KB 14 KB	21ms 20ms	Script text/javascript	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/eureka/clank/121/cast_sender.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 17:33:00 GMT content-encoding gzip x-content-type-options nosniff age 44224 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14705 x-xss-protection 0 last-modified Mon, 27 Nov 2023 16:05:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview-release" vary Accept-Encoding report-to {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]} content-type text/javascript cache-control public, max-age=86400 accept-ranges bytes expires Sat, 03 Feb 2024 17:33:00 GMT
GET H3	200	cast_sender.js Show response www.gstatic.com/eureka/clank/121/ Frame 39E8	50 KB 14 KB	20ms 19ms	Script text/javascript	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/eureka/clank/121/cast_sender.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 17:33:00 GMT content-encoding gzip x-content-type-options nosniff age 44224 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14705 x-xss-protection 0 last-modified Mon, 27 Nov 2023 16:05:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview-release" vary Accept-Encoding report-to {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]} content-type text/javascript cache-control public, max-age=86400 accept-ranges bytes expires Sat, 03 Feb 2024 17:33:00 GMT
GET H2	200	PugMaster Show response image6.pubmatic.com/AdServer/ Frame 83E7	0 42 B	133ms 33ms	Script text/plain	185.64.190.78 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=49099103&p=160494&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160494 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 05:50:04 GMT content-length 0
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame 0A82	39 KB 11 KB	18ms 18ms	Script text/html	184.30.22.30 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-30-22-30.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash 0ac583617d83445a7c08fda8fa4a40a2ecceac17b08d5cdae6aaa143b1645ff1 Request headers accept-language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/usync.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Sat, 03 Feb 2024 05:50:04 GMT Content-Encoding gzip Last-Modified Sat, 03 Feb 2024 04:11:43 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding Content-Type text/html; charset=UTF-8 p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=80505 Connection keep-alive Content-Length 10919 Expires Sun, 04 Feb 2024 04:11:49 GMT
GET H2	200	usermatch Show response ssum-sec.casalemedia.com/ Frame 4E29 Redirect Chain https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pastemagazine.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pastemagazine.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1	2 KB 841 B	49ms 48ms	Document text/html	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pastemagazine.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/um/ixmatch.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8ea2e1d477a568f069b3964e1919f227c6fdb0d870465f46e28d3f772b31fed4 Request headers Referer https://js-sec.indexww.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-cache cf-cache-status DYNAMIC cf-ray 84f864f07b0f4480-TXL content-encoding br content-type text/html date Sat, 03 Feb 2024 05:50:04 GMT expires 0 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oB0jJrm0%2F3P2irjH2%2FVwVUsXUeAoNpKWzsZ7TdjUVTpREGxC3HDXAUBPSJqBc2f7xTmZByiI8Leuev2yGXcKwrACReLL%2Bjgytirhl2tM1jXsNRs4AyZDn2IKAhMlIIoQ%2BWT3A4syLmVnzQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers alt-svc h3=":443"; ma=86400 cache-control no-cache cf-cache-status DYNAMIC cf-ray 84f864efba104480-TXL content-length 0 date Sat, 03 Feb 2024 05:50:04 GMT expires 0 location /usermatch?d=https%3A%2F%2Fwww.pastemagazine.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7BLOHR0Z8dBX922IZSmQG7GOmjEsoWXn4BqQr%2B9p5R2zJyhj79COJYEWjPf3jxFxNQ1FNJSUwUdyfObFcgCjGvryj72kSCMoM1AuWLDi1fE4PweZOCe7KouIgjc4csIJ5jE2lfWiHcw05A%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	bounce Show response ib.adnxs.com/ Frame 580D Redirect Chain https://ib.adnxs.com/async_usersync?cbfn=queuePixels https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels	0 970 B	30ms 30ms	Script text/html	37.252.172.123 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol H2 Server 37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.23.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma no-cache date Sat, 03 Feb 2024 05:50:04 GMT an-x-request-uuid b2e29100-fc26-4d86-8663-73ab3c23d138 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 217.114.218.20; 217.114.218.20; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Sat, 03 Feb 2024 05:50:04 GMT an-x-request-uuid 29132470-44b2-4bae-a53b-a82ea2c30be7 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels cache-control no-store, no-cache, private x-proxy-origin 217.114.218.20; 217.114.218.20; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	khaos.json Show response token.rubiconproject.com/ Frame 0A82	7 B 380 B	205ms 24ms	XHR application/json	69.173.144.139 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://token.rubiconproject.com/khaos.json? Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628 Request headers accept-language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-type application/json; charset=UTF-8 access-control-allow-origin https://eus.rubiconproject.com Cache-Control no-cache,no-store,must-revalidate access-control-allow-credentials true content-length 7 X-RPHost 1f4afaf10c6b5898421df1cdca3fc7f5 Expires 0
GET H2	200	AGSKWxWoQQ39_ZIsWjZO3GXrbGM9ujDwBa5fwctccC4y_nItnuGF03Tpxzf5ZiWW28qmyVnehvwhQ3APsvrX3wL0T22-UbmN72727GFeWUMJ_Quh6r3XAPFCdhXXVtg0B83LM76kk-48Zw== Show response fundingchoicesmessages.google.com/f/	401 KB 61 KB	161ms 157ms	Script application/javascript	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxWoQQ39_ZIsWjZO3GXrbGM9ujDwBa5fwctccC4y_nItnuGF03Tpxzf5ZiWW28qmyVnehvwhQ3APsvrX3wL0T22-UbmN72727GFeWUMJ_Quh6r3XAPFCdhXXVtg0B83LM76kk-48Zw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2OTM5NDA0LDc4MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cucGFzdGVtYWdhemluZS5jb20vbXVzaWMvbHlyaWNhbC1sZW1vbmFkZS9jb2xlLWJlbm5ldHQtbHlyaWNhbC1sZW1vbmFkZS1pbnRlcnZpZXciLG51bGwsW1s4LCJSVXJaQmprQU9SayJdLFs5LCJkZSJdLFsxOSwiMSJdLFsxNywiWzBdIl1dXQ Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.RUrZBjkAORk.es5.O/am=wA/d=1/rs=AJlcJMz5VRiJy9OwG--o2Sg4RI-wGtUBww/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 3226b377fd77495e15c8ebe68a162faf20405eebc739e78e16df51a653af4b65 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-Lfh_jLXppMAKrDy69LhIAw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 05:50:04 GMT content-security-policy script-src 'report-sample' 'nonce-Lfh_jLXppMAKrDy69LhIAw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjusKoxSXF4KQhxXDi1m2mC0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgLsh-zlQBxIx_XjBxAvG7Ly-ZeL6-ZJIAYg0gfif5iukbEO_w8WB5Ez6dlStiOitbxXRWPiCOq5vOmgfEfOums-qun8665cx01j1AHPN8OmsKEC9mncG6GoinBM5gnQPELdFANhA7pc9gDQLiz5kzWH8DsW_9DNZYIC67fY61DoiF5c6zSgOxEA9Hz4rva9kEFlz4vpMZACWLXwM" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	b-00aw Show response i.liadm.com/s/c/ Frame 3261	1 KB 1 KB	521ms 133ms	Document text/html	107.21.138.225 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://i.liadm.com/s/c/b-00aw?duid=6f8b055d5004--01hnpr8k8m2pdy3yfp6pmp7snt&euns=0&s=&version=v2.12.0&cd=.pastemagazine.com Requested by Host: b-code.liadm.com URL: https://b-code.liadm.com/b-00aw.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-107-21-138-225.compute-1.amazonaws.com Software / Resource Hash ae79b37ab5c9c8703f5788b3eca5fd3ffef0ead4e54f36171d817a92e0c9e78f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.pastemagazine.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control private, no-cache, max-age=0 Connection keep-alive Content-Encoding gzip Content-Length 686 Content-Type text/html; charset=UTF-8 Date Sat, 03 Feb 2024 05:50:05 GMT Request-Time 12 Strict-Transport-Security max-age=31536000; includeSubDomains Vary Accept-Encoding
GET H3	200	usermatchredir ssum-sec.casalemedia.com/ Frame 4E29 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Zb3UDNBwDdMu3Vk8OSvCMAAAFFMAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=Zb3UDNBwDdMu3Vk8OSvCMAAAFFMAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc= https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEP6g4kEgwQvgeB1y9BhzseU&google_cver=1	43 B 738 B	52ms 51ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEP6g4kEgwQvgeB1y9BhzseU&google_cver=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pastemagazine.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma no-cache date Sat, 03 Feb 2024 05:50:05 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RINBas6nMXuabDzPxWYdzQ%2BY6BGkOr4kOfNRHRf3Bso3Fgh0i%2Fao%2BdoxDJ%2FRPiUHYRf%2B2J3CPzaHIUzV280mQmnzarYUs8HYtPVn4H5ooVaD6a1cmu0CD%2F%2BQISzNENHs5ApkXyreYETiHg%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 84f864f1cae644fe-TXL alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sat, 03 Feb 2024 05:50:05 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEP6g4kEgwQvgeB1y9BhzseU&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 364 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	crum dsum-sec.casalemedia.com/ Frame 4E29 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Zb3UDNBwDdMu3Vk8OSvCMAAA https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=Zb3UDNBwDdMu3Vk8OSvCMAAA&google_tc= https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPiWUwu3zKBj66yxSULMBz8&google_cver=1	43 B 738 B	48ms 47ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPiWUwu3zKBj66yxSULMBz8&google_cver=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pastemagazine.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma no-cache date Sat, 03 Feb 2024 05:50:05 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JGedn3BLRyl83SPsMKlAPmIvM%2BLOO1U1f6ZbymIEPYRQMhnivGwuGDDRJOn%2BG4XdxzAtHXOSz6Ok%2FUPiqqgNHMEPnBPSiwZP%2BrBY0ZoRmjgC7cFHPSdfUcvG5ePg0evIWjyaUjwjcr%2BxlQ%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 84f864f1cae444fe-TXL alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sat, 03 Feb 2024 05:50:05 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPiWUwu3zKBj66yxSULMBz8&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 314 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	casale match.adsrvr.org/track/cmf/ Frame 4E29	70 B 149 B	157ms 48ms	Image image/gif	3.33.220.150 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/casale Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pastemagazine.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software Kestrel / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 05:50:05 GMT server Kestrel content-length 70 content-type image/gif
GET H/1.1	200 OK	dcm s.amazon-adsystem.com/ Frame 4E29 Redirect Chain https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Zb3UDNBwDdMu3Vk8OSvCMAAAFFMAAAAB&gpp=&gpp_sid= https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Zb3UDNBwDdMu3Vk8OSvCMAAAFFMAAAAB&gpp=&gpp_sid=&dcc=t	43 B 855 B	126ms 126ms	Image image/gif	52.46.143.56 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Zb3UDNBwDdMu3Vk8OSvCMAAAFFMAAAAB&gpp=&gpp_sid=&dcc=t Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pastemagazine.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol HTTP/1.1 Server 52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Pragma no-cache Date Sat, 03 Feb 2024 05:50:05 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid NE303BDM6YBPDKKPWEQZ Vary Content-Type,Accept-Encoding,User-Agent Content-Type image/gif p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Sat, 03 Feb 2024 05:50:05 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid J24ZTNS7V12F1JMVSZMX Vary Content-Type,Accept-Encoding,User-Agent p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Location https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Zb3UDNBwDdMu3Vk8OSvCMAAAFFMAAAAB&gpp=&gpp_sid=&dcc=t Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	crum dsum-sec.casalemedia.com/ Frame 4E29 Redirect Chain https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=20F0EE997A5049BEBCFB55D27ED55E55	43 B 770 B	47ms 47ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=20F0EE997A5049BEBCFB55D27ED55E55 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pastemagazine.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma no-cache date Sat, 03 Feb 2024 05:50:05 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S5uumGdFDZorVenYVSQ2UtRqeEbQHcc1EAMfdivFwEwH79pfkakkHsMJPV5QVeMHB%2B%2FgICYY%2FjA1JcGqkLjDKP4TCjq5NnBnhup68DGK4B5Y1BoBpRsryli83q8SVGfpwW6rZBVse8FRKg%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 84f864f17a8d44fe-TXL alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers date Sat, 03 Feb 2024 05:50:05 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=20F0EE997A5049BEBCFB55D27ED55E55 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Fri, 02 Feb 2024 05:50:05 GMT
GET H/1.1	200 OK	ie match.prod.bidr.io/cookie-sync/ Frame 4E29	43 B 433 B	184ms 42ms	Image image/gif	52.211.13.166 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.prod.bidr.io/cookie-sync/ie Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pastemagazine.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.211.13.166 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-211-13-166.eu-west-1.compute.amazonaws.com Software gunicorn / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma no-cache Date Sat, 03 Feb 2024 05:50:05 GMT strict-transport-security max-age=2592000; includeSubDomains Server gunicorn content-type image/gif p3p CP="This is not a P3P policy! See https://beeswax.com/privacy for more info." cache-control no-cache, must-revalidate Connection keep-alive Content-Length 43 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	crum dsum-sec.casalemedia.com/ Frame 4E29 Redirect Chain https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=BasiOBRR1Rw8UJ5	43 B 733 B	47ms 46ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=BasiOBRR1Rw8UJ5 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pastemagazine.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma no-cache date Sat, 03 Feb 2024 05:50:05 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NPoZH0YhCcokjGDbQe1XYmdfUdinoCgoe2ejP5sUJ%2BP1WlmxJo3ExRbi5XAjLpDm9jPg0E%2Bw7B4V6VzXui0FwV6cTiVYgzAy9O3ug34wXTE%2FKhkPhMQZUJ5JZBWQC74yExYmlBNGA1X00A%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 84f864f1bac744fe-TXL alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers Pragma no-cache Date Sat, 03 Feb 2024 05:50:04 GMT Strict-Transport-Security max-age=2592000; includeSubDomains Server PingMatch/v2.0.30-801-g0076fb7#rel-ec2-master i-0e43c5f7c900ed44a@eu-central-1b@dxedge-app-eu-central-1-prod-asg Location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=BasiOBRR1Rw8UJ5 Cache-Control no-cache, must-revalidate Connection keep-alive Content-Length 0 Expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	pixelSync pixel-sync.sitescout.com/dmp/ Frame 4E29	0 187 B	127ms 32ms	Image text/plain	98.98.134.243 ZEN-ECN
General Check archive.org Show headers Download Go to Show image Full URL https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pastemagazine.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US), Reverse DNS Software A / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers p3p CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml" pragma no-cache date Sat, 03 Feb 2024 05:50:04 GMT cache-control max-age=0,no-cache,no-store server A expires Tue, 11 Oct 1977 12:34:56 GMT
GET H2	200	htw-pixel.gif cdn.indexww.com/ht/ Frame 4E29	43 B 229 B	34ms 24ms	Image image/gif	104.18.38.76 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.indexww.com/ht/htw-pixel.gif?Zb3UDNBwDdMu3Vk8OSvCMAAA%265203 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pastemagazine.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 05:50:04 GMT cf-cache-status HIT last-modified Tue, 24 Jan 2017 19:36:04 GMT server cloudflare age 79587 etag "761e21-2b-546dc3a097100" vary Accept-Encoding content-type image/gif p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" edge-control cache-maxage=1h cache-control public, max-age=86400 accept-ranges bytes cf-ray 84f864f0ecee5902-TXL content-length 43 expires Sun, 04 Feb 2024 05:50:04 GMT
GET H2	200	css fonts.googleapis.com/	105 KB 6 KB	86ms 36ms	Stylesheet text/css	2a00:1450:4001:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.RUrZBjkAORk.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxyli0GUH1qw5S5ieLhzZRcHATUTw/m=web_iab_tcf_v2_wall_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 867f683e26903b242dee20b61aa0ffba68101a72a70d279d8a5c6e77e9f48a2b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 03 Feb 2024 05:50:05 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 03 Feb 2024 05:50:05 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 03 Feb 2024 05:50:05 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v40/	47 KB 47 KB	20ms 18ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: www.pastemagazine.com URL: https://www.pastemagazine.com/music/lyrical-lemonade/cole-bennett-lyrical-lemonade-interview?utm_source=dotmailer&utm_medium=email&utm_campaign=460761_02.02.24_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,9VIX,3D2TUT,1EYLC,0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.pastemagazine.com/ Origin https://www.pastemagazine.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Tue, 30 Jan 2024 19:10:32 GMT x-content-type-options nosniff age 297573 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48236 x-xss-protection 0 last-modified Thu, 14 Dec 2023 02:08:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 29 Jan 2025 19:10:32 GMT
GET H2	200	flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 fonts.gstatic.com/s/materialicons/v140/	125 KB 126 KB	30ms 30ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 Requested by Host: www.pastemagazine.com URL: https://www.pastemagazine.com/music/lyrical-lemonade/cole-bennett-lyrical-lemonade-interview?utm_source=dotmailer&utm_medium=email&utm_campaign=460761_02.02.24_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,9VIX,3D2TUT,1EYLC,0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.pastemagazine.com/ Origin https://www.pastemagazine.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Tue, 30 Jan 2024 02:19:49 GMT x-content-type-options nosniff age 358216 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 128352 x-xss-protection 0 last-modified Tue, 07 Mar 2023 19:51:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 29 Jan 2025 02:19:49 GMT
POST H3	204	AGSKWxXLR1gl914Jv9x7YDYl_sfSOjzW5vwVxgKUuxPCUu3gPz0Hia0xJUeXRzlc8VTWr_1YXs3OuFJ5xN89ruWYjknFgqg3mF4UJqWvEGWkppBBTvoIGmL-vwl0YzMqV_Wr524kytdXIQ== Show response fundingchoicesmessages.google.com/el/	0 29 B	70ms 30ms	XHR text/html	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxXLR1gl914Jv9x7YDYl_sfSOjzW5vwVxgKUuxPCUu3gPz0Hia0xJUeXRzlc8VTWr_1YXs3OuFJ5xN89ruWYjknFgqg3mF4UJqWvEGWkppBBTvoIGmL-vwl0YzMqV_Wr524kytdXIQ== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.RUrZBjkAORk.es5.O/am=wA/d=1/rs=AJlcJMz5VRiJy9OwG--o2Sg4RI-wGtUBww/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-k1pWkUEfPlOeKOu4OeRY0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.pastemagazine.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type text/plain Response headers date Sat, 03 Feb 2024 05:50:05 GMT content-security-policy script-src 'report-sample' 'nonce-k1pWkUEfPlOeKOu4OeRY0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmJw15BiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQDistvnWOuAWFjuPKs0EAtxc_Su-L6WTWDFxD9KAMT1Ihc" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://www.pastemagazine.com content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	451	501709.gif idsync.rlcdn.com/ Frame 3261 Redirect Chain https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=407b559f-8bdb-47a1-b809-285d020652e9 https://p.rfihub.com/cm?pub=39342&in=1&userid=95eb1e9b-63a9-47ad-81e1-e13e3cddb303%3A1706939405.6893232&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D95eb1e9b-63a9-47ad-81e1-e13e3cd... https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329530210702247&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D95eb1e9b-63a9-47ad-81... https://idsync.rlcdn.com/501709.gif?partner_uid=95eb1e9b-63a9-47ad-81e1-e13e3cddb303%3A1706939405.6893232&_=1706939405.6917973	0 98 B	80ms 28ms	Image text/plain	35.244.174.68 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/501709.gif?partner_uid=95eb1e9b-63a9-47ad-81e1-e13e3cddb303%3A1706939405.6893232&_=1706939405.6917973 Requested by Host: i.liadm.com URL: https://i.liadm.com/s/c/b-00aw?duid=6f8b055d5004--01hnpr8k8m2pdy3yfp6pmp7snt&euns=0&s=&version=v2.12.0&cd=.pastemagazine.com Protocol H2 Server 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://i.liadm.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 05:50:06 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 Redirect headers date Sat, 03 Feb 2024 05:50:06 GMT via 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront) server lighttpd/1.4.69 x-amz-cf-pop FRA56-C2 vary Cookie x-cache Miss from cloudfront content-type text/html; charset=utf-8 location https://idsync.rlcdn.com/501709.gif?partner_uid=95eb1e9b-63a9-47ad-81e1-e13e3cddb303%3A1706939405.6893232&_=1706939405.6917973 content-length 447 x-amz-cf-id xSg1JmtQaYKv_qlcPbPi9t89s5gVR6gLXoYCNlIvUhA8yMUYkr8kDw==
GET H2	200	usersync.aspx dis.criteo.com/dis/ Frame 3261	43 B 363 B	82ms 24ms	Image image/gif	178.250.1.9 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ Requested by Host: i.liadm.com URL: https://i.liadm.com/s/c/b-00aw?duid=6f8b055d5004--01hnpr8k8m2pdy3yfp6pmp7snt&euns=0&s=&version=v2.12.0&cd=.pastemagazine.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://i.liadm.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma no-cache date Sat, 03 Feb 2024 05:50:04 GMT x-errorlevel 0 strict-transport-security max-age=31536000; preload; server Kestrel p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 205653 expires Sat, 03 Feb 2024 00:00:00 GMT
GET H2	200	live_intent_sync x.dlx.addthis.com/e/ Frame 3261 Redirect Chain https://x.dlx.addthis.com/e/live_intent_sync?na_exid=407b559f-8bdb-47a1-b809-285d020652e9 https://x.dlx.addthis.com/e/live_intent_sync?na_exid=407b559f-8bdb-47a1-b809-285d020652e9&rd=Y	43 B 594 B	195ms 195ms	Image image/gif	69.192.160.219 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://x.dlx.addthis.com/e/live_intent_sync?na_exid=407b559f-8bdb-47a1-b809-285d020652e9&rd=Y Requested by Host: i.liadm.com URL: https://i.liadm.com/s/c/b-00aw?duid=6f8b055d5004--01hnpr8k8m2pdy3yfp6pmp7snt&euns=0&s=&version=v2.12.0&cd=.pastemagazine.com Protocol H2 Server 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a69-192-160-219.deploy.static.akamaitechnologies.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=2628000 Request headers accept-language de-DE,de;q=0.9 Referer https://i.liadm.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers expires Sat, 03 Feb 2024 05:50:05 GMT pragma no-cache date Sat, 03 Feb 2024 05:50:05 GMT cache-control max-age=0, no-cache, no-store strict-transport-security max-age=2628000 content-length 43 content-type image/gif Redirect headers location https://x.dlx.addthis.com/e/live_intent_sync?na_exid=407b559f-8bdb-47a1-b809-285d020652e9&rd=Y pragma no-cache date Sat, 03 Feb 2024 05:50:05 GMT cache-control max-age=0, no-cache, no-store strict-transport-security max-age=2628000 content-length 0 expires Sat, 03 Feb 2024 05:50:05 GMT
GET H2	200	demconf.jpg dpm.demdex.net/ Frame 3261 Redirect Chain https://dpm.demdex.net/ibs:dpid=127444&dpuuid=407b559f-8bdb-47a1-b809-285d020652e9 https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=407b559f-8bdb-47a1-b809-285d020652e9	42 B 717 B	45ms 45ms	Image image/gif	46.51.203.213 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=407b559f-8bdb-47a1-b809-285d020652e9 Requested by Host: i.liadm.com URL: https://i.liadm.com/s/c/b-00aw?duid=6f8b055d5004--01hnpr8k8m2pdy3yfp6pmp7snt&euns=0&s=&version=v2.12.0&cd=.pastemagazine.com Protocol H2 Server 46.51.203.213 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-46-51-203-213.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://i.liadm.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers dcs dcs-prod-irl1-1-v054-097c24447.edge-irl1.demdex.com 1 ms pragma no-cache date Sat, 03 Feb 2024 05:50:05 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-encoding gzip x-tid hEuw0VI2QqQ= content-type image/gif p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-length 59 expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers dcs dcs-prod-irl1-1-v054-0de8db4a5.edge-irl1.demdex.com 0 ms pragma no-cache date Sat, 03 Feb 2024 05:50:05 GMT strict-transport-security max-age=31536000; includeSubDomains x-tid 8i5iipC/Ssc= p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" location https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=407b559f-8bdb-47a1-b809-285d020652e9 cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-length 0 expires Thu, 01 Jan 1970 00:00:00 UTC
GET H/1.1	200 OK	sync x.bidswitch.net/ Frame 3261 Redirect Chain https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3639525877753654479 https://x.bidswitch.net/sync?ssp=liveintent&user_id=407b559f-8bdb-47a1-b809-285d020652e9	43 B 235 B	175ms 41ms	Image image/gif	35.214.149.91 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/sync?ssp=liveintent&user_id=407b559f-8bdb-47a1-b809-285d020652e9 Requested by Host: i.liadm.com URL: https://i.liadm.com/s/c/b-00aw?duid=6f8b055d5004--01hnpr8k8m2pdy3yfp6pmp7snt&euns=0&s=&version=v2.12.0&cd=.pastemagazine.com Protocol HTTP/1.1 Server 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US), Reverse DNS 91.149.214.35.bc.googleusercontent.com Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer https://i.liadm.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Sat, 03 Feb 2024 05:50:05 GMT Cache-Control no-cache, no-store, must-revalidate Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif Redirect headers Location https://x.bidswitch.net/sync?ssp=liveintent&user_id=407b559f-8bdb-47a1-b809-285d020652e9 Date Sat, 03 Feb 2024 05:50:05 GMT Strict-Transport-Security max-age=31536000; includeSubDomains Connection keep-alive Content-Length 0 Request-Time 3
GET H2	200	generic match.adsrvr.org/track/cmf/ Frame 3261	70 B 148 B	48ms 47ms	Image image/gif	3.33.220.150 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0 Requested by Host: i.liadm.com URL: https://i.liadm.com/s/c/b-00aw?duid=6f8b055d5004--01hnpr8k8m2pdy3yfp6pmp7snt&euns=0&s=&version=v2.12.0&cd=.pastemagazine.com Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software Kestrel / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language de-DE,de;q=0.9 Referer https://i.liadm.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 05:50:05 GMT server Kestrel content-length 70 content-type image/gif
GET H/1.1	200 OK	img sync.mathtag.com/sync/ Frame 3261 Redirect Chain https://ib.adnxs.com/getuid?https://i.liadm.com/s/81081?bidder_id=91218&bidder_uuid=$UID&gdpr=0 https://i.liadm.com/s/81081?bidder_id=91218&bidder_uuid=4483171876162129882&gdpr=0 https://sync.mathtag.com/sync/img?mt_exid=36&407b559f-8bdb-47a1-b809-285d020652e9	43 B 589 B	595ms 306ms	Image image/gif	216.200.232.253 MEDIAMATH-INC
General Check archive.org Show headers Download Go to Show image Full URL https://sync.mathtag.com/sync/img?mt_exid=36&407b559f-8bdb-47a1-b809-285d020652e9 Requested by Host: i.liadm.com URL: https://i.liadm.com/s/c/b-00aw?duid=6f8b055d5004--01hnpr8k8m2pdy3yfp6pmp7snt&euns=0&s=&version=v2.12.0&cd=.pastemagazine.com Protocol HTTP/1.1 Server 216.200.232.253 , United States, ASN30419 (MEDIAMATH-INC, US), Reverse DNS Software MT3 1469 c412d14 master ord ord-pixel-x48 config_version:"1942" / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://i.liadm.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Sat, 03 Feb 2024 05:50:06 GMT Server MT3 1469 c412d14 master ord ord-pixel-x48 config_version:"1942" Content-Type image/gif Access-Control-Allow-Origin * P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache Connection keep-alive Keep-Alive timeout=360 Content-Length 43 Expires Sat, 03 Feb 2024 05:50:05 GMT Redirect headers Location https://sync.mathtag.com/sync/img?mt_exid=36&407b559f-8bdb-47a1-b809-285d020652e9 Date Sat, 03 Feb 2024 05:50:05 GMT Strict-Transport-Security max-age=31536000; includeSubDomains Connection keep-alive Content-Length 0 Request-Time 2
GET H2	200	async_usersync Show response ib.adnxs.com/ Frame 580D	0 919 B	31ms 31ms	Script text/html	37.252.172.123 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.23.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma no-cache date Sat, 03 Feb 2024 05:50:05 GMT an-x-request-uuid 0bb14640-9073-43a7-a91b-3481f0d562ea server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 cache-control no-store, no-cache, private x-proxy-origin 217.114.218.20; 217.114.218.20; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
POST H3	200	log_event Show response www.youtube.com/youtubei/v1/ Frame 2684	28 B 54 B	36ms 36ms	XHR application/json	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/a1d7d0f8/www-embed-player.vflset/www-embed-player.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 X-Goog-Request-Time 1706939406016 Content-Type application/json X-YouTube-Utc-Offset 60 X-YouTube-Client-Name 56 Referer https://www.youtube.com/embed/JdXubSf5YUc?si=4KFLak54X1vsvW4K X-YouTube-Client-Version 1.20240130.01.00 X-YouTube-Time-Zone Europe/Berlin X-Goog-Visitor-Id Cgt1ZlpmQU5lWWtFcyiLqPetBjIKCgJERRIEEgAgQg%3D%3D X-YouTube-Ad-Signals dt=1706939403687&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image Response headers date Sat, 03 Feb 2024 05:50:06 GMT content-encoding br x-content-type-options nosniff server scaffolding on HTTPServer2 x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer content-type application/json; charset=UTF-8 p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31 x-xss-protection 0 expires Sat, 03 Feb 2024 05:50:06 GMT
POST H3	200	log_event Show response www.youtube.com/youtubei/v1/ Frame 39E8	28 B 54 B	36ms 36ms	XHR application/json	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/a1d7d0f8/www-embed-player.vflset/www-embed-player.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 X-Goog-Request-Time 1706939406216 Content-Type application/json X-YouTube-Utc-Offset 60 X-YouTube-Client-Name 56 Referer https://www.youtube.com/embed/Sh0bCn9Iaik?si=9Hghmzh3c4RnxUFp X-YouTube-Client-Version 1.20240130.01.00 X-YouTube-Time-Zone Europe/Berlin X-Goog-Visitor-Id CgttR2NTa25jZGRhOCiLqPetBjIKCgJERRIEEgAgKg%3D%3D X-YouTube-Ad-Signals dt=1706939403788&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image Response headers date Sat, 03 Feb 2024 05:50:06 GMT content-encoding br x-content-type-options nosniff server scaffolding on HTTPServer2 x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer content-type application/json; charset=UTF-8 p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31 x-xss-protection 0 expires Sat, 03 Feb 2024 05:50:06 GMT
POST H3	204	rum Show response www.pastemagazine.com/cdn-cgi/	0 145 B	22ms 19ms	XHR text/plain	2606:4700:3108::ac42:2b60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.pastemagazine.com/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3108::ac42:2b60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://www.pastemagazine.com/music/lyrical-lemonade/cole-bennett-lyrical-lemonade-interview?utm_source=dotmailer&utm_medium=email&utm_campaign=460761_02.02.24_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,9VIX,3D2TUT,1EYLC,0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 content-type application/json Response headers date Sat, 03 Feb 2024 05:50:06 GMT x-content-type-options nosniff server cloudflare vary Origin access-control-max-age 86400 access-control-allow-methods POST,OPTIONS access-control-allow-origin https://www.pastemagazine.com x-frame-options DENY access-control-allow-credentials true cf-ray 84f864f92fab5c98-FRA
POST H2	200	wl Show response t.pubmatic.com/	17 B 186 B	190ms 99ms	XHR text/plain	185.64.190.82 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://t.pubmatic.com/wl?pubid=160494 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/160494/3742/pwt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5 Request headers Referer https://www.pastemagazine.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Sat, 03 Feb 2024 05:50:06 GMT content-type text/plain; charset=utf-8 access-control-allow-origin https://www.pastemagazine.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-length 17 expires 0
OPTIONS H2	200	json gum.criteo.com/sid/ Frame	0 0	105ms 35ms	Preflight application/json	2a02:2638:3::c ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.pastemagazine.com%2F&domain=www.pastemagazine.com&cw=1&lsw=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://www.pastemagazine.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET access-control-allow-origin https://www.pastemagazine.com cache-control no-cache, no-store, must-revalidate content-encoding gzip content-type application/json; charset=utf-8 date Sat, 03 Feb 2024 05:50:06 GMT expires 0 pragma no-cache server Kestrel server-processing-duration-in-ticks 240341 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	envelope Show response lexicon.33across.com/v1/	49 B 254 B	181ms 121ms	XHR application/json	35.244.193.51 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://lexicon.33across.com/v1/envelope?pid=0015a000034LF0bAAG&gdpr=0&src=pbjs&ver=7.39.0 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/160494/3742/pwt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 51.193.244.35.bc.googleusercontent.com Software / Resource Hash d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4 Request headers Referer https://www.pastemagazine.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type text/plain Response headers date Sat, 03 Feb 2024 05:50:06 GMT via 1.1 google vary origin content-type application/json access-control-allow-origin https://www.pastemagazine.com cache-control private, must-revalidate, max-age=28800 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49
GET H2	200	json Show response gum.criteo.com/sid/	2 B 380 B	105ms 36ms	XHR application/json	2a02:2638:3::c ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.pastemagazine.com%2F&domain=www.pastemagazine.com&cw=1&lsw=1 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/160494/3742/pwt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://www.pastemagazine.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type application/json Response headers pragma no-cache date Sat, 03 Feb 2024 05:50:06 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip server Kestrel vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://www.pastemagazine.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 269095 expires 0
POST H2	200	prebid Show response id5-sync.com/api/config/	135 B 422 B	70ms 20ms	XHR application/json	141.95.98.64 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/api/config/prebid Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/160494/3742/pwt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 141.95.98.64 , France, ASN16276 (OVH, FR), Reverse DNS ns3216658.ip-141-95-98.eu Software / Resource Hash 02b88343e03be0bebd3a9a88fd25b71ecec17024f008e5d61c8d655e00d71784 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://www.pastemagazine.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.pastemagazine.com date Sat, 03 Feb 2024 05:50:05 GMT strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-credentials true vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin content-type application/json;charset=UTF-8
GET		envelope api.rlcdn.com/api/identity/	0 0
GET H2	200	id Show response id.crwdcntrl.net/	43 B 322 B	150ms 45ms	XHR application/json	63.34.44.38 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://id.crwdcntrl.net/id?c=17207 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/160494/3742/pwt.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.34.44.38 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-34-44-38.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596 Request headers Referer https://www.pastemagazine.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 03 Feb 2024 05:50:06 GMT server Jetty(9.4.38.v20210224) content-type application/json;charset=utf-8 p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin https://www.pastemagazine.com cache-control no-cache x-server 10.45.13.103 access-control-allow-credentials true content-length 43 expires 0
GET		prebid h.parrable.com/	0 0
GET H2	200	rid Show response match.adsrvr.org/track/	63 B 425 B	48ms 48ms	XHR application/json	3.33.220.150 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/160494/3742/pwt.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software Kestrel / Resource Hash d0a529f1baad5b520e32f8ac8fb848f8956a19e9c234eadb8c943098d9c029ba Request headers Referer https://www.pastemagazine.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type text/plain Response headers date Sat, 03 Feb 2024 05:50:06 GMT content-encoding gzip server Kestrel vary Origin, Accept-Encoding content-type application/json access-control-allow-origin https://www.pastemagazine.com cache-control private access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept expires Mon, 04 Mar 2024 05:50:06 GMT
GET H2	200	v1 Show response lb.eu-1-id5-sync.com/lb/	33 B 281 B	71ms 18ms	XHR application/json	141.95.98.65 OVH
General Check archive.org Show headers Download Go to Full URL https://lb.eu-1-id5-sync.com/lb/v1 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/160494/3742/pwt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 141.95.98.65 , France, ASN16276 (OVH, FR), Reverse DNS ns3216659.ip-141-95-98.eu Software / Resource Hash 13c767ac8beb72139dd40b576fe7b74e0a8b49ce4e5d3f2f376ffaf5981a00d2 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://www.pastemagazine.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.pastemagazine.com date Sat, 03 Feb 2024 05:50:05 GMT strict-transport-security max-age=63072000; includeSubDomains; preload vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin content-type application/json;charset=UTF-8
POST H2	200	721.json Show response id5-sync.com/g/v2/	250 B 537 B	65ms 22ms	XHR application/json	141.95.98.64 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/g/v2/721.json Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/160494/3742/pwt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 141.95.98.64 , France, ASN16276 (OVH, FR), Reverse DNS ns3216658.ip-141-95-98.eu Software / Resource Hash 05ead5359b666e9c3454baefd05dd47586c5aa4b55bdea53f750b13e33ff211d Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://www.pastemagazine.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.pastemagazine.com date Sat, 03 Feb 2024 05:50:06 GMT strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-credentials true vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin content-type application/json;charset=UTF-8
GET H3	200	forms.js Show response www.pastemagazine.com/wp-content/plugins/mailchimp-for-wp/assets/js/	7 KB 3 KB	29ms 28ms	Script application/javascript	2606:4700:3108::ac42:2b60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.pastemagazine.com/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.8.8 Requested by Host: www.pastemagazine.com URL: https://www.pastemagazine.com/music/lyrical-lemonade/cole-bennett-lyrical-lemonade-interview?utm_source=dotmailer&utm_medium=email&utm_campaign=460761_02.02.24_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,9VIX,3D2TUT,1EYLC,0 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3108::ac42:2b60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 319f98346d77737e59f59da6bf4256e99a97c6eb95433162e742c78cec639c92 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/music/lyrical-lemonade/cole-bennett-lyrical-lemonade-interview?utm_source=dotmailer&utm_medium=email&utm_campaign=460761_02.02.24_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,9VIX,3D2TUT,1EYLC,0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 05:50:08 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Fri, 17 Nov 2023 15:05:51 GMT server cloudflare age 572282 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2y0fxO8xrcc%2BvguYuGTjsWFxuwexRwLWlSRHMQ7Ob19l5q9M3iv5YgizWXblNRitoFXDSS%2F5gKgatK12AmwprP5VNM7Yez4GeFt9UgYS1LyS3ENdYR4nGHmqWL4Gqc%2FIuErkPJwGFVJWMKLT0EyKasvYHQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cf-ray 84f8650728495c98-FRA alt-svc h3=":443"; ma=86400
GET H2	200	i.js Show response tag.bounceexchange.com/3869/	5 KB 3 KB	85ms 22ms	Script text/plain	34.120.253.250 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://tag.bounceexchange.com/3869/i.js Requested by Host: www.pastemagazine.com URL: https://www.pastemagazine.com/music/lyrical-lemonade/cole-bennett-lyrical-lemonade-interview?utm_source=dotmailer&utm_medium=email&utm_campaign=460761_02.02.24_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,9VIX,3D2TUT,1EYLC,0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 250.253.120.34.bc.googleusercontent.com Software istio-envoy / Resource Hash 5ff2ab03d683a12fd49d7247ea7b3d604c4c0d9a8997c460cd2c34fe113b74c2 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 05:46:45 GMT content-encoding gzip via 1.1 google age 203 x-envoy-upstream-service-time 0 x-region us-central1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2146 server istio-envoy etag 4109d96622775f vary Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin * cache-control public,max-age=60 timing-allow-origin * link <https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://pix.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect
GET H2	200	runtime_6459738026535cda4232dc813c61447d.br.js Show response assets.bounceexchange.com/assets/smart-tag/versioned/	3 KB 2 KB	103ms 23ms	Script text/javascript	34.98.72.95 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://assets.bounceexchange.com/assets/smart-tag/versioned/runtime_6459738026535cda4232dc813c61447d.br.js Requested by Host: tag.bounceexchange.com URL: https://tag.bounceexchange.com/3869/i.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 95.72.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash 59f1b7d93f47fcc926143154888aa471910eaf81c3c41270b61cfe012dda08df Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Mon, 22 Jan 2024 18:44:13 GMT content-encoding br age 990355 x-guploader-uploadid ABPtcPpk6ecA75JQ7iUQZ0-FICmuD30TNCKtHbYe_ORcYyi0cXa5CLTCCnM8MvkhOTMZFaTZKGg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding br alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1316 last-modified Mon, 22 Jan 2024 18:44:07 GMT server UploadServer etag "09512239cb2a22728ca9f8608dfc2181" x-goog-generation 1705949047694544 x-goog-hash crc32c=BS9gKg==, md5=CVEiOcsqInKMqfhgjfwhgQ== access-control-allow-origin * access-control-expose-headers etag, Content-Type cache-control public,max-age=31536000 x-goog-stored-content-length 1316 accept-ranges bytes content-type text/javascript
GET H2	200	main-v2_0da712b66343f7d4eb20a9b09c128ea1.br.js Show response assets.bounceexchange.com/assets/smart-tag/versioned/	482 KB 105 KB	22ms 21ms	Script text/javascript	34.98.72.95 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_0da712b66343f7d4eb20a9b09c128ea1.br.js Requested by Host: tag.bounceexchange.com URL: https://tag.bounceexchange.com/3869/i.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 95.72.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash dadc6c0c66656af30691e898d49d0e97afa9c1a5d92aa62e4ead7c625bd0b1b1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Tue, 30 Jan 2024 20:17:16 GMT content-encoding br age 293572 x-guploader-uploadid ABPtcPo9Th_6ZcpX3YWvm0JtK_ELkpejUDWyJtcqUH57DIL99hCxVp435OCj7b8oInQ_DDEpiOk x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding br alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 107383 last-modified Tue, 30 Jan 2024 20:17:04 GMT server UploadServer etag "ebfd5d3727ae88c1480a8e6dca79deb3" x-goog-generation 1706645824932720 x-goog-hash crc32c=NLdW3w==, md5=6/1dNyeuiMFICo5tynnesw== access-control-allow-origin * access-control-expose-headers etag, Content-Type cache-control public,max-age=31536000 x-goog-stored-content-length 107383 accept-ranges bytes content-type text/javascript
GET H2	200	cjs_min_1e55b565811f11b08485230cf1d150d6.js Show response assets.bounceexchange.com/assets/smart-tag/versioned/	49 KB 16 KB	66ms 66ms	Script text/javascript	34.98.72.95 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_1e55b565811f11b08485230cf1d150d6.js Requested by Host: tag.bounceexchange.com URL: https://tag.bounceexchange.com/3869/i.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 95.72.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash 9846c98d92f9ede0abb2db68013d613791db3ccdb486451de1432034b563fb77 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 12 Jan 2024 16:23:24 GMT content-encoding gzip age 1862804 x-guploader-uploadid ABPtcPqh5nkQ2To7S54lv8Z2MCbhkcSQP_0Z_jH_o4rCH9ieB865ayf-DoIcaLUXKyIpWpS7z5JVArqS x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15751 last-modified Wed, 13 Dec 2023 16:23:11 GMT server UploadServer etag "d7dc7d7ebcc4f5af5fc2d4804e7ec737" x-goog-generation 1702484591435387 x-goog-hash crc32c=3TW0yQ==, md5=19x9frzE9a9fwtSATn7HNw== access-control-allow-origin * access-control-expose-headers etag, Content-Type cache-control public,max-age=31536000,no-transform x-goog-stored-content-length 15751 accept-ranges bytes content-type text/javascript; charset=utf-8
GET H3	200	onsite-v2_1e65144eaf4e12878292a8065df4997d.br.js Show response assets.bounceexchange.com/assets/smart-tag/versioned/	16 KB 5 KB	20ms 20ms	Script text/javascript	34.98.72.95 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite-v2_1e65144eaf4e12878292a8065df4997d.br.js Requested by Host: assets.bounceexchange.com URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_0da712b66343f7d4eb20a9b09c128ea1.br.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 95.72.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash 7bcce32f4ef85233e030a2e0f1a2a81aefab5d602d45c655b1ff5f068ac8abb8 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Mon, 22 Jan 2024 18:44:05 GMT content-encoding br age 990363 x-guploader-uploadid ABPtcPpzokSUUtzblhLvk5vARy-xHpvDAEa3_AFJQyqCqow-WeQF24jUi3PbhhnZUbITJFJjxLU x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding br alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4963 last-modified Mon, 22 Jan 2024 18:43:50 GMT server UploadServer etag "aaf913c9914c1e9a66cc88a9a0b151cd" x-goog-generation 1705949030274423 x-goog-hash crc32c=jDxLwQ==, md5=qvkTyZFMHppmzIipoLFRzQ== access-control-allow-origin * access-control-expose-headers etag, Content-Type cache-control public,max-age=31536000 x-goog-stored-content-length 4963 accept-ranges bytes content-type text/javascript
GET H3	200	ads-v2_7039311459a2b90b171de4746e015aaf.br.js Show response assets.bounceexchange.com/assets/smart-tag/versioned/	175 KB 38 KB	21ms 21ms	Script text/javascript	34.98.72.95 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://assets.bounceexchange.com/assets/smart-tag/versioned/ads-v2_7039311459a2b90b171de4746e015aaf.br.js Requested by Host: assets.bounceexchange.com URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_0da712b66343f7d4eb20a9b09c128ea1.br.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 95.72.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash 787a9d528b41aa58cc4183ea58495a3831c16dbbfb5c3b03b5598b4dbed07983 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:36:40 GMT content-encoding br age 400408 x-guploader-uploadid ABPtcPrYe0qwPA2vkFWp7PQfA8DxOUbFC6bEH8R0R0Y4EiYSKHfD3JPlGzN6RXnSdYSagsCubgRcmrkhbQ x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding br alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39019 last-modified Mon, 29 Jan 2024 14:36:24 GMT server UploadServer etag "f93e30bc496c7080bbbc65e482f53f41" x-goog-generation 1706538984778719 x-goog-hash crc32c=AAVvdA==, md5=+T4wvElscIC7vGXkgvU/QQ== access-control-allow-origin * access-control-expose-headers etag, Content-Type cache-control public,max-age=31536000 x-goog-stored-content-length 39019 accept-ranges bytes content-type text/javascript
GET H/1.1	200 OK	/ Show response data.cdnbasket.net/	14 B 338 B	586ms 131ms	XHR application/json	34.149.72.7
General Check archive.org Show headers Download Go to Full URL https://data.cdnbasket.net/ Requested by Host: assets.bounceexchange.com URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_1e55b565811f11b08485230cf1d150d6.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.149.72.7 -, , ASN (), Reverse DNS Software / Resource Hash f600b808f060761ce70012c8cf06cd6c2e5f9d672ec526bd9e07f167bf062223 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Pragma no-cache Date Sat, 03 Feb 2024 05:50:09 GMT Transfer-Encoding chunked Content-Type application/json Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Access-Control-Allow-Headers Origin, Content-Type, Accept Expires 0
GET H/1.1	200 OK	/ Show response page.cdnbasket.net/	14 B 338 B	587ms 132ms	XHR application/json	34.107.140.139
General Check archive.org Show headers Download Go to Full URL https://page.cdnbasket.net/ Requested by Host: assets.bounceexchange.com URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_1e55b565811f11b08485230cf1d150d6.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.107.140.139 -, , ASN (), Reverse DNS Software / Resource Hash b1fa557b8bf27d46b79fd1a196a1311f91fa3278bc098577bba78301dc5479e2 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Pragma no-cache Date Sat, 03 Feb 2024 05:50:09 GMT Transfer-Encoding chunked Content-Type application/json Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Access-Control-Allow-Headers Origin, Content-Type, Accept Expires 0
GET H/1.1	200 OK	/ Show response view.cdnbasket.net/	14 B 338 B	584ms 129ms	XHR application/json	34.107.155.179
General Check archive.org Show headers Download Go to Full URL https://view.cdnbasket.net/ Requested by Host: assets.bounceexchange.com URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_1e55b565811f11b08485230cf1d150d6.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.107.155.179 -, , ASN (), Reverse DNS Software / Resource Hash bfcdaa379bdd1818a27139be4f4b3aa1526143fa657afbbcb8be769dc69c42dc Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Pragma no-cache Date Sat, 03 Feb 2024 05:50:09 GMT Transfer-Encoding chunked Content-Type application/json Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Access-Control-Allow-Headers Origin, Content-Type, Accept Expires 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

api.rlcdn.com

URL

https://api.rlcdn.com/api/identity/envelope?pid=1258

Domain

h.parrable.com

URL

https://h.parrable.com/prebid?data=eyJlaWQiOm51bGwsInRyYWNrZXJzIjpbIjk3MzY3MjQ5LWZlNGMtNDc4OC1hMjUzLTNjZGQyMjUzZjFiYSJdLCJ1cmwiOiJodHRwczovL3d3dy5wYXN0ZW1hZ2F6aW5lLmNvbS9tdXNpYy9seXJpY2FsLWxlbW9uYWRlL2NvbGUtYmVubmV0dC1seXJpY2FsLWxlbW9uYWRlLWludGVydmlldz91dG1fc291cmNlPWRvdG1haWxlciZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jYW1wYWlnbj00NjA3NjFfMDIuMDIuMjRfRGVmJTIwSmFtX0RlZiUyMEphbSUyME5ld3NsZXR0ZXJfRnVsbCUyMExpc3RfMjMxNzg1X1VTJmRtX2k9NFlVSCw5VklYLDNEMlRVVCwxRVlMQywwIiwicHJlYmlkVmVyc2lvbiI6IjcuMzkuMCIsImlzSWZyYW1lIjpmYWxzZSwidHBjU3VwcG9ydCI6bnVsbH0.&gdpr=0&_rand=0.7258121859204676