pastelink.net Open in urlscan Pro
88.208.215.108 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pastelink.net/ainw78r4
Submission: On June 03 via manual (June 3rd 2023, 3:47:14 am UTC) from GB — Scanned from GE

Summary HTTP 388 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 69 IPs in 8 countries across 84 domains to perform 388 HTTP transactions. The main IP is 88.208.215.108, located in United Kingdom and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is pastelink.net. The Cisco Umbrella rank of the primary domain is 92473.
TLS certificate: Issued by R3 on April 1st 2023. Valid for: 3 months.

This is the only time pastelink.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	88.208.215.108 88.208.215.108	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
2	142.250.186.42 142.250.186.42	15169 (GOOGLE) (GOOGLE)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.186.132 142.250.186.132	15169 (GOOGLE) (GOOGLE)
2	142.250.186.104 142.250.186.104	15169 (GOOGLE) (GOOGLE)
6	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	142.250.74.195 142.250.74.195	15169 (GOOGLE) (GOOGLE)
4	142.250.184.227 142.250.184.227	15169 (GOOGLE) (GOOGLE)
4	142.250.185.174 142.250.185.174	15169 (GOOGLE) (GOOGLE)
1	104.26.7.139 104.26.7.139	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2	104.26.2.70 104.26.2.70	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
9	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
1	104.131.3.131 104.131.3.131	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	104.26.9.169 104.26.9.169	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	34.243.181.201 34.243.181.201	16509 (AMAZON-02) (AMAZON-02)
4 23	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
1	104.18.2.114 104.18.2.114	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	69.173.144.140 69.173.144.140	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	185.255.84.150 185.255.84.150	200271 (IGUANE-) (IGUANE-)
6 9	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
1	178.250.1.8 178.250.1.8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	81.17.55.161 81.17.55.161	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
43	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	142.250.186.65 142.250.186.65	15169 (GOOGLE) (GOOGLE)
11	142.250.185.225 142.250.185.225	15169 (GOOGLE) (GOOGLE)
7	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
2	69.173.144.152 69.173.144.152	26667 (RUBICONPR...) (RUBICONPROJECT)
1	23.216.244.55 23.216.244.55	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	3.125.92.181 3.125.92.181	16509 (AMAZON-02) (AMAZON-02)
1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
5 7	52.57.182.76 52.57.182.76	16509 (AMAZON-02) (AMAZON-02)
18 25	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
14	95.101.148.20 95.101.148.20	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.216.77.21 23.216.77.21	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1 5	23.212.88.20 23.212.88.20	16625 (AKAMAI-AS) (AKAMAI-AS)
3 6	146.20.128.172 146.20.128.172	27357 (RACKSPACE) (RACKSPACE)
5 11	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
16	35.233.184.126 35.233.184.126	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
10	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
16	23.201.255.110 23.201.255.110	16625 (AKAMAI-AS) (AKAMAI-AS)
2	178.250.7.2 178.250.7.2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5 5	23.212.211.47 23.212.211.47	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
7	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	69.166.1.12 69.166.1.12	27630 (AS-XFERNET) (AS-XFERNET)
2 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
3 3	3.126.192.167 3.126.192.167	16509 (AMAZON-02) (AMAZON-02)
3 3	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6 6	3.120.3.26 3.120.3.26	16509 (AMAZON-02) (AMAZON-02)
9 9	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 5	52.46.143.56 52.46.143.56	16509 (AMAZON-02) (AMAZON-02)
4 11	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	34.149.40.38 34.149.40.38	15169 (GOOGLE) (GOOGLE)
1	13.32.99.85 13.32.99.85	16509 (AMAZON-02) (AMAZON-02)
1	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	185.86.139.94 185.86.139.94	() ()
2	91.228.74.168 91.228.74.168	16509 (AMAZON-02) (AMAZON-02)
5 5	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 3	185.86.138.152 185.86.138.152	() ()
3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 4	198.47.127.18 198.47.127.18	() ()
1 12	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	34.242.99.146 34.242.99.146	() ()
1 1	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
2 2	98.98.134.241 98.98.134.241	21859 (ZEN-ECN) (ZEN-ECN)
1 1	164.92.213.94 164.92.213.94	() ()
1	34.249.214.187 34.249.214.187	() ()
1	77.245.57.72 77.245.57.72	() ()
2 2	216.52.2.39 216.52.2.39	() ()
1	35.157.25.132 35.157.25.132	() ()
1 1	34.102.253.54 34.102.253.54	() ()
1	34.247.233.198 34.247.233.198	() ()
388	69

13 88.208.215.108 (United Kingdom)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)

pastelink.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

cdn4.buysellads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.195 (Staten Island, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.7.139 (None, )

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.2.70 (None, )

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.131.3.131 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-us-ny-25.buysellads.com

srv.buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.9.169 (None, )

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.243.181.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-181-201.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 51.38.120.206 (Hessen, Germany) 4 redirects

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.2.114 (None, )

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.150 (France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.252.171.149 (Frankfurt am Main, Germany) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 81.17.55.161 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

adservice.google.ge	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f1.1e100.net

d76d6cdd8769bd7fcf9cb73f68deb2c2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.152 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

beacon-fra2.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.216.244.55 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-216-244-55.deploy.static.akamaitechnologies.com

cdn-copclient-w.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.92.181 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-92-181.eu-central-1.compute.amazonaws.com

ghent-aws-fr.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

adx.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.57.182.76 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-182-76.eu-central-1.compute.amazonaws.com

aws-fr-sync.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 142.250.186.34 (United States) 18 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.216.77.21 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-216-77-21.deploy.static.akamaitechnologies.com

qsearch-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

warp.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.212.88.20 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-88-20.deploy.static.akamaitechnologies.com

hblg.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c21lg-d.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 146.20.128.172 (United States) 3 redirects

ASN27357 (RACKSPACE, US)

cs.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 185.80.39.216 (Canada) 5 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 35.233.184.126 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 126.184.233.35.bc.googleusercontent.com

coplg-w.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 23.201.255.110 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.212.211.47 (Frankfurt am Main, Germany) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-211-47.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.0.160.130 (United States) 3 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.166.1.12 (United States) 3 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.192.167 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-192-167.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.7.11 (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.120.3.26 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-3-26.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 15.197.193.217 (Seattle, United States) 9 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.46.143.56 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 69.173.144.139 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.40.38 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 38.40.149.34.bc.googleusercontent.com

u.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-85.fra60.r.cloudfront.net

public.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.86.139.94 (None, ) 2 redirects

ASN- ()

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.168 (United Kingdom)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.29.134.244 (United Kingdom) 5 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.138.152 (None, ) 1 redirects

ASN- ()

ssbsync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.47.127.18 (None, ) 2 redirects

ASN- ()

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.64.189.110 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.242.99.146 (None, )

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.98.134.241 (United States) 2 redirects

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 164.92.213.94 (None, ) 1 redirects

ASN- ()

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.214.187 (None, )

ASN- ()

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.245.57.72 (None, )

ASN- ()

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.39 (None, ) 2 redirects

ASN- ()

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.25.132 (None, )

ASN- ()

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.253.54 (None, ) 1 redirects

ASN- ()

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.233.198 (None, )

ASN- ()

usersync.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 d76d6cdd8769bd7fcf9cb73f68deb2c2.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157	334 KB
51	doubleclick.net 18 redirects ad.doubleclick.net — Cisco Umbrella Rank: 181 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 221 googleads.g.doubleclick.net — Cisco Umbrella Rank: 51 adx.g.doubleclick.net — Cisco Umbrella Rank: 2620 cm.g.doubleclick.net — Cisco Umbrella Rank: 231 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 351	298 KB
41	media.net 1 redirects prebid.media.net — Cisco Umbrella Rank: 1463 cdn-copclient-w.media.net — Cisco Umbrella Rank: 39598 contextual.media.net — Cisco Umbrella Rank: 638 warp.media.net — Cisco Umbrella Rank: 2573 hblg.media.net — Cisco Umbrella Rank: 2108 coplg-w.media.net — Cisco Umbrella Rank: 37434 cs.media.net — Cisco Umbrella Rank: 1527 c21lg-d.media.net — Cisco Umbrella Rank: 2481 hbx.media.net — Cisco Umbrella Rank: 1337	101 KB
38	rubiconproject.com 9 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 523 beacon-fra2.rubiconproject.com — Cisco Umbrella Rank: 10550 eus.rubiconproject.com — Cisco Umbrella Rank: 614 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1117 pixel.rubiconproject.com — Cisco Umbrella Rank: 362 token.rubiconproject.com Failed pixel-eu.rubiconproject.com pixel-us-east.rubiconproject.com Failed	107 KB
25	pubmatic.com 3 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 541 ads.pubmatic.com — Cisco Umbrella Rank: 540 image6.pubmatic.com — Cisco Umbrella Rank: 762 image8.pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 690 image2.pubmatic.com — Cisco Umbrella Rank: 899 simage4.pubmatic.com Failed	60 KB
23	onetag-sys.com 4 redirects onetag-sys.com — Cisco Umbrella Rank: 826	11 KB
13	pastelink.net pastelink.net — Cisco Umbrella Rank: 92473	308 KB
12	smartadserver.com 3 redirects prg.smartadserver.com — Cisco Umbrella Rank: 1498 rtb-csync.smartadserver.com ssbsync-global.smartadserver.com ssbsync.smartadserver.com Failed	11 KB
11	casalemedia.com 5 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 568 ssum-sec.casalemedia.com Failed	8 KB
10	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 324	928 KB
10	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 239 acdn.adnxs.com — Cisco Umbrella Rank: 617 secure.adnxs.com	44 KB
9	adsrvr.org 9 redirects match.adsrvr.org — Cisco Umbrella Rank: 365	4 KB
9	bidswitch.net 6 redirects ghent-aws-fr.bidswitch.net — Cisco Umbrella Rank: 10451 aws-fr-sync.bidswitch.net — Cisco Umbrella Rank: 22052 x.bidswitch.net — Cisco Umbrella Rank: 340	4 KB
9	servenobid.com ads.servenobid.com — Cisco Umbrella Rank: 2602 public.servenobid.com — Cisco Umbrella Rank: 4650	7 KB
8	criteo.com 3 redirects bidder.criteo.com — Cisco Umbrella Rank: 748 gum.criteo.com — Cisco Umbrella Rank: 416 dis.criteo.com — Cisco Umbrella Rank: 587	9 KB
6	mfadsrvr.com 6 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 1132	4 KB
6	lkqd.net 3 redirects cs.lkqd.net — Cisco Umbrella Rank: 3180	3 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	291 KB
6	buysellads.net cdn4.buysellads.net — Cisco Umbrella Rank: 20443	177 KB
5	mathtag.com 5 redirects sync.mathtag.com — Cisco Umbrella Rank: 518	3 KB
5	amazon-adsystem.com 2 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 318 aax-eu.amazon-adsystem.com Failed	3 KB
5	4dex.io script.4dex.io — Cisco Umbrella Rank: 1494 mp.4dex.io — Cisco Umbrella Rank: 2461 u.4dex.io — Cisco Umbrella Rank: 3959	27 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	206 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	21 KB
3	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 692
3	w55c.net 3 redirects pm.w55c.net — Cisco Umbrella Rank: 896	2 KB
3	sonobi.com 3 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 1055	2 KB
3	rfihub.com 3 redirects p.rfihub.com — Cisco Umbrella Rank: 859	2 KB
3	btloader.com btloader.com — Cisco Umbrella Rank: 1054 api.btloader.com — Cisco Umbrella Rank: 1153	8 KB
3	google.com www.google.com — Cisco Umbrella Rank: 3 adservice.google.com — Cisco Umbrella Rank: 103	2 KB
2	lijit.com 2 redirects ce.lijit.com ap.lijit.com Failed	1 KB
2	gumgum.com g2.gumgum.com usersync.gumgum.com Failed	2 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 681	938 B
2	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 773	796 B
2	openx.net 2 redirects us-u.openx.net — Cisco Umbrella Rank: 474	800 B
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 569	59 KB
2	akamaihd.net qsearch-a.akamaihd.net — Cisco Umbrella Rank: 2273	592 B
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1137	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	150 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 66	2 KB
1	playground.xyz 1 redirects ads.playground.xyz	462 B
1	sharethrough.com match.sharethrough.com	356 B
1	adkernel.com sync.adkernel.com	1 KB
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com	555 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 952	518 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1588	524 B
1	yahoo.com ups.analytics.yahoo.com Failed pr-bh.ybp.yahoo.com	603 B
1	google.ge adservice.google.ge — Cisco Umbrella Rank: 65860	531 B
1	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 3735	941 B
1	buysellads.com srv.buysellads.com — Cisco Umbrella Rank: 20736	689 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 249	1 KB
0	creativecdn.com Failed creativecdn.com Failed
0	admanmedia.com Failed cs.admanmedia.com Failed
0	socdm.com Failed tg.socdm.com Failed
0	iqzone.com Failed cs.iqzone.com Failed
0	deepintent.com Failed match.deepintent.com Failed
0	technoratimedia.com Failed sync.technoratimedia.com Failed
0	ipredictive.com Failed sync.ipredictive.com Failed
0	outbrain.com Failed sync.outbrain.com Failed
0	contextweb.com Failed bh.contextweb.com Failed
0	betweendigital.com Failed ads.betweendigital.com Failed
0	disqus.com Failed ssp.disqus.com Failed
0	a-mo.net Failed prebid.a-mo.net Failed
0	yellowblue.io Failed cs-server-s2s.yellowblue.io Failed
0	minutemedia-prebid.com Failed cs-rtb.minutemedia-prebid.com Failed
0	dotomi.com Failed pubmatic-match.dotomi.com Failed
0	admedo.com Failed pool.admedo.com Failed
0	simpli.fi Failed um.simpli.fi Failed
0	weborama.fr Failed cr.frontend.weborama.fr Failed
0	crwdcntrl.net Failed sync.crwdcntrl.net Failed
0	tribalfusion.com Failed a.tribalfusion.com Failed
0	erne.co Failed green.erne.co Failed
0	loopme.me Failed csync.loopme.me Failed
0	ctnsnet.com Failed ipac.ctnsnet.com Failed
0	iprom.net Failed core.iprom.net Failed
0	gammaplatform.com Failed cm-supply-web.gammaplatform.com Failed
0	adgrx.com Failed cm.adgrx.com Failed
0	stackadapt.com Failed sync.srv.stackadapt.com Failed
0	everesttech.net Failed sync-tm.everesttech.net Failed
0	bidr.io Failed match.prod.bidr.io Failed
0	de17a.com Failed d5p.de17a.com Failed
0	adform.net Failed dmp.adform.net Failed c1.adform.net Failed
0	zemanta.com Failed b1sync.zemanta.com Failed
0	1rx.io Failed sync.1rx.io Failed
388	84

	Domain	Requested by
42	pagead2.googlesyndication.com	securepubads.g.doubleclick.net pastelink.net tpc.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net cdn-copclient-w.media.net www.googletagservices.com
25	cm.g.doubleclick.net	18 redirects googleads.g.doubleclick.net onetag-sys.com g2.gumgum.com
23	onetag-sys.com	4 redirects cdn4.buysellads.net onetag-sys.com ads.pubmatic.com public.servenobid.com sync.adkernel.com
16	eus.rubiconproject.com	pastelink.net eus.rubiconproject.com contextual.media.net cdn4.buysellads.net public.servenobid.com u.4dex.io g2.gumgum.com
16	coplg-w.media.net	cdn-copclient-w.media.net
14	contextual.media.net	pastelink.net contextual.media.net cdn4.buysellads.net eus.rubiconproject.com ads.pubmatic.com
13	pastelink.net	pastelink.net
11	dsum-sec.casalemedia.com	5 redirects googleads.g.doubleclick.net
11	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com googleads.g.doubleclick.net pastelink.net cdn-copclient-w.media.net
10	s0.2mdn.net	pastelink.net googleads.g.doubleclick.net cdn-copclient-w.media.net s0.2mdn.net
9	match.adsrvr.org	9 redirects
9	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net pastelink.net
8	simage2.pubmatic.com	1 redirects ads.pubmatic.com onetag-sys.com
8	googleads4.g.doubleclick.net	googleads.g.doubleclick.net pastelink.net
8	ib.adnxs.com	5 redirects cdn4.buysellads.net acdn.adnxs.com
8	ads.servenobid.com	cdn4.buysellads.net public.servenobid.com onetag-sys.com g2.gumgum.com
7	pixel.rubiconproject.com	2 redirects onetag-sys.com
7	ads.pubmatic.com	contextual.media.net cdn4.buysellads.net ads.pubmatic.com public.servenobid.com u.4dex.io g2.gumgum.com
7	googleads.g.doubleclick.net	pastelink.net pagead2.googlesyndication.com cdn-copclient-w.media.net
6	rtb.mfadsrvr.com	6 redirects
6	cs.lkqd.net	3 redirects googleads.g.doubleclick.net
6	www.googletagservices.com	cdn4.buysellads.net securepubads.g.doubleclick.net s0.2mdn.net cdn-copclient-w.media.net
6	cdn4.buysellads.net	pastelink.net
5	sync.mathtag.com	5 redirects
5	s.amazon-adsystem.com	2 redirects onetag-sys.com
5	secure-assets.rubiconproject.com	5 redirects
5	x.bidswitch.net	3 redirects onetag-sys.com
5	prg.smartadserver.com	cdn4.buysellads.net
4	image2.pubmatic.com	ads.pubmatic.com
4	image8.pubmatic.com	2 redirects onetag-sys.com
4	pixel-eu.rubiconproject.com	2 redirects onetag-sys.com
4	rtb-csync.smartadserver.com	2 redirects
4	gum.criteo.com	contextual.media.net static.criteo.net gum.criteo.com
4	fastlane.rubiconproject.com	cdn4.buysellads.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	fonts.gstatic.com	fonts.googleapis.com
3	id.rlcdn.com	onetag-sys.com
3	ssbsync-global.smartadserver.com	1 redirects onetag-sys.com
3	dis.criteo.com	3 redirects
3	pm.w55c.net	3 redirects
3	cs.media.net	contextual.media.net
3	sync.go.sonobi.com	3 redirects
3	p.rfihub.com	3 redirects
3	hblg.media.net	pastelink.net
2	ce.lijit.com	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	cms.quantserve.com	ads.pubmatic.com
2	u.4dex.io	cdn4.buysellads.net eus.rubiconproject.com
2	us-u.openx.net	2 redirects
2	static.criteo.net	cdn4.buysellads.net static.criteo.net
2	qsearch-a.akamaihd.net	pastelink.net
2	aws-fr-sync.bidswitch.net	2 redirects
2	ghent-aws-fr.bidswitch.net	1 redirects pastelink.net
2	beacon-fra2.rubiconproject.com	pastelink.net
2	script.4dex.io	cdn4.buysellads.net script.4dex.io
2	api.btloader.com	btloader.com
2	ad-delivery.net	pastelink.net
2	www.googletagmanager.com	pastelink.net www.googletagmanager.com
2	www.google.com	pastelink.net tpc.googlesyndication.com
2	fonts.googleapis.com	pastelink.net
1	usersync.gumgum.com	g2.gumgum.com eus.rubiconproject.com
1	secure.adnxs.com	1 redirects
1	ads.playground.xyz	1 redirects
1	hbx.media.net	1 redirects
1	match.sharethrough.com	public.servenobid.com
1	sync.adkernel.com	public.servenobid.com g2.gumgum.com sync.adkernel.com onetag-sys.com
1	g2.gumgum.com	public.servenobid.com
1	c21lg-d.media.net	contextual.media.net
1	match.adsby.bidtheatre.com	1 redirects
1	ad.turn.com	1 redirects
1	pr-bh.ybp.yahoo.com	ads.pubmatic.com
1	dsp.adfarm1.adition.com	1 redirects
1	acdn.adnxs.com	cdn4.buysellads.net
1	public.servenobid.com	cdn4.buysellads.net
1	image6.pubmatic.com	ads.pubmatic.com
1	warp.media.net	cdn4.buysellads.net
1	adx.g.doubleclick.net	pastelink.net
1	cdn-copclient-w.media.net	pastelink.net
1	d76d6cdd8769bd7fcf9cb73f68deb2c2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.ge	securepubads.g.doubleclick.net
1	bidder.criteo.com	cdn4.buysellads.net
1	hb-api.omnitagjs.com	cdn4.buysellads.net
1	hbopenbid.pubmatic.com	cdn4.buysellads.net
1	mp.4dex.io	cdn4.buysellads.net
1	prebid.media.net	cdn4.buysellads.net
1	srv.buysellads.com	cdn4.buysellads.net
1	ad.doubleclick.net	pastelink.net
1	btloader.com	cdn4.buysellads.net
1	www.gstatic.com	www.google.com
1	cdnjs.cloudflare.com	pastelink.net
0	simage4.pubmatic.com Failed	ads.pubmatic.com
0	creativecdn.com Failed	g2.gumgum.com
0	cs.admanmedia.com Failed	g2.gumgum.com
0	tg.socdm.com Failed	g2.gumgum.com
0	cs.iqzone.com Failed	g2.gumgum.com
0	match.deepintent.com Failed	g2.gumgum.com
0	sync.technoratimedia.com Failed	g2.gumgum.com
0	sync.ipredictive.com Failed	g2.gumgum.com
0	sync.outbrain.com Failed	g2.gumgum.com
0	bh.contextweb.com Failed	g2.gumgum.com
0	ads.betweendigital.com Failed	g2.gumgum.com
0	pixel-us-east.rubiconproject.com Failed	eus.rubiconproject.com
0	ssp.disqus.com Failed	public.servenobid.com
0	prebid.a-mo.net Failed	public.servenobid.com
0	ap.lijit.com Failed	public.servenobid.com
0	cs-server-s2s.yellowblue.io Failed	public.servenobid.com
0	cs-rtb.minutemedia-prebid.com Failed	public.servenobid.com
0	ssum-sec.casalemedia.com Failed	public.servenobid.com g2.gumgum.com
0	ssbsync.smartadserver.com Failed	public.servenobid.com g2.gumgum.com
0	pubmatic-match.dotomi.com Failed	ads.pubmatic.com
0	pool.admedo.com Failed	ads.pubmatic.com
0	c1.adform.net Failed	ads.pubmatic.com
0	um.simpli.fi Failed	ads.pubmatic.com
0	cr.frontend.weborama.fr Failed	ads.pubmatic.com
0	sync.crwdcntrl.net Failed	ads.pubmatic.com
0	a.tribalfusion.com Failed	ads.pubmatic.com
0	green.erne.co Failed	ads.pubmatic.com
0	csync.loopme.me Failed	ads.pubmatic.com
0	ipac.ctnsnet.com Failed	ads.pubmatic.com
0	core.iprom.net Failed	ads.pubmatic.com
0	cm-supply-web.gammaplatform.com Failed	ads.pubmatic.com
0	cm.adgrx.com Failed	ads.pubmatic.com
0	sync.srv.stackadapt.com Failed	ads.pubmatic.com g2.gumgum.com
0	sync-tm.everesttech.net Failed	ads.pubmatic.com g2.gumgum.com
0	match.prod.bidr.io Failed	ads.pubmatic.com
0	d5p.de17a.com Failed	ads.pubmatic.com
0	ups.analytics.yahoo.com Failed	onetag-sys.com ads.pubmatic.com public.servenobid.com
0	dmp.adform.net Failed	ads.pubmatic.com
0	aax-eu.amazon-adsystem.com Failed	pastelink.net ads.pubmatic.com
0	token.rubiconproject.com Failed	pastelink.net
0	b1sync.zemanta.com Failed	contextual.media.net g2.gumgum.com
0	sync.1rx.io Failed	contextual.media.net public.servenobid.com
388	133

This site contains links to these domains. Also see Links.

Domain
www.frydge.uk
www.facebook.com
twitter.com
t.me
api.whatsapp.com
www.reddit.com
www.pinterest.com
www.tumblr.com
www.blogger.com
profitquery.com
www.linkedin.com
share.flipboard.com
social-plugins.line.me
www.meneame.net
diasp.org

Subject Issuer	Validity	Valid
pastelink.net R3	`2023-04-01` - `2023-06-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
cdn4.buysellads.net R3	`2023-05-22` - `2023-08-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2023-04-14` - `2023-07-13`	3 months	crt.sh
*.buysellads.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-25` - `2024-06-24`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2023-05-09` - `2023-08-07`	3 months	crt.sh
ads.servenobid.com Amazon RSA 2048 M01	`2023-04-29` - `2024-05-27`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.google.com.ge GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2023-05-16` - `2024-05-15`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
u.4dex.io GTS CA 1D4	`2023-05-01` - `2023-07-30`	3 months	crt.sh
*.servenobid.com Amazon RSA 2048 M02	`2023-02-21` - `2024-02-05`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2022-10-21` - `2023-10-22`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
gumgum.com Amazon RSA 2048 M01	`2023-02-14` - `2023-10-05`	8 months	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2023-01-03` - `2024-02-04`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-02-10` - `2023-08-12`	6 months	crt.sh
*.ad-server.k8s.ie.ggops.com Amazon RSA 2048 M02	`2023-02-08` - `2024-02-15`	a year	crt.sh

This page contains 77 frames:

Primary Page: https://pastelink.net/ainw78r4
Frame ID: D8E57A8C51F655B19E235874A285EC24
Requests: 76 HTTP requests in this frame

Frame: https://d76d6cdd8769bd7fcf9cb73f68deb2c2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CDE85FCD7A2EE6BC370143B9F7F2BDBD
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss8KsCBurPKA3Pk9ielHjb1LnLB3StwR8Bmtm4XvcQet_WngM3bfZVemvSwcUqcHGDY_X7xWf5iTvMPxtM2RXm6TSEQJ57dPr4GyRm2QAyYRIfBaQiniIpZ23bW2s3gY3YZJQUirCFJQuJQp9K47OEVMc4x3b2sejE3Wf0sd8nRraH1piAukvONWbz1sDIWHU2YMC4MS5eHJjaqyUOD9oBF0R8r88nRikf5NAUj2QrQPPyvU-JgmOy-a6TPSTekapLi327pMEgMf3d8SBdlqLExKwGCJiCPPfq_jK9Gckb_Fg8PVPd1iCFfVGld5buCDSS2IRD7gOqyGsL4kDomfDYIadE&sai=AMfl-YQZ62pL7GZ5RueuFhWuTryFIYETHLIDeNfXOWinquvgtVtoh8v-j9pwKQdOpMnH0wo-3rbsB9vyq0c4BfnyAxum4_YZfW3NcNJUhivbD03ACvOCd5N4v_AEespJ46WbuRvacLzK4Flzh2lNoXAi&sig=Cg0ArKJSzD46QEKVC5HpEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6D7E11A84D32CC8A125E692AD6D13D49
Requests: 21 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBU4SeOpXSGw-TG4OY96Rrx01Nw90ZudVaqvafxop8aJSa40d6RKimbjV0aYjuYDcKX7JG1RE29SE4nQ3LPW7qyTpBFU0s1BlMOWW8Kq5vpl2yKbYnkG5aUE0yXIMQqflPXW22fkBntE1xKD848GXPnRUzacA6CYHLXPAdneE6eO1Irhpa7t_Z2meFR74g-mNQB714aQ5gJ4TMztT0REqQx8byAt8f3kvjg7RY-8m_i_DK2kaN13WdFaBPQ2z0-hCIRtsGpqOmj7kZYQjZkZgdQyWW3a1c1dYb52nuIuFMeJAwiA_XeJmtLVNsxvNvE4c2ttbfSIrt_YaKqeWh44oe96Mxotw&sai=AMfl-YQ-xBnMVQrO_rjSBr9YE4ZJwveg90UUi5yeQT47UXTCLcip7YeZETcsMe0AdVS9PvZ7OOS6_Pius94sGL30xxwbqmROIsZiw3f9oZq3-_fXb20C-5m7ifzKxJP8Xw9yLCKpri-cJjtz-EioEurp&sig=Cg0ArKJSzILWI-BUmR9tEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 3BA9D0860A2174317A36EFBCDDC14A7B
Requests: 21 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsskxDwwB4Lkx7JEqU5TLaellcI6L3DdW2Hcq8bRpbLVDnzNsygUHqrHCHaB6MlMU_IdN18kPtnJlMHRYmCcvzy2YbjZRwSZTt6MhGaVr3ClqyeXAG62pEQGa-iSMx77zvP9BpxZj_2gw8mNv3VebqhfeOFd2ZU_-9Gn5WJoeMRkKba2WAzql8FRuWOLfiH6a2Anm_USuU8N_N3u6T-ONnBeY8dSRzsDOX-fGhTkIs89PuRYsZtBVyVTKNhtMduU4I5totzuM-5OT343RLin6EB_0QeL8ml29CA21xxExQX2LR5P_sCYG3nQI32Vux6DKP65UWh-SVSTKsulZOzooA&sai=AMfl-YSjFyxTkUaa_CeqBasC4MP-d7zKrtA9saQGAbMYdHNy1KrwIohK0YBFZf-QesQ-Jayi2CA6r9zU27MateJhOatvWKqzM0LUbf1hXAxX6NSKSjym9i8jVqOXLHHTQyvk3Ar8iKfmDIZ6EBJFNOUz&sig=Cg0ArKJSzFoQPitbZTwVEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 97917AF676A18D59149FD9D2CC0FE8C7
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6TkZIDEJ-qnukEGMWmpOwBMAE&v=APEucNXMl_GhgKmsj2QicK87QZ-B-4oripVNGxAN6_v3UcEpVwnsjyLStFLtNClVE0gR3dSvJy8rfVTiNuPJhUakiUSS5UeDaw
Frame ID: 186F933799B6F8365039FF20F345801D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6TkZIDEJ-qnukEGMWmpOwBMAE&v=APEucNXDOlTVxCrjRbZFZYZ6Vd9Csbo3Sxmu05126HFJ8PeS96ZM8mM3mm1SwRjV6ZFO-YbUrIo_Y40D7Ya7IZ1wWa62vnd4bQ
Frame ID: 4C15DD2E1DF695F2162DDBB68D3F6082
Requests: 5 HTTP requests in this frame

Frame: https://cdn-copclient-w.media.net/cc/creativecop.js?https=1
Frame ID: D0AE2256A2787DB8394E7C060F96D49D
Requests: 34 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3BABA057F14F8FF2F8FB34CAB9972977
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7B4479CC2BF883F54FF11AFF9A3AF985
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6TkZIDEMGZ6MsDGOrGnukBMAE&v=APEucNVxjerDcDixP9IoGOmWLicFejgnuEIlHvF7s3Axf-244q0OML-bQOytPV28DJKn5w6SuouigWYcalGK6AgyzGqi2mxSb9IHj6YNcPfudcA65J7_mSI
Frame ID: 4D12312CE7CC041350D7572B216FEF69
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BhKwnlUgssBZ_632FasjbmcWUqmT-x13Kl2InxdaEFCflnwsUuEH7TdOjYsGhpsK8JF-5fA-c6BqqmlginPvs1h05V_FYjfZUdA7_HffhK90pjaz5opVkbUp4kJmOZJ2-pBapx1ft-oKlZjnOLqksSmOQhinVsbkhk8GHdyzSlIy-2P04&cry=1&dbm_d=AKAmf-APv8OSEHG_Ed7pGFU3TqXXbqXpsKAjgn2iVg3u8CoNvQm2Hb1JLgJjafUySGoxEVIFFkf3fB7sAqgzIEI5t99hm26AKWqKnzCnGIwVP_vZM9FSyB2qmHZ0GaHlxpuwLKlps94fAiZb3g9_B0o4XmEs4ll1gxtdhxZCvMtTc7qrFc0Jz_51DVFVNGuWhoEDvl7FcfqDLSNo4KUQuBkLEb-wMzlv6R3jcGXFVjhiLiRamj3_otw7Yc9KNGs6eC_hCbRdJ9Ata0TEOC3yDsN8dLOsDIpElG3BiGHWLL72qx5towU29pAarweY48No-bBxEAVdWIZSrZ7flqivsfLCszhq_BSw3Fa_o05YlRdNn7azV3yzsg-lLBZEcqjyli2liI1a3h0iUm3PKtxiLf0yiAYIs4_1QQDTVwOR_cVNwL7GW0eMOrwZwmf6hJupZjub0ZVKK8dgbJKXVXFYXtIb-po35aTmE2dJx1oW2wyoOgv2kDGZwV-j2a0xaA33CH6_Grc1ujFPa8H4vwV-hKlaZos96HtOZzSA4d3j5MrbxsnrHuhFATUuyTc9bTHM5XQZISTWBzswlhC8LlfjYARDxHh6OwTFU6jzv46QMGfzUU-UXGMW6MtmwpioNeTQgmH0IVOSpmHFkPEHDxbzPlRfebFepdtk_QrA4AETpTkSDPUkpjPrBFMKJKzy1I3C96ennwVhwoDO_8Rc65iywSnLD59Egf8b_x-w4AsSv9dp2ASpTjyqkGSezLJs4pNSuiPr23D77PGBjUHofwwqEfJFtNpOcn70VCAJgxlc1jyzbf5kobmNd1h-uQRDIH6dl3i9BI0CpLta2J0fsxLAkiG6YKPtViwwC4C2bm6ewLW4vKbVJIkjC-bqYaphHm_Pioa27eSEV1fc5LpqUSp_kV2QlSaPEr7L8Zi5Gqahl9ZCVr9URWWMaWThgH953a51nAjCMUjC7sflTziQ0_316BWxUBvn6TA7v4Dddao6U_QS1SuPic7qc7BHBtReUwoc4PZxg87F3Wemq6FIx-QATElokwIpbT9qSmRetQVD0wsYJ_zukv6wIkOZB0qd4QXz6yq6KH4N8JAYh8Fc-tLcbrG-TYOxDdUKcd7wHudG74_7yT7ewRrU-UbIDioJ0EZ9DToCt9haNfVnSU2uv59ipLya7LWWsOCGDGnk4j2Lj6VQ2-7NZASPsJ5oTBazWEApo8NcQ0SCX2c816iX48SI5lSXO1YAT81KlYgYPrK8tO0xUACGTNHmtU0K04IjYthk1rqclW7U37K7GnbyZYK7ZHSxLn0QYvgXbNIjbSrvQVgDvxaNV6a2yr239_3BKycym9lB8OhDlXCeHPjELL6HWr0V4ZIVotOgiQ_x7UUsO_owh5zATRXhNc5s1gBwNC88JoJkez2xqXQx1E48-HwlLtL54BcIvNTegw6lI51mTxR3zm0WuuYTB9cQBmNHXxbJwtLINGRvcCuzyXO2SnnVpMA6U5qtcpFIpE2jKN4xYBstaDJi2_F0XbksFPmHDAexHy6U44r-cA6LuWmVRfZxGMrKIXf71R75TUF6s6qhrtMwLwkfw7CvbTV42LWkHZjy8CJuuEPEdX0477UavTZ25MH8n9jlinA2Qo7fnzbkcmFBwk6nK665rMRVfeR6WyjRVL-HGaxpjsD6qS8QXorJuoNjh6Y4mdxBEKJ3FJg-PFJJIU1Hk7TlyU6fWLTdn55SZGDERhsRFVxPWN2eWew9_rGf1ja5hWGt8r3kdDjqB7VJIivvdbK_QY5Y58yF9Hv9e65yiSYPIZWU0S3h1FajiQnnT_D7mlJrbVP22b0yugP6M6nnJfAC9-GyZRbVrjd9aRynQDgXqbpzIa4_mIKzsyd3ZVYaMWGdXJ8zrO_O3jAGpGb1qtF3lz2dx9XptKsJbTzj33KcMI_LbUTlSdkhiOQbMHOPgU6p35QOO4QEf5iQeP1Jng7wHyUdv2c01-1vTPVV-mzUERk36jl_8JvkbizcyE4UN7JbrlU2mOap2r0NTEOedwRUKA11xZ2xrwROR6Rimc9AN2pknuZdqYGs8FUixQzdPzAgtQ8ABepGF8UQ3zflGGtfnv6DL7opNH2ykiBZzqAsVzbyn8jH9ulcZy_Go57XaGlW4Ph98ib5bs_in5N8A6Zj1J4__S_xNKT90MqQkKG2HFw4Ivgg2vsaSnarsQM1vwxBX-JNudhF0X8stGwo84bL7mavKdgqOL8smHYW6TlWQqbd84PQ79FdGO3ongm4Ov1kHDX-UEUzg2vZCqgVoEE-90uHRI5e1TtC5MvHJBn1Q-SYOT1stcm30DSl_xhmay0T-kpLY38yWqLUC79vdK5EaHWHpEVwpjRKlN4JwT_gbgIwHfjFzLC-yDTyOVcPy3aRHsmqdMpXIdNcIdyJNerIubdVshrnt_sC0eXAIrCUvavjkdCGKsK9S0KDnXbWuFOwKp6gzD2Wj0fvpGRdn4qDO3-j-Nb9j8yUwKSq3Dszmeo_XHmK4Z1Rg1IIbVUaL-_IF3ipVDnBF59BlsZnm5BOXMar_78A2aziMrb5d1aTLfZ5-WIhOJAfpZzg8s87de-9hSlXPicm05V1PemJp1HNf5V_3vRc74uK8KEwubO9F3ak2ZmM7XqLi2EpsdPPXe7OVsWFeOdw9LLRRPIo45eoWcuI9PZUW7hex4TOJ9YrUxj6d2mvAJPlJutGGZrqP4LcMznrPFmx1eMOrNqAr6CfjcliiNC5UWzygFIRMT_q95bun_Lp6XG1wyGHb_MACsWvHbpaCdw9pjOlKxHqB8YHNY_z_UshyERtPeCnPWroDJwGedM-3sYEAH604mVICKdjco73rRIwNH5qmxIIKf5wvuwolrW5GbyTXSlKUbJgnm3FjDKjaRjbMJa_NgM5mQdmxM7tAPYuGMYaQuVY7L2zPbeNTJ1zYlKvrLS28DOqk3tVqJogCkrg_WV5v9y3gbRRtk-nBNNvAZ5LgnMdhn3YZdTRtyIrMHlb1OK_gRgqPKQTFH95iAZoB9kuVlhTKRq8Dn91Dr1hWa-VBE0or4vN4zLHaNSzEmkjix14-BUK4Kw-T7RuFSC1i_JEx2SkTO-Zh9R4rZP0R-QHoBlS4RHXXhvd-n4rxod0s3YEXrZU9mURbVRHAEwRkfVQIgIdHzIv0xk20KWUnPmlfsImOdI6BBh1W2WjA22mK52hswSLEoiCBiXWe0pGDa9Uue9UoY1Ktj0LJSdnNSyemOQhEWAVsIKV1tgAFKQrNKHzIZZ6Vt3zGNnay7myjIBTlxJVVundMKh_ik4_E1ET4zEd7MiSrJYmYGWHd2iNPRGzc9QQ23osInbC6ZizXS38IjzLuUqkK22xNVLWklwrF9gX8bgalYMtjgO-U-VC9awxJMXhC-QAlZEoUykj87HWGApuYZzfRQircAUwitPq3l7IW9ziDbO0RCDjSebJ_c5fUZSOCrSOXxcRwTbOrRhCoNYt6HKK_8xpG1ZXPLydUMgKpCF8sFY-7u7CfvxA3xZ-E4KdHeMUo3I2AMWVBuBbkweraUvKnlbV2RPaYkE4DC0m5C4M6eLrmOM8PdYzT-ztLM5S0n19skIkXngNdLohCrr4VFnQyw&cid=CAQSGwBygQiDEMJRO47-UFINQa-ln2zdFIw-RHoZoxgB&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpastelink.net%2Fainw78r4&ds=l&xdt=0&iif=1&cor=14691629281178227000&adk=1953862145&idt=662&cac=0&dtd=14&fbi=1
Frame ID: B434D6B6CC7776A914AF2A33C3201A8D
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=ge
Frame ID: 8C2315254407876B60F016D9989EDC82
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=ge
Frame ID: A3553715647F2DF937B3E25C88B19365
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 123E1450E3F8251289719B72B081F9E8
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AE0A989AE9AAA64B2E7F5DC26543ECF5
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 13D499EDA58899EB92E4A1FD03FA5BCE
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D02A750997A2ECB3B8E8EC789365672A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 531EBAA1AB460F89511CA27D2DE6B766
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 26C6CAF1B578C3423979C8CDC5302E33
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=9&vsid=3287656304262554000V10&type=rkt&refUrl=&vid=57640306653287656304262554000V10&ovsid=5133329525987312891
Frame ID: 347251CA924BF84C7DF1BA8703A75327
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3287656304262554000V10%26type%3Dpba%26refUrl%3D%26vid%3D57640306653287656304262554000V10%26ovsid%3DPM_UID
Frame ID: D8CFC82A238F475B4E800FB7DFB5413E
Requests: 19 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3244123426570389665/index.html?ev=01_250
Frame ID: 2227DAF0C713F815BD7C917368BBCEDB
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3244123426570389665/index.html?ev=01_250
Frame ID: 27CC5153C47C9891EDC3B38205C77681
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pastelink.net
Frame ID: 06069EA3DFA0C8232E07ED35E1FBA00D
Requests: 2 HTTP requests in this frame

Frame: https://u.4dex.io/usync.html
Frame ID: D2D18C97AB952A06B8F731670F473562
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Frame ID: D956BE8C0D7E779EF2BAFACF827529C2
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 6320ADBB3FD5399EBE192974016AD38E
Requests: 13 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: B9532593A8C05256FE04FF124ED038A7
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 19AC354F33162CCED07F6361C843FC8C
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1685764027994
Frame ID: 9A3702D2FC388E635784F65F0F13AC30
Requests: 14 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8743AE9F399556FC71F26B17A9343BDD
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: AA39072A794BB6F4AC9B6B9354A3A6CD
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3287656304262554000V10%26type%3Dpba%26refUrl%3D%26vid%3D57640315263287656304262554000V10%26ovsid%3DPM_UID
Frame ID: C995B12D81B4BE92CC190510954D8664
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8194647a-b7c0-4700-9e25-ab932002dcd3&gdpr=0&gdpr_consent=
Frame ID: ADA045210C9620FA091ADFC7C7F4F43C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329525987312891
Frame ID: 7ACC7E7D3012305BBF965CD885B6E655
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 4159F6A87565CE40C0FFB42863B2AAE5
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: AF7C3BE1FF0443B4690E3AF1F6FB6A02
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6929E52C-09DD-4DB0-8D3D-B5F73033A0BC&redir=true&gdpr=0&gdpr_consent=
Frame ID: 2FFBDEBF3FF7B6078F88A247BF5D2FC9
Requests: 1 HTTP requests in this frame

Frame: https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
Frame ID: 5CF2BC2DC58476BE9D486AFC4928DAB0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9151607127440319276&gdpr=0&gdpr_consent=
Frame ID: 61B1C1F02F044B163A4CE8F28C25D0C2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7240301386218403990&gdpr=0&gdpr_consent=
Frame ID: CA7EAE0CC77E2BB83777ED129050877F
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
Frame ID: 758267113C9D0DC8E2EF124C7EEFD62F
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: CDC687D3228F0D411E46D4577D6EFA89
Requests: 1 HTTP requests in this frame

Frame: https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
Frame ID: 7F2585467E7E00194125E80395B993EA
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 060EC718424A29B9CF3BB2FE154A5204
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: C1A1F1112ADCA6B4F78288AF1687D603
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: B6756A4F7C57F5BA4E3EDB8FCB33C807
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 26763798609E93F0123C4CEC8C207EC7
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Frame ID: 547B549A1840B6AAD6F114A2853792CE
Requests: 1 HTTP requests in this frame

Frame: https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
Frame ID: 5E53D508D0B34A9852C2925BBA48DB6B
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 0E8819D9312C7F7F73D408407AE7AC2E
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=9&vsid=3287656304262554000V10&type=pba&refUrl=&vid=57640306653287656304262554000V10&ovsid=6929E52C-09DD-4DB0-8D3D-B5F73033A0BC
Frame ID: 5688A49141C064A72503867A6199F003
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: E50FFBBFEA0503306B3DFA8881C5ACFE
Requests: 15 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 1BF511E7EDF06DFB7E30AA77F2D06F84
Requests: 15 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 2B3863E996D0029B857F7F1FF952843D
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: FB0C7EFE715D8932BDE2CC7B5A549AAA
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 053A113F75F5CDA1D77FD8164246B59E
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: DCADACB7D6A4AFA49507CBE4451436EA
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 00CD63CCCE2248C44B62D631940E59BE
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: 67B9109C070872B918A08816AD60F014
Requests: 2 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: D22F9C2D41F76F9663F3AFC7801DDBC0
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Frame ID: FBE6F96EA32E06D02FFBC646C4F9E6FB
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Frame ID: 24CB44AA7584D5143CA267C6ECCFB29C
Requests: 3 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: DBC53EA798CD4A2962E4892049EC30BB
Requests: 1 HTTP requests in this frame

Frame: https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=e_5991c293-fdb1-47f7-8b2e-7b2ed0bc47d0&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz
Frame ID: B38EFB657D896DD87E22E79C31194ABF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: C7E20A49A569A8636D7FA2E232CE3D3D
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=e3707cb1-3f6a-4e6f-9166-acd9967ce73c
Frame ID: 858DFE2A82A00FF8464088BAE148A133
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=7ecc647a-b7c0-4900-805a-c63e83b5dacd&gdpr=0&gdpr_consent=
Frame ID: 7239C24F758B6F1C5F3FFA5AA6F1F46E
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 1990DDEC7DC1643817CB810C8E3B1A6C
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81OTkxYzI5My1mZGIxLTQ3ZjctOGIyZS03YjJlZDBiYzQ3ZDA=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: F0FF15DA5ACA2024427FF99BBC01FF72
Requests: 1 HTTP requests in this frame

Frame: https://tg.socdm.com/aux/idsync?proto=gumgum
Frame ID: 98B31468AA45B2908FEA5490970CA811
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_5991c293-fdb1-47f7-8b2e-7b2ed0bc47d0&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: A5DE060F4E82BABD6F0522E3D62C6461
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: EE2EE7E5DF20C2F7FD854C572439223C
Requests: 1 HTTP requests in this frame

Frame: https://creativecdn.com/cm-notify?pi=gumgum
Frame ID: 6CD235EB53D7F57D19AD7903BFB71BE9
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 90253FD205B84488DAF9695685AAD5DE
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Frame ID: 99EE990655E5181BDE2A3B0D3FF155CD
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

10 Top Mobile Apps For Small American Fridge Freezers - Pastelink.net

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

388
Requests

65 %
HTTPS

0 %
IPv6

84
Domains

133
Subdomains

69
IPs

8
Countries

3163 kB
Transfer

6920 kB
Size

91
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.frydge.uk/categories/american-style-fridge-freezers
Title: https://www.frydge.uk/categories/american-style-fridge-freezers

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://pastelink.net/ainw78r4

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=%20https://pastelink.net/ainw78r4

Search URL Search Domain Scan URL

URL: https://t.me/share/url?url=%20%0Ahttps://pastelink.net/ainw78r4

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=%20https://pastelink.net/ainw78r4

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https://https://pastelink.net/ainw78r4&title=%20

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https://pastelink.net/ainw78r4&description=%20&media=https://pastelink.net/assets/images/pastelink-logo-square.png

Search URL Search Domain Scan URL

URL: http://www.tumblr.com/share?v=3&u=https://pastelink.net/ainw78r4&t=%20&posttype=link

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blog-this.g?u=https://pastelink.net/ainw78r4&n=%20

Search URL Search Domain Scan URL

URL: https://profitquery.com/add-to/livejournal/?url=https://pastelink.net/ainw78r4&title=%20

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/sharing/share-offsite/?url=https://pastelink.net/ainw78r4

Search URL Search Domain Scan URL

URL: https://share.flipboard.com/bookmarklet/popout?v=2&title=%20&url=https://pastelink.net/ainw78r4

Search URL Search Domain Scan URL

URL: https://social-plugins.line.me/lineit/share?url=https://pastelink.net/ainw78r4&text=%20

Search URL Search Domain Scan URL

URL: https://www.meneame.net/submit?url=https://pastelink.net/ainw78r4

Search URL Search Domain Scan URL

URL: https://diasp.org/bookmarklet?url=https://pastelink.net/ainw78r4&title=%20&jump=doclose

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 89

https://ghent-aws-fr.bidswitch.net/imp/0.011/BSWhttps_A_B_Badx.g.doubleclick.net_Bpagead_Badview_Cai_RChtEbvLd6ZN2pAoKD9fgPy__m2yA7Cvf2vcLzF8vHsEZEvEAEgg__3mH2CNAsgBCakCuHfyXPX2sT6oAwHIA5sEqgTsAU__QJlFQInDqigIczwlbc5XXcdRTMZJCTSbpzoBk9W4FIbzr7gi2bhYZ9wl4fb00V-IH-__Uj42aH9FW5TDO8E8mYqEtccaxhHxtjgZBkphm__STWJMunv2VIsId8R6iYgSYqdyjveXZMiM__ESk4fE-6FcZJgDyYbutzlC__PP6ryKitv23MZBlqWXLV6jLugtxJwog5nHxUFFCvm1ubpYM6JOOmPKISshGAVbS3lU__V8zu5MsWpJzYZscDFz759o5IHwbXK02m6Tpa00Z-sankUiRqr1CP-VdeneJ0SAh4gZMhUyu4CCHqSzxI16f2wAS5gLvcoQTgBAOIBauOv-NKkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ3gAeM4uO6A6gHjs4bqAeT2BuoB-6WsQKoB__6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcJENpWGOrGnukB0ggUCIBhEAEYXzICigI6AoBASL39wTryCBliaWRkZXItbWVkaWFuZXRfOENVMTg4MzFJgAoEyAsBsBO97rMTyBPbsMXiA9gTCtgUAdAVAYAXAbIXCAoGCAASABgA6BcF_Jsigh_R2UdLn9dJYTY_Juach__m_R_EUACH_F_Jpr_R38_A_I_WAUCTION__PRICE_X_Jcid_RCAQSGwBygQiDEMJRO47-UFINQa-ln2zdFIw-RHoZoxgB/PmZbc0WMHxo6rZXU8qDECOLXHbRJsO301c0Op0H8GHUrPhd34zsyk6vSBW1xkKqN7bMB2z2LbHe9wan-iox0xjNoh0ie4-QqHNd8yzQIZpacz2H8Qd8sptcuWPYrLSnWB7EtX9Mi-aEh6e0Vty8q77VvzoMlVbmtZWmI_7jtL4rFeFPQ7kIG1HPLSjUBXy64YXXgHyb-F_AxxnyXa5ZoXhHDc6mHA8lRCHXAfj9WKJ4gJC5OHqEJnFtu3sNDrXUtZyf1dQ0sRMIRBabi240r5tOb2oqMzwjwZ8ZhzsCVqqGyAbcP_pctgYPvjrJ-mwzFhje67GC_9sh4MIvoirgCDRqTMGWJ1luWizlHAogOyM6TEIhe-6p0sj-cE7azdsOUoRIL9exKlqqSd_pxgsdubzJ4q7N5ZPwmLs7fY6kR0DPb3DQsksz3gJFYBn-23Zn3xE6c2V9yTonG_eJ1BMfCZCVQ2SrZuAEdWwdmgO2EviRHpmN-nE5ucKnBwJCIrQDOwu5xmC1WO9Ipa_SdRXJrfF8DR5E5uWwUwi_70CIxqWskf1wf8_VIXIEqOgsONVab9HZHGk5Cw-5YXaX6mVYULuAi-R6ObGw56-kt_VTQq8jm7tRXR6XErznu-5w0Rp48qYxgzy_cpwhbLjb0MUbDC_e6ROM1Nw_z9QQCFhTrVsSHAhwTAih7_uTxjv_tWrBgYGsdqAhJlYwL6Lp-OBaW4J0XxzYdHoRGy5vvlGx6gpSRV-64Py0eHrZ5a-VjZJB5oNYmTA8UuegS4kIQtD23Z-oR9rBmUJjkB68-2Py1ZF4lXvgv5Xbc-mkmtz6RtGsWHZZ0eWV0EJ60gT9PKos88HZ3MzZxKNP2Is5IT8Q6u1BwFVRM-U_wHhpRYmz9_rwHK2vM-_MYKuDi3HUTYRuoW8AHfDg_Z24HR8zgoauNNjsW44zxBPTAEiASByg-YqX2KfPgt965pDqUNdoZml03zsc1pVSoLS9U1YOOHD7JpJ_x2zP6_FaZO2jR8VtPxa5W0NjPvS4pkofyf9H5goy8nfCUnbPb3aDoQSb6xCd4BvgT1NQ6V-wNPf_Zg46PtixBfaxywxVvGhKgGmWWslsu1FcBGQAHAh_YcbPCnyXrpcleEUHOB7QLj3wm1nu8WhSr5qi1WDQpAw9fCqEIx3X8sBVrbpAQmyvtOK3zhdmBcMT3XZtcnf077VQuyYdhx-vZjCrmW_S7aQE9-zDcX6lqBjPNpZ183PcTScj6za9r5a3yYUNBzm5msyGDm-1DJBdCfIDsPG3pqmr39SZiSBjgwboE7N10cLASbEGmt0YQGUkVqsv_9m8oB97PLoCNbyRzBa7UwSuIth2LAMrsGy-F6c8KuTs8mwIQqXMG-iix8SI_HWIucHXgp27j4WubfzMan_Mm7OtXTLtQyR56wEHAQ8U3YGPJBAy5DqmqabpY8O-WbUg2pJtyPaSQUVkOMRm9wJbtsE3ZcLU-ed7vkKKMM22c9Jgv064fTXvQjTkCqDM19v1NPZEB981Cbh_lSH2P1yoETgHnHg7JovirOgWEWUNP9HLrJ-1k1vBHgEDe7dk-BdDBLFxe7P3HbME1mFp_zH6ExnqEwNoEgmtIiuwdRVpsUeTo/ HTTP 302
https://adx.g.doubleclick.net/pagead/adview?ai=ChtEbvLd6ZN2pAoKD9fgPy_m2yA7Cvf2vcLzF8vHsEZEvEAEgg_3mH2CNAsgBCakCuHfyXPX2sT6oAwHIA5sEqgTsAU_QJlFQInDqigIczwlbc5XXcdRTMZJCTSbpzoBk9W4FIbzr7gi2bhYZ9wl4fb00V-IH-_Uj42aH9FW5TDO8E8mYqEtccaxhHxtjgZBkphm_STWJMunv2VIsId8R6iYgSYqdyjveXZMiM_ESk4fE-6FcZJgDyYbutzlC_PP6ryKitv23MZBlqWXLV6jLugtxJwog5nHxUFFCvm1ubpYM6JOOmPKISshGAVbS3lU_V8zu5MsWpJzYZscDFz759o5IHwbXK02m6Tpa00Z-sankUiRqr1CP-VdeneJ0SAh4gZMhUyu4CCHqSzxI16f2wAS5gLvcoQTgBAOIBauOv-NKkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ3gAeM4uO6A6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcJENpWGOrGnukB0ggUCIBhEAEYXzICigI6AoBASL39wTryCBliaWRkZXItbWVkaWFuZXRfOENVMTg4MzFJgAoEyAsBsBO97rMTyBPbsMXiA9gTCtgUAdAVAYAXAbIXCAoGCAASABgA6BcF&sigh=2UdLn9dJYTY&uach_m=[UACH]&pr=38:0.011&cid=CAQSGwBygQiDEMJRO47-UFINQa-ln2zdFIw-RHoZoxgB

Request Chain 90

https://aws-fr-sync.bidswitch.net/sync?ssp=medianet&dsp_id=16&imp=1 HTTP 302
https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=medianet&dsp_id=16&imp=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=medianet&bsw_param=2bc77ec1-1b8a-492a-a8e9-13ff962d1fec&google_hm=MmJjNzdlYzEtMWI4YS00OTJhLWE4ZTktMTNmZjk2MmQxZmVj HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEBa2cVG06bupzrlHGNZRLgI&google_cver=1&ssp=medianet&bsw_param=2bc77ec1-1b8a-492a-a8e9-13ff962d1fec HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=2bc77ec1-1b8a-492a-a8e9-13ff962d1fec&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 99

https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm HTTP 302
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESELUgkN9w6lvBA8t-0CoQ6t0&google_cver=1

Request Chain 100

https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=Wmw1Qkljb0VzRkE

Request Chain 101

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEjxyfkViFAQy7TALmbK714&google_cver=1

Request Chain 102

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZHq3voFvUZ05T5XVfZOW5wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEjxyfkViFAQy7TALmbK714&google_cver=1

Request Chain 103

https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm HTTP 302
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESELUgkN9w6lvBA8t-0CoQ6t0&google_cver=1

Request Chain 104

https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=LUFON0h1ZUtLRms

Request Chain 105

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEjxyfkViFAQy7TALmbK714&google_cver=1

Request Chain 106

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZHq3vReiBL7WDHSRuH4RYwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEjxyfkViFAQy7TALmbK714&google_cver=1

Request Chain 131

https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&gdpr=0 HTTP 302
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESELUgkN9w6lvBA8t-0CoQ6t0&gdpr=0&google_cver=1

Request Chain 132

https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=VDVERkJPY2NJMGM

Request Chain 133

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEjxyfkViFAQy7TALmbK714&google_cver=1&gdpr=0

Request Chain 134

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZHq3vReiBL7WDHSRuH4RYwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEjxyfkViFAQy7TALmbK714&google_cver=1

Request Chain 176

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
https://eus.rubiconproject.com/usync.html?p=medianet

Request Chain 177

https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D9%26vsid%3D3287656304262554000V10%26type%3Drkt%26refUrl%3D%26vid%3D57640306653287656304262554000V10%26ovsid%3D%7Buserid%7D HTTP 302
https://contextual.media.net/cksync.html?cs=9&vsid=3287656304262554000V10&type=rkt&refUrl=&vid=57640306653287656304262554000V10&ovsid=5133329525987312891

Request Chain 179

https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=9&vsid=3287656304262554000V10&type=son&refUrl=&vid=57640306653287656304262554000V10&ovsid=[UID] HTTP 302
https://contextual.media.net/cksync.php?cs=9&vsid=3287656304262554000V10&type=son&refUrl=&vid=57640306653287656304262554000V10&ovsid=eb37c243-e762-4663-8f4a-e46868cef88e

Request Chain 180

https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D9%26vsid%3D3287656304262554000V10%26type%3Dopx%26refUrl%3D%26vid%3D57640306653287656304262554000V10%26ovsid%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D9%26vsid%3D3287656304262554000V10%26type%3Dopx%26refUrl%3D%26vid%3D57640306653287656304262554000V10%26ovsid%3D HTTP 302
https://contextual.media.net/cksync.html?cs=9&vsid=3287656304262554000V10&type=opx&refUrl=&vid=57640306653287656304262554000V10&ovsid=5178bca0-cd6d-0f95-092c-d6c678c904d9

Request Chain 182

https://cm.g.doubleclick.net/pixel?cs=9&google_nid=media&google_cm=1&google_hm=MzI4NzY1NjMwNDI2MjU1NDAwMFYxMA%3D%3D&google_sc=1 HTTP 302
https://cs.media.net/cksync?type=g&cs=9&google_gid=CAESEC9v7xdlIRJEF3dyI0xmWEk&google_cver=1

Request Chain 183

https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3287656304262554000V10%26type%3Ddxu%26refUrl%3D%26vid%3D57640306653287656304262554000V10%26ovsid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3287656304262554000V10%26type%3Ddxu%26refUrl%3D%26vid%3D57640306653287656304262554000V10%26ovsid%3D_wfivefivec_ HTTP 302
https://contextual.media.net/cksync.php?cs=9&vsid=3287656304262554000V10&type=dxu&refUrl=&vid=57640306653287656304262554000V10&ovsid=EcXQKwG31Q5ier5

Request Chain 184

https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=1429da15-ccc0-4ee3-b308-445f3f95edac

Request Chain 186

https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3287656304262554000V10 HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3287656304262554000V10 HTTP 302
https://contextual.media.net/cksync.php?type=mf&ovsid=26e3c68c-4921-46fd-851f-7715b86baa3c&cs=1

Request Chain 187

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e3707cb1-3f6a-4e6f-9166-acd9967ce73c

Request Chain 192

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=2QXSzswRTryN_V-rHRqAkg&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2QXSzswRTryN_V-rHRqAkg

Request Chain 197

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECN3Y7f_ctW35jFZe93qCoY&google_cver=1

Request Chain 198

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://match.adsrvr.org/track/cmb/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e3707cb1-3f6a-4e6f-9166-acd9967ce73c&gdpr=0&gdpr_consent=&expires=30

Request Chain 230

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=MzAyNTcxNzc5MjM0NzQyMzY1OQ==&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEDWCCTzkWYXSDCxm7O51SMM&gdpr=0&gdpr_consent=&google_cver=1

Request Chain 231

https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=1429da15-ccc0-4ee3-b308-445f3f95edac&gdpr=0&gdpr_consent=

Request Chain 232

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MzAyNTcxNzc5MjM0NzQyMzY1OQ==&gdpr=0&gdpr_consent=

Request Chain 233

https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MzFsM3lsbFBZdThUbmk2RVNKM1p5YUhHdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDMxbDN5bGxQWXU4VG5pNkVTSjNaeWFIR3ciLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDMxbDN5bGxQWXU4VG5pNkVTSjNaeWFIR3ciLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDMxbDN5bGxQWXU4VG5pNkVTSjNaeWFIR3ciLCJkIjpbeyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDMxbDN5bGxQWXU4VG5pNkVTSjNaeWFIR3ciLCJkIjpbeyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent=

Request Chain 235

https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LIFGDKTP-25-DSTK HTTP 302
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LIFGDKTP-25-DSTK

Request Chain 237

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://onetag-sys.com/match/?int_id=1&uid=d5d1647a-b7c0-4d00-b7dc-8c445fc6620b&gdpr=1&gdpr_consent=

Request Chain 239

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=9151607127440319276

Request Chain 241

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiH9dxD6EyMnnx7l7ApjxEt3FeQFmAGOl_A

Request Chain 244

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=dnKiWkreB1GcRTEBU2MHNKRs2QEVxvNVa-kE6LP2hfg

Request Chain 246

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEN88eBY_K73UeoonKUdFHW4&google_cver=1

Request Chain 248

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=29&uid=e3707cb1-3f6a-4e6f-9166-acd9967ce73c&gdpr=0&gdpr_consent=

Request Chain 251

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
https://eus.rubiconproject.com/usync.html?p=medianet

Request Chain 252

https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3287656304262554000V10 HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3287656304262554000V10 HTTP 302
https://contextual.media.net/cksync.php?type=mf&ovsid=6fbbdc0b-9914-4613-81a7-47320acdd0a0&cs=1

Request Chain 253

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e3707cb1-3f6a-4e6f-9166-acd9967ce73c

Request Chain 255

https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3287656304262554000V10&type=son&refUrl=&vid=57640315263287656304262554000V10&ovsid=[UID] HTTP 302
https://contextual.media.net/cksync.php?cs=8&vsid=3287656304262554000V10&type=son&refUrl=&vid=57640315263287656304262554000V10&ovsid=0938de77-c641-4fdb-962f-c7ea949e7edc

Request Chain 257

https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3287656304262554000V10%26type%3Ddxu%26refUrl%3D%26vid%3D57640315263287656304262554000V10%26ovsid%3D_wfivefivec_ HTTP 302
https://contextual.media.net/cksync.php?cs=8&vsid=3287656304262554000V10&type=dxu&refUrl=&vid=57640315263287656304262554000V10&ovsid=EcXQKwG31Q5ier5

Request Chain 259

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8194647a-b7c0-4700-9e25-ab932002dcd3&gdpr=0&gdpr_consent=

Request Chain 260

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329525987312891

Request Chain 261

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 265

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9151607127440319276&gdpr=0&gdpr_consent=

Request Chain 266

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7240301386218403990&gdpr=0&gdpr_consent=

Request Chain 278

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aSnlLAndTbCNPbX3MDOgvA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 281

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=6929E52C-09DD-4DB0-8D3D-B5F73033A0BC HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MzFsSmc0U1loaHJUYXU5SVo2S240MURlUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=

Request Chain 282

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjkyOUU1MkMtMDlERC00REIwLThEM0QtQjVGNzMwMzNBMEJD&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 283

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPPLlleHwzcHnIlNIhvWhH8&google_cver=1

Request Chain 286

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e3707cb1-3f6a-4e6f-9166-acd9967ce73c&gdpr=0&gdpr_consent=

Request Chain 289

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=2bc77ec1-1b8a-492a-a8e9-13ff962d1fec

Request Chain 291

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8050394066574565614&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 292

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=6c31093b-415f-4c03-83bf-715972b83d01-647ab7c0-4745&gdpr=0&gdpr_consent=

Request Chain 293

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:ce6ee35b-28b0-40c0-bbd6-89c8f1e85a8a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=114&uid=6929E52C-09DD-4DB0-8D3D-B5F73033A0BC

Request Chain 304

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

Request Chain 309

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
https://ads.servenobid.com/sync?pid=312&uid=9151607127440319276

Request Chain 310

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
https://ads.servenobid.com/sync?pid=310&uid=GwIDvRZHbbCb_prYT-2rymQm

Request Chain 313

https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
https://ads.servenobid.com/sync?pid=324&uid=5133329525987312891

Request Chain 314

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
https://ads.servenobid.com/sync?pid=332&uid=0938de77-c641-4fdb-962f-c7ea949e7edc

Request Chain 320

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
https://ads.servenobid.com/sync?pid=353&uid=3287656304262554000V10

Request Chain 326

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiH9dxqCLLuOVAAJshCQzOVU634j0PSSwjg

Request Chain 328

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://onetag-sys.com/match/?int_id=1&uid=7ecc647a-b7c0-4900-805a-c63e83b5dacd&gdpr=0&gdpr_consent=

Request Chain 329

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=2&uid=LIFGDKTP-25-DSTK&gdpr=0

Request Chain 330

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=9151607127440319276

Request Chain 332

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
https://onetag-sys.com/match/?int_id=107&uid=3025717792347423659

Request Chain 333

https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=c98XbXPyw0Uh7HhxsmKr3A3zevZ-JlCmvYSlZ822J9E

Request Chain 334

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID HTTP 302
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=9151607127440319276

Request Chain 335

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEN88eBY_K73UeoonKUdFHW4&google_cver=1

Request Chain 337

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=29&uid=e3707cb1-3f6a-4e6f-9166-acd9967ce73c&gdpr=0&gdpr_consent=

Request Chain 338

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag&bsw_user_id=2bc77ec1-1b8a-492a-a8e9-13ff962d1fec&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=onetag&bsw_user_id=2bc77ec1-1b8a-492a-a8e9-13ff962d1fec&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=55851cb9-2b78-41de-82c5-3741697a0521&ssp=onetag&gdpr=0 HTTP 302
https://onetag-sys.com/match/?int_id=30&uid=2bc77ec1-1b8a-492a-a8e9-13ff962d1fec&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 343

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu

Request Chain 345

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://usersync.gumgum.com/usersync?b=apn&i=9151607127440319276

Request Chain 346

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_5991c293-fdb1-47f7-8b2e-7b2ed0bc47d0&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1

Request Chain 351

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=opx&i=6e69714f-4e78-0d23-0d18-b84502769743

Request Chain 352

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=oth&i=y-LHJdPshE2pdMAQxlCKGya2GPQxuPZeiN6A9y~A

Request Chain 356

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://usersync.gumgum.com/usersync?b=idi&i=7772982b-b393-4343-9871-06b288e8b54c

Request Chain 362

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=ttd&i=e3707cb1-3f6a-4e6f-9166-acd9967ce73c

Request Chain 363

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://usersync.gumgum.com/usersync?b=mmh&i=7ecc647a-b7c0-4900-805a-c63e83b5dacd&gdpr=0&gdpr_consent=

Request Chain 370

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 373

https://ib.adnxs.com/getuid?%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D578434%26t%3Dimage%26uid%3D%24UID%26us_privacy%3D1YN- HTTP 302
https://sync.adkernel.com/user-sync?zone=181225&dsp=578434&t=image&uid=9151607127440319276&us_privacy=1YN-

Request Chain 374

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=LIFGDKTP-25-DSTK HTTP 302
https://u.4dex.io/setuid?bidder=rubicon&uid=LIFGDKTP-25-DSTK

Request Chain 378

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://onetag-sys.com/match/?int_id=1&uid=7ecc647a-b7c0-4900-805a-c63e83b5dacd&gdpr=1&gdpr_consent=

Request Chain 380

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=9151607127440319276

Request Chain 385

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=29&uid=e3707cb1-3f6a-4e6f-9166-acd9967ce73c&gdpr=0&gdpr_consent=

Request Chain 389

https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LIFGDKTP-25-DSTK HTTP 302
https://usersync.gumgum.com/usersync?b=mag&i=LIFGDKTP-25-DSTK

388 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request ainw78r4 Show response
pastelink.net/ 29 KB
8 KB 593ms
275ms Document
text/html 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://pastelink.net/ainw78r4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

7715becf53af5ec08ec32c3766be0c834e03882718742e6f10c4c2fb7178a75c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 03 Jun 2023 03:47:05 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 435ms
148ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

69a381cd93cfeb0c48bcb2ad2f0c89536f91693f38f3f231b7009e2a2e05bd7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 03 Jun 2023 03:47:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 03 Jun 2023 03:47:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 03 Jun 2023 03:47:05 GMT

GET
H2 200 styles.css
pastelink.net/assets/css/ 121 KB
121 KB 181ms
180ms Stylesheet
text/css 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://pastelink.net/assets/css/styles.css?q=36

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

ec237517566b85a5797425cebe748d7248a7d8c698bdb113f9615946b7434a78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/ainw78r4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-1e436"
content-type: text/css
accept-ranges: bytes
content-length: 123958

GET
H2 200 jquery-3.6.0.min.js Show response
pastelink.net/assets/js/ 87 KB
88 KB 363ms
363ms Script
application/javascript 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://pastelink.net/assets/js/jquery-3.6.0.min.js

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/ainw78r4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-15d9d"
content-type: application/javascript
accept-ranges: bytes
content-length: 89501

GET
H2 200 script.min.js Show response
pastelink.net/assets/js/ 41 KB
41 KB 157ms
157ms Script
application/javascript 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://pastelink.net/assets/js/script.min.js?q=36

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

190d542d8e593c755fd16e67ca62583e183957829dfb69cc2e00c7bf67df237d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/ainw78r4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-a225"
content-type: application/javascript
accept-ranges: bytes
content-length: 41509

GET
H2 200 js.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/js-cookie/latest/ 2 KB
1 KB 424ms
140ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/js-cookie/latest/js.cookie.min.js

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 28617568
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 772
last-modified: Mon, 04 May 2020 16:11:49 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec5-6d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SQVXVIXSkv0o5yCM5WBeR1pV90ZvaxxATYRS6NtDGOCQpS8u5zbPN4xe57jiJkkDPrp2mn0JFIV%2BFsVQXa49vTV9PwaHRDHDO9PLj53%2Fuf9vIHk705JnOEzvi3YGfVo5j39VYzb5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d14f3e71b785c80-FRA
expires: Thu, 23 May 2024 03:47:05 GMT

GET
H2 200 css2
fonts.googleapis.com/ 779 B
437 B 434ms
149ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Aboreto:wght@400&display=swap

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

eba2579372e73b41f91acb7b0e9c305594bdc1dec04ceb67197fd6c1ed8412aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 03 Jun 2023 03:47:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 03 Jun 2023 03:47:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 03 Jun 2023 03:47:05 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 906 B
890 B 444ms
145ms Script
text/javascript 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=captchaLoaded

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

GSE /

Resource Hash

69cb4bfebd43911228905122f2bfef5151d517fe9927836bb2315574a19498be

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 570
x-xss-protection: 1; mode=block
expires: Sat, 03 Jun 2023 03:47:05 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 196 KB
70 KB 456ms
146ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

d3ddd33ae3966c65f18a2fafa1745ff8091fcf835b2a04dcadb1ca71b76127a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71011
x-xss-protection: 0
last-modified: Sat, 03 Jun 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 03 Jun 2023 03:47:05 GMT

GET
H2 200 pastelink.js Show response
cdn4.buysellads.net/pub/ 538 KB
150 KB 446ms
138ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.buysellads.net/pub/pastelink.js?1685763600000
Requested by: Host: pastelink.net
URL: https://pastelink.net/ainw78r4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 87d9185e6420ea49cfdc302186098ee24927973c5371b2cb728596623fadec6c

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:05 GMT
content-encoding: gzip
last-modified: Sat, 03 Jun 2023 03:13:32 GMT
server: AmazonS3
x-amz-request-id: ZS9R8H13JH473EG9
etag: "e7d9b9a5eee24d3361bc867c20184987"
x-amz-server-side-encryption: AES256
x-hw: 1685764025.cds265.fr8.hn,1685764025.cds149.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 153622
x-amz-id-2: qinAli3DitjUQLV87pmooBVss/V2lhbqdjmJtU/FPfXDxJW43n6DX+ycXAoQesO+nfkmaQnTjrg=

GET
H2 200 recaptcha__ka.js Show response
www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/ 442 KB
167 KB 450ms
134ms Script
text/javascript 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__ka.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=captchaLoaded

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

711c35af5f7b272178c789afc368d666a478bcff8123cb8e814242cc855be756

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastelink.net/
Origin: https://pastelink.net
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 May 2023 13:20:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 224808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170369
x-xss-protection: 0
last-modified: Tue, 30 May 2023 00:01:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 30 May 2024 13:20:17 GMT

GET
H2 200 debut_light.png
pastelink.net/assets/images/ 4 KB
4 KB 156ms
156ms Image
image/png 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/debut_light.png

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=36

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

c24ccee9a35eef9e74411eac871935bdff6bcb895cce80b754b66d3e4292a3ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-10c8"
content-type: image/png
accept-ranges: bytes
content-length: 4296

GET
H2 200 pastelink-logo.svg
pastelink.net/assets/images/logo/ 3 KB
3 KB 157ms
157ms Image
image/svg+xml 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/logo/pastelink-logo.svg

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=36

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

01408f8061623faa6d2c0f015cd23483c3aa363c095e152f613ed94c87a5803d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-d3d"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 3389

GET
DATA 200
OK truncated
/ 16 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13100cd3879e5c1385581d7c88153e60cd7c3e4b0578fe2838daa56da689769b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 arrow-down-blue.svg
pastelink.net/assets/images/ 239 B
409 B 155ms
155ms Image
image/svg+xml 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/arrow-down-blue.svg

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=36

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

50a60e5e5f2e8f10a2f8685031ec9849ba8faff613139f3a402e89f25ccbbabc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-ef"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 239

GET
H2 200 moon.svg
pastelink.net/assets/images/ 2 KB
2 KB 154ms
154ms Image
image/svg+xml 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/moon.svg

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=36

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

ed6cd01c384db70bedbe24986aa85b0745f994ad71b7e5712f8a60e1ff457d7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-62e"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1582

GET
H2 200 public-black.svg
pastelink.net/assets/images/ 578 B
748 B 155ms
154ms Image
image/svg+xml 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/public-black.svg

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=36

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

57226adbc32c91a8cd4ec9ee08e4f155f3450e79256731c04f81709a58c4c1fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-242"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 578

GET
H2 200 social-spritesheet.png
pastelink.net/assets/images/ 28 KB
28 KB 160ms
160ms Image
image/png 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/social-spritesheet.png

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=36

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

8af24d7350dbdc8eea22e4737deaa35a795b19b0560d7173113bec7e8a3effb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-70de"
content-type: image/png
accept-ranges: bytes
content-length: 28894

GET
H2 200 logo-bg-90-tl.svg
pastelink.net/assets/images/ 2 KB
2 KB 161ms
161ms Image
image/svg+xml 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/logo-bg-90-tl.svg

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=36

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

1c9e4c65f9d921b1c0829958cc7b2f307a3e22ac7a23e8315b6db4c0954e1107

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-933"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 2355

GET
H2 200 pastelink-logo-contrast.svg
pastelink.net/assets/images/logo/ 4 KB
4 KB 161ms
161ms Image
image/svg+xml 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/logo/pastelink-logo-contrast.svg

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=36

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

3a73b36061944ebbb33696553917d393280f796e212afcd09057b441c1168606

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-e31"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 3633

GET
H2 200 logo-symbol-non-white-bg.svg
pastelink.net/assets/images/ 4 KB
5 KB 161ms
161ms Image
image/svg+xml 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/logo-symbol-non-white-bg.svg

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=36

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

15f20e02ef301e62ed325d633f971c506dcf1be3458c2371b849b505bb8673dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-11c0"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 4544

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 448ms
136ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pastelink.net
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 18:06:15 GMT
x-content-type-options: nosniff
age: 121251
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 May 2024 18:06:15 GMT

GET
H2 200 5DCXAKLhwDDQ4N8bpKPUAg.woff2
fonts.gstatic.com/s/aboreto/v2/ 15 KB
15 KB 516ms
205ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/aboreto/v2/5DCXAKLhwDDQ4N8bpKPUAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Aboreto:wght@400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

8755c709d7487eb939f907d404d1f752a17587c92d61aa6ebdcaa42387699a34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pastelink.net
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 22:32:28 GMT
x-content-type-options: nosniff
age: 18878
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15324
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 02:22:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Jun 2024 22:32:28 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 544ms
233ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pastelink.net
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 27 May 2023 06:24:35 GMT
x-content-type-options: nosniff
age: 595351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 May 2024 06:24:35 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 460ms
150ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pastelink.net
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 27 May 2023 15:41:35 GMT
x-content-type-options: nosniff
age: 561931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 May 2024 15:41:35 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 431ms
138ms Script
text/javascript 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 03 Jun 2023 02:35:30 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 4296
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Sat, 03 Jun 2023 04:35:30 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 229 KB
80 KB 147ms
146ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

593b722e4095ebaa09ec7b8db338e9c117d138004cf566c73b72732a3868391a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81986
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 03 Jun 2023 03:47:06 GMT

GET
H2 200 tag Show response
btloader.com/ 22 KB
8 KB 447ms
160ms Script
application/javascript 104.26.7.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1685763600000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.139 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b3a9821ec1a4a4030cbbcb0096ede6904ef26cd2d797fa218e700583bf05d31

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:06 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 03 Jun 2023 03:05:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2498
etag: W/"7e0a92e42bdfb7adc927a0e8d1039ab3"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nbdzGNdGyvB%2Fd3WaHWchR9IzeSXWZYLZL6pCqPV1cZUB7WhCCBaxuMUnHTZ6%2Bz2VCSXYcPr1S0jN3MbLObQ35yMRLStTP%2BX22yHLGyX9uvpNn%2FgyNVe14YTDjO8r6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7d14f3ee78c035f4-FRA

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 76 KB
25 KB 456ms
173ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1685763600000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e747d662e395b92feaec803e95f773f4d9d627df5fc556599f29fb4015bc494e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25281
x-xss-protection: 0
server: cafe
etag: 491 / 19511 / 31075020 / config-hash: 2362657388836249790
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 03:47:06 GMT

GET
H2 200 acceptable.gif
cdn4.buysellads.net/ 43 B
287 B 138ms
137ms Image
image/gif 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/acceptable.gif?ch=1&rn=6.333368457305505
Requested by: Host: pastelink.net
URL: https://pastelink.net/ainw78r4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:06 GMT
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
server: AmazonS3
x-amz-request-id: J04VQJ53QFZS83JH
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-hw: 1685764026.cds265.fr8.hn,1685764026.cds232.fr8.c
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=129
accept-ranges: bytes
content-length: 43
x-amz-id-2: Fz6NTnGbSrS4GMPvMN8GykSU5NUhLgjNs81erpMQEOAsRGD6+rdkGA151nwHAlMxxmIn8nUqZ78=

GET
H2 200 acceptable.gif
cdn4.buysellads.net/ 43 B
102 B 139ms
138ms Image
image/gif 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/acceptable.gif?ch=2&rn=6.333368457305505
Requested by: Host: pastelink.net
URL: https://pastelink.net/ainw78r4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:06 GMT
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
server: AmazonS3
x-amz-request-id: J04VQJ53QFZS83JH
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-hw: 1685764026.cds265.fr8.hn,1685764026.cds232.fr8.c
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=129
accept-ranges: bytes
content-length: 43
x-amz-id-2: Fz6NTnGbSrS4GMPvMN8GykSU5NUhLgjNs81erpMQEOAsRGD6+rdkGA151nwHAlMxxmIn8nUqZ78=

POST
H2 204 collect
www.google-analytics.com/g/ 0
169 B 251ms
224ms Ping
text/plain 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-S3DKHVPF03&gtm=45je35v0&_p=281023327&cid=950220863.1685764027&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1685764026&sct=1&seg=0&dl=https%3A%2F%2Fpastelink.net%2Fainw78r4&dt=10%20Top%20Mobile%20Apps%20For%20Small%20American%20Fridge%20Freezers%20-%20Pastelink.net&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
329 B 430ms
143ms Image
image/gif 104.26.2.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: pastelink.net
URL: https://pastelink.net/ainw78r4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 593933
x-guploader-uploadid: ADPycdvro_DwRxT_Br0Skpvaw8cpnJbx6bo-pAn6xAmjgFTsIdShyUilOSMOPi8r905kHylNuwuT1giagd7eelg0YwsAFQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wu%2B2Y2GC5sbzEvrTk3nzJvIU0Ly9OqdoaW6rDnqlASxJoG35wQNILC%2B8HMG%2BRbCZD2kTzyhpD7Q7xk6RNVOUs%2BSYP1g2kjMdAODadhly2OpPQ5VvIMcz0rm2gpIa%2BjszNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7d14f3f15ddc362b-FRA
expires: Sat, 27 May 2023 07:22:40 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 429ms
135ms Image
image/x-icon 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 17:17:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37772
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 03 Jun 2023 17:17:35 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
919 B 427ms
140ms Image
image/gif 104.26.2.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.19895665448106858
Requested by: Host: pastelink.net
URL: https://pastelink.net/ainw78r4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 593933
x-guploader-uploadid: ADPycdvro_DwRxT_Br0Skpvaw8cpnJbx6bo-pAn6xAmjgFTsIdShyUilOSMOPi8r905kHylNuwuT1giagd7eelg0YwsAFQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uIhoaaL2Gv0vdGzHrTfqJYRyucFN5R%2FKC%2BO5Yf9AePX%2BIq14JkoEsulXUiM9pWXGqh4wu6AM%2BnK8uSnvrq5X933hpZYQgosm6SyBzow%2F%2FyUxBjmOTuOa2i5iVqBZXxtxZA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7d14f3f15ddd362b-FRA
expires: Sat, 27 May 2023 07:22:40 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
93 B 150ms
149ms XHR
text/plain 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=281023327&t=pageview&_s=1&dl=https%3A%2F%2Fpastelink.net%2Fainw78r4&ul=en-us&de=UTF-8&dt=10%20Top%20Mobile%20Apps%20For%20Small%20American%20Fridge%20Freezers%20-%20Pastelink.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=610352175&gjid=1835230362&cid=950220863.1685764027&tid=UA-55088947-2&_gid=141431920.1685764027&_r=1&_slc=1&gtm=45He35v0n8155WHPWQ&z=607432478

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/ 406 KB
126 KB 424ms
136ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

7e36af7b80897b61ec68d3c4e222b6367a4fea0143dbca2c6884aa4623feb040

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 10:09:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63433
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128353
x-xss-protection: 0
server: cafe
etag: 2840082887590536516
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 01 Jun 2024 10:09:54 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 72 B
601 B 427ms
143ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=pastelink.net

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

9613f838798d1aed5da373796f9180a1531b4670d6762a7db38dde12ae032934

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59
x-xss-protection: 0
expires: Sat, 03 Jun 2023 03:47:07 GMT

GET
H2 200 country Show response
api.btloader.com/ 16 B
141 B 546ms
256ms Fetch
application/json 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 45b5465229b3d2f0348a4cfcd69e52df10b6059122d41cff6f9854a30bf111cf

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:07 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
128 B 540ms
251ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=7TK5wBvZYl&w=5093624318001152&o=5102648370397184&cv=2.1.12-7-gb1eec29&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fpastelink.net%2Fainw78r4&sid=GVBw7uzOb&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 03 Jun 2023 03:47:07 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 CWYD627N.json Show response
srv.buysellads.com/ads/ 930 B
689 B 672ms
219ms Fetch
application/json 104.131.3.131
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.buysellads.com/ads/CWYD627N.json?forcebanner=499288&ignoretargeting=yes
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1685763600000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.131.3.131 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-us-ny-25.buysellads.com
Software: //srv.buysellads.com /
Resource Hash: 90bb9a38c12c46bb7f9e0977218ebc65667c33895ebdc7af1014faf064ecfcd0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:08 GMT
content-encoding: gzip
server: //srv.buysellads.com
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: *
content-length: 552

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1010 B 425ms
141ms Script
application/javascript 104.26.9.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1685763600000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 03:47:07 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 735163
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5tNYRDFa9lOCl1F4KXrtNVn0PvBefw6%2F1lv%2B5StkLy3lVzWW59wpcNLbJmEtiRg7WEEp2XvKgGFY%2F9QbyUpc4v7%2Bxx1H%2B6ha%2F0eNSKuDVHi7fXosGD%2BiHsQGBc7Pv3eE"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 7d14f3f65cc26916-FRA

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 59 KB
21 KB 640ms
341ms XHR
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU18831I
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1685763600000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 28b20a6696a36e540bdbc0a6f989b7e93ab0c66d30cbe0af32d1d3d762adb2c6

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:08 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://pastelink.net
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 03 Jun 2023 03:47:08 GMT

POST
H2 200 adreq Show response
ads.servenobid.com/ 98 B
429 B 497ms
159ms XHR
application/json 34.243.181.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=611
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1685763600000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.181.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-181-201.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 19d7bb29f100cf81601e827d2c47694eb4374461c541231a39567f000acc3781

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 03 Jun 2023 03:47:07 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://pastelink.net
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
501 B 420ms
137ms XHR
application/json 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1685763600000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://pastelink.net
content-type: application/json
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 prebid Show response
mp.4dex.io/ 173 B
1 KB 446ms
158ms XHR
application/json 104.18.2.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1685763600000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.2.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6576f8090223084669dfe00c4dd48db67a9745a34725fc5a16488e593dfb2e9

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-version: 3.0.0-gcp-ams
date: Sat, 03 Jun 2023 03:47:07 GMT
x-err: Shapings: no adunits with size and seat and mapping
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: gzip
x-warn: Process Floors. 3 inventory rules not found for mediatype: banner and adUnitCode: bsa-zone_1675868039084-1_123456, Process Floors. 13 inventory rules not found for mediatype: banner and adUnitCode: bsa-zone_1675868173958-4_123456, Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: bsa-zone_1675868324828-7_123456, Process Seats Booster. unable to get the seat booster engine for organization: 1116
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7d14f3f6883c18c5-FRA
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 12 KB
5 KB 657ms
223ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=2&alt_size_ids=1%2C55&rp_schain=1.0,1!buysellads.com,16898,1,,,&rf=https%3A%2F%2Fpastelink.net%2Fainw78r4&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2Fainw78r4&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_FixedFooter_ROS%23bsa-zone_1675868039084-1_123456&tk_flint=pbjs_lite_v7.43.0&x_source.tid=0246b1ac-8d6d-4a58-b1c8-38712f503681&l_pb_bid_id=283e789608bbe4e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_FixedFooter_ROS%23bsa-zone_1675868039084-1_123456&slots=1&rand=0.12786685647738083
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1685763600000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 1209e8df955092339aeba999cf8c3a80ba1903dee546f632bac2542e3a198fe1

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:08 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://pastelink.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 12 KB
5 KB 658ms
225ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=15&alt_size_ids=2%2C1%2C16%2C232&rp_schain=1.0,1!buysellads.com,16898,1,,,&rf=https%3A%2F%2Fpastelink.net%2Fainw78r4&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2Fainw78r4&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_TopLeaderboard_ROS%23bsa-zone_1675868173958-4_123456&tk_flint=pbjs_lite_v7.43.0&x_source.tid=b30722b3-0e51-498a-8f1a-e8b141a90588&l_pb_bid_id=2937de0e268907f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_TopLeaderboard_ROS%23bsa-zone_1675868173958-4_123456&slots=1&rand=0.5140775056108424
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1685763600000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 54bd2622fe309bd6559c1ef6ef8b23af2732d7bed7b9a719d7888ebdf3e992f8

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:08 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://pastelink.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 425 B
740 B 656ms
223ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=15&alt_size_ids=9%2C8%2C10%2C16&rp_schain=1.0,1!buysellads.com,16898,1,,,&rf=https%3A%2F%2Fpastelink.net%2Fainw78r4&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2Fainw78r4&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_Sidebar_ROS%23bsa-zone_1675868324828-7_123456&tk_flint=pbjs_lite_v7.43.0&x_source.tid=689f4e8c-11f5-4b53-818f-02f5d29a0c40&l_pb_bid_id=3045fb5098bb98d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_Sidebar_ROS%23bsa-zone_1675868324828-7_123456&slots=1&rand=0.1045745284723143
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1685763600000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b8a04e09c35af2dbd3c709452d04a7eb17ff5f3552300703b2799ee2c9066c86

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:08 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://pastelink.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 425
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 429 B
969 B 635ms
204ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=15&alt_size_ids=10%2C16%2C53%2C67%2C101%2C102%2C221&rp_schain=1.0,1!buysellads.com,16898,1,,,&rf=https%3A%2F%2Fpastelink.net%2Fainw78r4&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2Fainw78r4&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_Interstitial_ROS%23bsa-zone_1675868453109-5_123456&tk_flint=pbjs_lite_v7.43.0&x_source.tid=3cfea37c-9cfd-4484-8d41-1471c7fe29bc&l_pb_bid_id=31d20cad405395f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_Interstitial_ROS%23bsa-zone_1675868453109-5_123456&slots=1&rand=0.7483927192098945
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1685763600000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ffb6d0e1885823ebb03b07088deb27ed7ee1f676694f51b5e08730ff282a9130

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:08 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://pastelink.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 429
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
114 B 496ms
196ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1685763600000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pastelink.net
date: Sat, 03 Jun 2023 03:47:08 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 2 KB
941 B 453ms
162ms XHR
application/json 185.255.84.150
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fpastelink.net%2Fainw78r4&PageUrl=https%3A%2F%2Fpastelink.net%2Fainw78r4&PageReferrer=https%3A%2F%2Fpastelink.net%2Fainw78r4

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1685763600000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.150 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

c508d41fa81abac03815dcbd5dd40d3230e463c0a97b6eaad09ca3e8033244f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 03 Jun 2023 03:47:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO PSA OUR"
x-envoy-upstream-service-time: 19
content-length: 481
pragma: no-cache
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 55 KB
19 KB 625ms
339ms XHR
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1685763600000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

bd9266972f4458fcbaa9d5df1411763e6a604760e1b00ce7924285bfbcc44e96

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 03 Jun 2023 03:47:08 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.239.206.129; 91.239.206.129; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: b6e06c17-6b5b-403f-acc3-5290797403a9
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://pastelink.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 462ms
149ms XHR
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.43.0&cb=58846571480&lsavail=1

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1685763600000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pastelink.net
date: Sat, 03 Jun 2023 03:47:07 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 1 KB
2 KB 572ms
214ms XHR
application/json 81.17.55.161
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1685763600000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.161 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 6420465ffff2c0b8e84f01b8698179fea1ec3dbe6b96eeba4dd5a1e00c17b28f

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:07 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://pastelink.net
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 832 B
2 KB 566ms
209ms XHR
application/json 81.17.55.161
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1685763600000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.161 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 78cbbc7d0adde704bf4055cd69c9e0babbe82c098095a14e2a134e107bf00d04

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:07 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://pastelink.net
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 1 KB
2 KB 560ms
204ms XHR
application/json 81.17.55.161
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1685763600000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.161 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 0b6ec55549de7de68f78072abb5e89be3c66db048b22bc23b21c43aa8ba6fd9c

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:07 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://pastelink.net
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 1 KB
2 KB 560ms
205ms XHR
application/json 81.17.55.161
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1685763600000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.161 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e97356a6e1eb188d0f66c77637f081fbb7c337b5288827a7e6a36408cc26ccdd

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:07 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://pastelink.net
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 958 B
2 KB 570ms
210ms XHR
application/json 81.17.55.161
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1685763600000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.161 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: c5f7b5460c36d5936a9c0890fbbff985686059cddb7b31d6b42d6d121cb8890c

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:07 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://pastelink.net
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 74 KB
23 KB 418ms
147ms Fetch
application/javascript 104.26.9.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 03:47:08 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2408118
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 15:43:17 GMT
Server: cloudflare
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZPd0sQ4it1DN0MpkuVI2%2FU8EU%2Bri4W71PUb4Rii2hI4gqk4NSjnXv%2BFeHIXZ6Ki8D0a1P0s6AwW8PmmPP2u9%2FUFBNzfmP419eIt1%2BNyx4HevMBkSxJYOM7drpN%2BFM6H2"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 7d14f3f8ea03994b-FRA

GET
H2 200 integrator.js Show response
adservice.google.ge/adsid/ 107 B
531 B 471ms
182ms Script
application/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ge/adsid/integrator.js?domain=pastelink.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 424ms
145ms Script
application/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pastelink.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 93 KB
16 KB 326ms
325ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2139559599567410&correlator=518446424808494&eid=31075020%2C21065725&output=ldjh&gdfp_req=1&vrg=202305310101&ptt=17&impl=fifs&iu_parts=22405481091%2CPastelink_S2S_FixedFooter_ROS%2CPastelink_S2S_TopLeaderboard_ROS%2CPastelink_S2S_Sidebar_ROS%2CPastelink_S2S_Interstitial_ROS%2CPastelink_S2S_TopAnchor_ROS&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=728x90%7C970x90%7C980x90%7C990x90%7C468x60%2C320x50%7C728x90%7C468x60%7C728x200%7C580x400%7C750x280%7C760x280%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C300x250%7C336x280%2C320x50%7C120x600%7C160x600%7C300x600%7C300x250%7C336x280%7C240x600%2C1x1%2C1x1&fluid=0%2Cheight%2Cheight%2C0%2C0&ifi=1&adks=840525636%2C3944560474%2C3798138915%2C1897443797%2C1230872867&sfv=1-0-40&ists=3&fas=0%2C0%2C0%2C8%2C2&prev_scp=optimize_ad_unit_id%3Dbsa-zone_1675868039084-1_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26hb_size%3D728x90%26hb_pb%3D0.02%26hb_creative%3D2249%253A495522629%26hb_adid%3D7364fed27d1324%26hb_bidder%3Drubicon%26_bd%3Dbid%26_pl%3D0.02%26hb_size_appnexus%3D970x90%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D6759a053bb0ad7d%26hb_bidder_appnexus%3Dappnexus%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.02%26hb_adid_rubicon%3D7364fed27d1324%26hb_bidder_rubicon%3Drubicon%7Coptimize_ad_unit_id%3Dbsa-zone_1675868173958-4_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26hb_size%3D728x90%26hb_pb%3D0.02%26hb_creative%3D2249%253A495522629%26hb_adid%3D749e5a2038cbb41%26hb_bidder%3Drubicon%26_bd%3Dbid%26_pl%3D0.02%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D68e74efc9dc5cb8%26hb_bidder_appnexus%3Dappnexus%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.02%26hb_adid_rubicon%3D749e5a2038cbb41%26hb_bidder_rubicon%3Drubicon%7Coptimize_ad_unit_id%3Dbsa-zone_1675868324828-7_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26hb_size%3D300x600%26hb_pb%3D0.01%26hb_creative%3D16243_16_489137002%26hb_adid%3D7565690f3f9b001%26hb_bidder%3Dmedianet%26_bd%3Dbid%26_pl%3D0.01%26hb_size_appnexus%3D120x600%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D695919fbcfee174%26hb_bidder_appnexus%3Dappnexus%26hb_size_medianet%3D300x600%26hb_pb_medianet%3D0.01%26hb_adid_medianet%3D7565690f3f9b001%26hb_bidder_medianet%3Dmedianet%7Coptimize_ad_unit_id%3Dbsa-zone_1675868453109-5_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1678879398722-5_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0&eri=1&cust_params=optimize_refreshed%3Dfalse%26optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Dtech%26optimize_env%3Dprod%26optimize_pub%3Dpastelink%26optimize_xp%3Da&sc=1&cookie_enabled=1&abxe=1&dt=1685764028381&lmt=1685764028&dlt=1685764025101&idt=2413&adxs=-12245933%2C310%2C1091%2C-9%2C-9&adys=-12245933%2C345%2C521%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C0%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpastelink.net%2Fainw78r4&frm=20&vis=1&psz=1600x-1%7C705x424%7C168x607%7C0x-1%7C0x-1&msz=0x-1%7C705x250%7C120x600%7C0x-1%7C0x-1&fws=644%2C4%2C4%2C2%2C2&ohw=1600%2C1600%2C1600%2C0%2C0&ga_vid=950220863.1685764027&ga_sid=1685764028&ga_hid=281023327&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

683b147c774e235519c6d398fb8a26f766755df6c82761780c96dd1e11f2cd9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16219
x-xss-protection: 0
google-lineitem-id: 6242989371,6242989371,6244825801,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138425476193,138425476163,138425476187,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 444ms
156ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305310101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

48ed2c6d3ef6649f999073af402435bcd95124782769fc15e281fbb9363c9441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11151
x-xss-protection: 0

GET
H2 200 container.html Show response
d76d6cdd8769bd7fcf9cb73f68deb2c2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CDE8 6 KB
3 KB 462ms
152ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d76d6cdd8769bd7fcf9cb73f68deb2c2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 03:47:08 GMT
expires: Sun, 02 Jun 2024 03:47:08 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/ 37 KB
13 KB 136ms
135ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl_page_level_ads.js?cb=31075020

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

84b074e376918a479145a8c4893f03bf47bfd37d95feb79e7f9874bbb1322c50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 10:38:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61728
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13051
x-xss-protection: 0
server: cafe
etag: 18347022923756847196
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 01 Jun 2024 10:38:20 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6D7E 0
0 177ms
177ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss8KsCBurPKA3Pk9ielHjb1LnLB3StwR8Bmtm4XvcQet_WngM3bfZVemvSwcUqcHGDY_X7xWf5iTvMPxtM2RXm6TSEQJ57dPr4GyRm2QAyYRIfBaQiniIpZ23bW2s3gY3YZJQUirCFJQuJQp9K47OEVMc4x3b2sejE3Wf0sd8nRraH1piAukvONWbz1sDIWHU2YMC4MS5eHJjaqyUOD9oBF0R8r88nRikf5NAUj2QrQPPyvU-JgmOy-a6TPSTekapLi327pMEgMf3d8SBdlqLExKwGCJiCPPfq_jK9Gckb_Fg8PVPd1iCFfVGld5buCDSS2IRD7gOqyGsL4kDomfDYIadE&sai=AMfl-YQZ62pL7GZ5RueuFhWuTryFIYETHLIDeNfXOWinquvgtVtoh8v-j9pwKQdOpMnH0wo-3rbsB9vyq0c4BfnyAxum4_YZfW3NcNJUhivbD03ACvOCd5N4v_AEespJ46WbuRvacLzK4Flzh2lNoXAi&sig=Cg0ArKJSzD46QEKVC5HpEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 03 Jun 2023 03:47:08 GMT

GET
H2 200 prebid-universal-creative.js Show response
cdn4.buysellads.net/pub/ Frame 6D7E 26 KB
9 KB 138ms
137ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.buysellads.net/pub/prebid-universal-creative.js?1.13.0
Requested by: Host: pastelink.net
URL: https://pastelink.net/ainw78r4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: e417e17ee4f36fa52cf13a91cbf4f3b65b0c896dd1e50c93315037a43e7011d8

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:08 GMT
content-encoding: gzip
last-modified: Fri, 02 Jun 2023 18:56:23 GMT
server: AmazonS3
x-amz-request-id: RB3JYN17YAVTWZ6K
etag: "658d5742b0fccd40a316f308b025b02a"
x-amz-server-side-encryption: AES256
x-hw: 1685764028.cds265.fr8.hn,1685764028.cds248.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 8892
x-amz-id-2: Lpt+9lnHe9KYLbRxsknnPnYbZa/VDqBl1972VhrXHuBFBcfOe4+ESgyVuRHaGuHhOJkuFLXIOgzhfRo4+P0BwQ5yLyqbHHpiVl/iSddjmVE=

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6D7E 171 KB
53 KB 156ms
154ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Jun 2023 03:47:08 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3BA9 0
0 184ms
183ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBU4SeOpXSGw-TG4OY96Rrx01Nw90ZudVaqvafxop8aJSa40d6RKimbjV0aYjuYDcKX7JG1RE29SE4nQ3LPW7qyTpBFU0s1BlMOWW8Kq5vpl2yKbYnkG5aUE0yXIMQqflPXW22fkBntE1xKD848GXPnRUzacA6CYHLXPAdneE6eO1Irhpa7t_Z2meFR74g-mNQB714aQ5gJ4TMztT0REqQx8byAt8f3kvjg7RY-8m_i_DK2kaN13WdFaBPQ2z0-hCIRtsGpqOmj7kZYQjZkZgdQyWW3a1c1dYb52nuIuFMeJAwiA_XeJmtLVNsxvNvE4c2ttbfSIrt_YaKqeWh44oe96Mxotw&sai=AMfl-YQ-xBnMVQrO_rjSBr9YE4ZJwveg90UUi5yeQT47UXTCLcip7YeZETcsMe0AdVS9PvZ7OOS6_Pius94sGL30xxwbqmROIsZiw3f9oZq3-_fXb20C-5m7ifzKxJP8Xw9yLCKpri-cJjtz-EioEurp&sig=Cg0ArKJSzILWI-BUmR9tEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 03 Jun 2023 03:47:08 GMT

GET
H2 200 prebid-universal-creative.js Show response
cdn4.buysellads.net/pub/ Frame 3BA9 26 KB
9 KB 137ms
136ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.buysellads.net/pub/prebid-universal-creative.js?1.13.0
Requested by: Host: pastelink.net
URL: https://pastelink.net/ainw78r4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: e417e17ee4f36fa52cf13a91cbf4f3b65b0c896dd1e50c93315037a43e7011d8

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:08 GMT
content-encoding: gzip
last-modified: Fri, 02 Jun 2023 18:56:23 GMT
server: AmazonS3
x-amz-request-id: RB3JYN17YAVTWZ6K
etag: "658d5742b0fccd40a316f308b025b02a"
x-amz-server-side-encryption: AES256
x-hw: 1685764028.cds265.fr8.hn,1685764028.cds248.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 8892
x-amz-id-2: Lpt+9lnHe9KYLbRxsknnPnYbZa/VDqBl1972VhrXHuBFBcfOe4+ESgyVuRHaGuHhOJkuFLXIOgzhfRo4+P0BwQ5yLyqbHHpiVl/iSddjmVE=

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3BA9 171 KB
53 KB 229ms
228ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Jun 2023 03:47:08 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9791 0
0 175ms
174ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsskxDwwB4Lkx7JEqU5TLaellcI6L3DdW2Hcq8bRpbLVDnzNsygUHqrHCHaB6MlMU_IdN18kPtnJlMHRYmCcvzy2YbjZRwSZTt6MhGaVr3ClqyeXAG62pEQGa-iSMx77zvP9BpxZj_2gw8mNv3VebqhfeOFd2ZU_-9Gn5WJoeMRkKba2WAzql8FRuWOLfiH6a2Anm_USuU8N_N3u6T-ONnBeY8dSRzsDOX-fGhTkIs89PuRYsZtBVyVTKNhtMduU4I5totzuM-5OT343RLin6EB_0QeL8ml29CA21xxExQX2LR5P_sCYG3nQI32Vux6DKP65UWh-SVSTKsulZOzooA&sai=AMfl-YSjFyxTkUaa_CeqBasC4MP-d7zKrtA9saQGAbMYdHNy1KrwIohK0YBFZf-QesQ-Jayi2CA6r9zU27MateJhOatvWKqzM0LUbf1hXAxX6NSKSjym9i8jVqOXLHHTQyvk3Ar8iKfmDIZ6EBJFNOUz&sig=Cg0ArKJSzFoQPitbZTwVEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 03 Jun 2023 03:47:08 GMT

GET
H2 200 prebid-universal-creative.js Show response
cdn4.buysellads.net/pub/ Frame 9791 26 KB
9 KB 139ms
137ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.buysellads.net/pub/prebid-universal-creative.js?1.13.0
Requested by: Host: pastelink.net
URL: https://pastelink.net/ainw78r4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: e417e17ee4f36fa52cf13a91cbf4f3b65b0c896dd1e50c93315037a43e7011d8

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:08 GMT
content-encoding: gzip
last-modified: Fri, 02 Jun 2023 18:56:23 GMT
server: AmazonS3
x-amz-request-id: RB3JYN17YAVTWZ6K
etag: "658d5742b0fccd40a316f308b025b02a"
x-amz-server-side-encryption: AES256
x-hw: 1685764028.cds265.fr8.hn,1685764028.cds248.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 8892
x-amz-id-2: Lpt+9lnHe9KYLbRxsknnPnYbZa/VDqBl1972VhrXHuBFBcfOe4+ESgyVuRHaGuHhOJkuFLXIOgzhfRo4+P0BwQ5yLyqbHHpiVl/iSddjmVE=

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9791 171 KB
53 KB 345ms
343ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Jun 2023 03:47:08 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 438ms
147ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 03 Jun 2023 03:47:09 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 186F 663 B
839 B 454ms
147ms Document
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6TkZIDEJ-qnukEGMWmpOwBMAE&v=APEucNXMl_GhgKmsj2QicK87QZ-B-4oripVNGxAN6_v3UcEpVwnsjyLStFLtNClVE0gR3dSvJy8rfVTiNuPJhUakiUSS5UeDaw

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

962d6dea088b031cd44d33f937adb5ba241a9435aa32a8be667d57482b8bbe1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 234
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 03:47:09 GMT
expires: Sat, 03 Jun 2023 03:47:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6D7E 78 KB
27 KB 430ms
154ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 03:47:09 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D7E 42 B
63 B 602ms
327ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CnqhF-7apAai1FoLufRyL4FgHkh3nA33voysI1qFoVm-zwcsPQoavD5QJTli4DacdCK-webnKgGidIYGh3a0-EcTwqaEOQfmKPZ8wPJ2GioNU2OUs

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D7E 0
20 B 597ms
322ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=642482739479847369&x=8&ct=2

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 19c42e09-5ec1-4bfa-b85b-de06d31f93da
beacon-fra2.rubiconproject.com/beacon/d/ Frame 6D7E 43 B
227 B 572ms
131ms Image
image/avif 69.173.144.152
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-fra2.rubiconproject.com/beacon/d/19c42e09-5ec1-4bfa-b85b-de06d31f93da?oo=0&accountId=18812&siteId=468716&zoneId=2765554&sizeId=2&e=6A1E40E384DA563B472B4DD89109D2B7E2DF0DB24B7ADFA4321DA486BBD24F9D28E48089A9A6F8BD5D91629BB0CDFC0E6D748C0D8D7FAA22297952A1DE87890D7E08C39EFFA8C44858F3483D31C5FB579237057FC271A37B1520A6D055085428426B6FD11C0F3360F4EF28738F5342FE1364222071679B60C3547147C2C52A13F8173AA165278123CB8B6715ED33BB3F4090FB3DD125BA4DD554346FEEA74F58E90E0001080F275000A21340809609735D415A130F62B234E82A954C1004678A

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.173.144.152 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:08 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/avif
cache-control: private, max-age=0, no-cache
content-length: 43
x-xss-protection: 1; mode=block
expires: 01 Jan 1970 10:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4C15 663 B
519 B 451ms
149ms Document
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6TkZIDEJ-qnukEGMWmpOwBMAE&v=APEucNXDOlTVxCrjRbZFZYZ6Vd9Csbo3Sxmu05126HFJ8PeS96ZM8mM3mm1SwRjV6ZFO-YbUrIo_Y40D7Ya7IZ1wWa62vnd4bQ

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

962d6dea088b031cd44d33f937adb5ba241a9435aa32a8be667d57482b8bbe1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 234
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 03:47:09 GMT
expires: Sat, 03 Jun 2023 03:47:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3BA9 78 KB
27 KB 500ms
236ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 03:47:09 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3BA9 42 B
63 B 589ms
325ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CNmgY5lcR_bUryfKyJAnYREhfnZoGJcRQoluk5j27IkxP8tkpenEq44GjFyN8m9CDeA-qtZDECsbGC4zw-Q86DQt1AbSBMUC81U1O30Ud9EeG0CO0

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3BA9 0
20 B 590ms
326ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1974257255291366749&x=8&ct=2

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 62f0534c-678b-421f-8883-05e19eb6cabc
beacon-fra2.rubiconproject.com/beacon/d/ Frame 3BA9 43 B
75 B 561ms
133ms Image
image/avif 69.173.144.152
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-fra2.rubiconproject.com/beacon/d/62f0534c-678b-421f-8883-05e19eb6cabc?oo=0&accountId=18812&siteId=468716&zoneId=2765554&sizeId=2&e=6A1E40E384DA563BCA63C13FD34FF1CCEEE76605D1002137B7DE3A674B57362A421F14B207A7E8D885618DA195E1EF84172DB22D3B21A9B50901415A3F3A45127E08C39EFFA8C44858F3483D31C5FB579237057FC271A37B1520A6D055085428426B6FD11C0F3360F4EF28738F5342FE47A04203CF4D0A4CFE8B0AE3580A11A6A75BAB7B50C50C38649504B0D0B1501B80697A836C87901B4AF49560D06FDA1FAE1664A2E0A9F57C7F3F8F1BF45A2376B314CCB945AFE8BBCDA10306204D320B

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.173.144.152 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:08 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/avif
cache-control: private, max-age=0, no-cache
content-length: 43
x-xss-protection: 1; mode=block
expires: 01 Jan 1970 10:00:00 GMT

GET
H/1.1 200
OK creativecop.js Show response
cdn-copclient-w.media.net/cc/ Frame D0AE 61 KB
20 KB 529ms
221ms Script
text/javascript 23.216.244.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-copclient-w.media.net/cc/creativecop.js?https=1
Requested by: Host: pastelink.net
URL: https://pastelink.net/ainw78r4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.244.55 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-216-244-55.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3e9c4be475b39f87c974ec496eda84ebdc28d903bfe6e398860e953d61b7d653

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: max-age=604800
Date: Sat, 03 Jun 2023 03:47:09 GMT
Content-Encoding: gzip
Server: nginx
Vary: accept-encoding
Content-Type: text/javascript;charset=utf-8
Cache-Control: max-age=1800, post-check=1800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 19998
Expires: Sat, 03 Jun 2023 04:17:09 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D0AE 42 B
63 B 570ms
322ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AnMJPPTu-Wv5QLvlZ0AIhBuczvhjaqyadcC8YQhSdn1DAfoNS_ze8e7OKWqZKZw-A8no2oML-YDbZIIgf7SC3qtoeXDMDn8g7GHpSmeq1HBj4Dkb8

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D0AE 0
20 B 569ms
322ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14691629281178225981&x=38&ct=119

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame D0AE 78 KB
27 KB 580ms
335ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 03:47:09 GMT

GET
H2

200

adview
adx.g.doubleclick.net/pagead/ Frame D0AE
Redirect Chain

https://ghent-aws-fr.bidswitch.net/imp/0.011/BSWhttps_A_B_Badx.g.doubleclick.net_Bpagead_Badview_Cai_RChtEbvLd6ZN2pAoKD9fgPy__m2yA7Cvf2vcLzF8vHsEZEvEAEgg__3mH2CNAsgBCakCuHfyXPX2sT6oAwHIA5sEqgTsAU__...
https://adx.g.doubleclick.net/pagead/adview?ai=ChtEbvLd6ZN2pAoKD9fgPy_m2yA7Cvf2vcLzF8vHsEZEvEAEgg_3mH2CNAsgBCakCuHfyXPX2sT6oAwHIA5sEqgTsAU_QJlFQInDqigIczwlbc5XXcdRTMZJCTSbpzoBk9W4FIbzr7gi2bhYZ9wl4f...

0
0

467ms
180ms

Image
text/html

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adx.g.doubleclick.net/pagead/adview?ai=ChtEbvLd6ZN2pAoKD9fgPy_m2yA7Cvf2vcLzF8vHsEZEvEAEgg_3mH2CNAsgBCakCuHfyXPX2sT6oAwHIA5sEqgTsAU_QJlFQInDqigIczwlbc5XXcdRTMZJCTSbpzoBk9W4FIbzr7gi2bhYZ9wl4fb00V-IH-_Uj42aH9FW5TDO8E8mYqEtccaxhHxtjgZBkphm_STWJMunv2VIsId8R6iYgSYqdyjveXZMiM_ESk4fE-6FcZJgDyYbutzlC_PP6ryKitv23MZBlqWXLV6jLugtxJwog5nHxUFFCvm1ubpYM6JOOmPKISshGAVbS3lU_V8zu5MsWpJzYZscDFz759o5IHwbXK02m6Tpa00Z-sankUiRqr1CP-VdeneJ0SAh4gZMhUyu4CCHqSzxI16f2wAS5gLvcoQTgBAOIBauOv-NKkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ3gAeM4uO6A6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcJENpWGOrGnukB0ggUCIBhEAEYXzICigI6AoBASL39wTryCBliaWRkZXItbWVkaWFuZXRfOENVMTg4MzFJgAoEyAsBsBO97rMTyBPbsMXiA9gTCtgUAdAVAYAXAbIXCAoGCAASABgA6BcF&sigh=2UdLn9dJYTY&uach_m=[UACH]&pr=38:0.011&cid=CAQSGwBygQiDEMJRO47-UFINQa-ln2zdFIw-RHoZoxgB
Requested by: Host: pastelink.net
URL: https://pastelink.net/ainw78r4
Protocol: H2
Server: 216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s21-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Location: https://adx.g.doubleclick.net/pagead/adview?ai=ChtEbvLd6ZN2pAoKD9fgPy_m2yA7Cvf2vcLzF8vHsEZEvEAEgg_3mH2CNAsgBCakCuHfyXPX2sT6oAwHIA5sEqgTsAU_QJlFQInDqigIczwlbc5XXcdRTMZJCTSbpzoBk9W4FIbzr7gi2bhYZ9wl4fb00V-IH-_Uj42aH9FW5TDO8E8mYqEtccaxhHxtjgZBkphm_STWJMunv2VIsId8R6iYgSYqdyjveXZMiM_ESk4fE-6FcZJgDyYbutzlC_PP6ryKitv23MZBlqWXLV6jLugtxJwog5nHxUFFCvm1ubpYM6JOOmPKISshGAVbS3lU_V8zu5MsWpJzYZscDFz759o5IHwbXK02m6Tpa00Z-sankUiRqr1CP-VdeneJ0SAh4gZMhUyu4CCHqSzxI16f2wAS5gLvcoQTgBAOIBauOv-NKkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ3gAeM4uO6A6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcJENpWGOrGnukB0ggUCIBhEAEYXzICigI6AoBASL39wTryCBliaWRkZXItbWVkaWFuZXRfOENVMTg4MzFJgAoEyAsBsBO97rMTyBPbsMXiA9gTCtgUAdAVAYAXAbIXCAoGCAASABgA6BcF&sigh=2UdLn9dJYTY&uach_m=[UACH]&pr=38:0.011&cid=CAQSGwBygQiDEMJRO47-UFINQa-ln2zdFIw-RHoZoxgB
Date: Sat, 03 Jun 2023 03:47:09 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

cksync.php
contextual.media.net/ Frame D0AE
Redirect Chain

https://aws-fr-sync.bidswitch.net/sync?ssp=medianet&dsp_id=16&imp=1
https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=medianet&dsp_id=16&imp=1
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=medianet&bsw_param=2bc77ec1-1b8a-492a-a8e9-13ff962d1fec&google_hm=MmJjNzdlYzEtMWI4YS00OTJhLWE4ZTktMTNmZjk2MmQxZmVj
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEBa2cVG06bupzrlHGNZRLgI&google_cver=1&ssp=medianet&bsw_param=2bc77ec1-1b8a-492a-a8e9-13ff962d1fec
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=2bc77ec1-1b8a-492a-a8e9-13ff962d1fec&gdpr=&gdpr_consent=&gdpr_pd=

61 B
635 B

299ms
218ms

Image
image/gif

95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=2bc77ec1-1b8a-492a-a8e9-13ff962d1fec&gdpr=&gdpr_consent=&gdpr_pd=

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 03 Jun 2023 03:47:10 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Sat, 03 Jun 2023 03:47:10 GMT

Redirect headers

location: //contextual.media.net/cksync.php?cs=1&type=bs&ovsid=2bc77ec1-1b8a-492a-a8e9-13ff962d1fec&gdpr=&gdpr_consent=&gdpr_pd=
date: Sat, 03 Jun 2023 03:47:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1 200
OK medianet_bid
ghent-aws-fr.bidswitch.net/win_notice/ Frame D0AE 43 B
168 B 702ms
139ms Image
image/gif 3.125.92.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ghent-aws-fr.bidswitch.net/win_notice/medianet_bid?rid=PmZbc0WMHxo6rZXU8qDECOLXHbRJsO301c0Op0H8GHUrPhd34zsyk6vSBW1xkKqN7bMB2z2LbHe9wan-iox0xjNoh0ie4-QqHNd8yzQIZpacz2H8Qd8sptcuWPYrLSnWB7EtX9Mi-aEh6e0Vty8q77VvzoMlVbmtZWmI_7jtL4rFeFPQ7kIG1HPLSjUBXy64YXXgHyb-F_AxxnyXa5ZoXhHDc6mHA8lRCHXAfj9WKJ4gJC5OHqEJnFtu3sNDrXUtZyf1dQ0sRMIRBabi240r5tOb2oqMzwjwZ8ZhzsCVqqGyAbcP_pctgYPvjrJ-mwzFhje67GC_9sh4MIvoirgCDRqTMGWJ1luWizlHAogOyM6TEIhe-6p0sj-cE7azdsOUoRIL9exKlqqSd_pxgsdubzJ4q7N5ZPwmLs7fY6kR0DPb3DQsksz3gJFYBn-23Zn3xE6c2V9yTonG_eJ1BMfCZCVQ2SrZuAEdWwdmgO2EviRHpmN-nE5ucKnBwJCIrQDOwu5xmC1WO9Ipa_SdRXJrfF8DR5E5uWwUwi_70CIxqWskf1wf8_VIXIEqOgsONVab9HZHGk5Cw-5YXaX6mVYULuAi-R6ObGw56-kt_VTQq8jm7tRXR6XErznu-5w0Rp48qYxgzy_cpwhbLjb0MUbDC_e6ROM1Nw_z9QQCFhTrVsSHAhwTAih7_uTxjv_tWrBgYGsdqAhJlYwL6Lp-OBaW4J0XxzYdHoRGy5vvlGx6gpSRV-64Py0eHrZ5a-VjZJB5oNYmTA8UuegS4kIQtD23Z-oR9rBmUJjkB68-2Py1ZF4lXvgv5Xbc-mkmtz6RtGsWHZZ0eWV0EJ60gT9PKos88HZ3MzZxKNP2Is5IT8Q6u1BwFVRM-U_wHhpRYmz9_rwHK2vM-_MYKuDi3HUTYRuoW8AHfDg_Z24HR8zgoauNNjsW44zxBPTAEiASByg-YqX2KfPgt965pDqUNdoZml03zsc1pVSoLS9U1YOOHD7JpJ_x2zP6_FaZO2jR8VtPxa5W0NjPvS4pkofyf9H5goy8nfCUnbPb3aDoQSb6xCd4BvgT1NQ6V-wNPf_Zg46PtixBfaxywxVvGhKgGmWWslsu1FcBGQAHAh_YcbPCnyXrpcleEUHOB7QLj3wm1nu8WhSr5qi1WDQpAw9fCqEIx3X8sBVrbpAQmyvtOK3zhdmBcMT3XZtcnf077VQuyYdhx-vZjCrmW_S7aQE9-zDcX6lqBjPNpZ183PcTScj6za9r5a3yYUNBzm5msyGDm-1DJBdCfIDsPG3pqmr39SZiSBjgwboE7N10cLASbEGmt0YQGUkVqsv_9m8oB97PLoCNbyRzBa7UwSuIth2LAMrsGy-F6c8KuTs8mwIQqXMG-iix8SI_HWIucHXgp27j4WubfzMan_Mm7OtXTLtQyR56wEHAQ8U3YGPJBAy5DqmqabpY8O-WbUg2pJtyPaSQUVkOMRm9wJbtsE3ZcLU-ed7vkKKMM22c9Jgv064fTXvQjTkCqDM19v1NPZEB981Cbh_lSH2P1yoETgHnHg7JovirOgWEWUNP9HLrJ-1k1vBHgEDe7dk-BdDBLFxe7P3HbME1mFp_zH6ExnqEwNoEgmtIiuwdRVpsUeTo&p=0.011&aid=
Requested by: Host: pastelink.net
URL: https://pastelink.net/ainw78r4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.92.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-92-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 03:47:09 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ Frame D0AE 35 B
296 B 474ms
139ms Image
image/gif 23.216.77.21
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&vplcmtt=-1&lper=&app_type=prod&bdr_typ=3&ss_d1=1600&ogerpm=0.0000&ss_d2=1200&stid=bsa-zone_1675868324828-7_123456&content_context=-1&content_channel=&other_prv=203&jar_err=&current_day=6.0&adtyp=0&req_id=1d461cd5-8456-42a9-97bd-62a6b7732a64&bd_m3=0.0000&bidfp=0.0000&bd_m2=0.0000&pvag_id=843336142&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=10.5892&exp=&deal_id=&ctr=-1.0&fdbk_id=&second_bidder=*&search_res=4&floor_bucket=0.00&gpid_format=&seat=16&rc=1&size=300x600&url_l1=ainw78r4&f_seg=&prdp=0.0096&ogcbdp=0.0090&dfpbd=0.0096&server=1&ogerpm_wd_bkt=0-1&vskip=-1&model_version=202306022248_generic_prebid_bsdv-_0&viewability=0.4600&dmm_r=0.0000&cut=4&dmm_l=0.0000&as_cache=1&tcyerpm=&content_language=&sc=TB&send_erpm=&dmm_m9=0.0000&sd=-1&hb_exp=&seg=&erpm_bucket=0.00&ugd_ver=&requrl=pastelink.net%2Fainw78r4%2F&bidrestime=1685764028106&cc=GE&strg=mgx&ss=1600x1200&video_maxdur=-1&current_hour=3&time_stamp=2023-06-03+03%3A47%3A08&content_network=&model_key=generic_prebid_bsdv-_0&rvshhon=&mul_ratio=0.0000&bdp=0.0100&ct=tbilisi&akey=&mnckfl=0&content_genre=&dmm_ctr=-1.0000&asn=47810&bdp_bucket=0.00&algo=mgx&dc=eu_be&splid=bsa-zone_1675868324828-7_123456&dim4=exploration&erpm_mult=1.000000&dn=pastelink.net&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&buyer_id=20072875819&bdp_wider_bucket=1&acid=d75d29b0295d4057b5eaf0d740dc3255&zone=b&infl=&o_ver=NT+10.0&br_ver=89.0.4389.72&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=9.4.2&totalTimeBucket=4&visibility=1&totalTime=4346800&dmm_m1=2023-06-03+03%3A47%3A08.116970933&e_rpm=0.0000&dmm_m22=0.0000&gdpr=&vsid=&log_less=false&content_userrating=&gpid_sent=false&ogerpm_used=&sfm_key=System_203&bdmm_m12=0.0000&cid=8CU18831I&bcrid=16243_16_489137002&rawbid=0.0110&seat_id=16&sub_bidder=&pst=EMS&pbshr=90.0000&dmm_d10=0.0000&o_id=101&clisp=rtb-common-596b9cd5f6-8sn4t.BE&dfp_bucket=0.0&adblk=&itype=prebid&pvid_seat=203_16&vcmplrt=-1.0&video_mindur=-1&cliIP=1542442625&advurl=gpc.ge%2F&level_base=0&crid=742696110&sat=0&br_id=265&cut_bkt=5&gpid=&iwb=1&second_bid=0.000000&sc_pvid=203&capd=0&other_bids=0.009009
Requested by: Host: pastelink.net
URL: https://pastelink.net/ainw78r4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.216.77.21 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-21.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 03 Jun 2023 03:47:09 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Sat, 03 Jun 2023 03:47:09 GMT

GET
H2 200 release-20230329-99-adperformance.js Show response
warp.media.net/rtb/resources/ Frame 9791 71 KB
25 KB 425ms
141ms Script
application/javascript 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://warp.media.net/rtb/resources/release-20230329-99-adperformance.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1685763600000

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-228-23.deploy.static.akamaitechnologies.com

Software

UploadServer /

Resource Hash

529040ffb31edc3b458168066d513769520e983e2cc9ffb8d6c9ea0d98c57a11

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
date: Sat, 03 Jun 2023 03:47:09 GMT
x-guploader-uploadid: ADPycdt-ZvS1Ng69KUEm5bGJxJYo3adbUJK4J6ysZsmUH8-RjB8SdR6U1w2HqxRloagNZksp-7OciBeCH3y1tmsnAC2Vxg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 25080
server: UploadServer
etag: "821663833b8f83b3092ebbca9ed4a6f2"
vary: Accept-Encoding
x-goog-hash: md5=ghZjgzuPg7MJLrvKntSm8g==, crc32c=XNaW9A==
content-type: application/javascript
x-goog-generation: 1680095338448196
cache-control: max-age=3600
x-goog-stored-content-length: 73074
expires: Sat, 03 Jun 2023 04:47:09 GMT

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ 35 B
296 B 521ms
165ms Image
image/gif 23.216.77.21
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=projectevents&project=prebid&acid=1d461cd5-8456-42a9-97bd-62a6b7732a64&cid=8CU18831I&crid=514430648&adunit_count=1&dn=pastelink.net&requrl=https://pastelink.net/ainw78r4&istop=true&event=client_bid_won&value=0.01&rd=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.216.77.21 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-21.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 03 Jun 2023 03:47:09 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Sat, 03 Jun 2023 03:47:09 GMT

GET
H2 200 log
hblg.media.net/ Frame 9791 35 B
191 B 437ms
137ms Image
image/gif 23.212.88.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/log?logid=kfke&evtid=plutol1&__q=AYYEIwKELAQCAAABAAAAAgAAAAAAAAEABgAAQIABAAgAINAATjc1ODE4MjA5NTAzOTc3XzE3MTA4MTc0ODBfNzQyNjk2MTEwMjAzMUBkNzVkMjliMDI5NWQ0MDU3YjVlYWYwZDc0MGRjMzI1NZYDukkMAiuHhj88aHR0cHM6Ly9wYXN0ZWxpbmsubmV0L2Fpbnc3OHI0BEdFGnBhc3RlbGluay5uZXQSOENVMTg4MzFJCA4zMDB4NjAwCjAuMDEwCmV1X2JlDFBSRUJJRAZhZG0AAAAAAAAAR0CU2-31j2ICMQAAAAAAAPC_PHJ0Yi1jb21tb24tNTk2YjljZDVmNi04c240dC5CRQIQNjhkMDZlODQCYgI&cpr=0.9469180920610103

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-88-20.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:09 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Sat, 03 Jun 2023 03:47:09 GMT

GET
H2 200 clog
hblg.media.net/ Frame 9791 35 B
224 B 437ms
138ms Image
image/gif 23.212.88.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4174&lper=1&itypeid=3&itype=PREBID&cc=GE&cid=8CU18831I&reqid=1d461cd5-8456-42a9-97bd-62a6b7732a64&vid=1d461cd5-8456-42a9-97bd-62a6b7732a64&dn=pastelink.net&rawDn=pastelink.net&pid=8PRW23HG5&ugd=4&fleet=common&requrl=https%3A%2F%2Fpastelink.net%2Fainw78r4&cliIPType=v4&coppa_status=N&coppa_applied=N&coppa_enf=true&lmt_enf=true&dnt_enf=false&geo_source=2&sc=TB&ct=tbilisi&pubid=pub-8CU18831I&tgtval=pub-8CU18831I&csip=rtb-common-596b9cd5f6-8sn4t.BE&dtc=eu_be&zone=b&sd=-1&ptype=23&xtmax=300&gdpr=0&gsi=0&app=0&sat=0&screeninfo=1600x1200&asn=47810&sckfl=0&usp_status=0&usp_enf=1&pexid=PREBID-8CU18831I&geoll=false&is_ortb=false&s_city=Tbilisi&commit_id=68d06e84&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-06-02+00%3A00%3A00&pbasrc=0&schain_cmpl=1&schain_nodes_count=1&dummy_vsid=false&second_call=false&ipcc=GE&is_msnnative_src=false&rtttime=118&req_tid_present=false&pvid=203&prvAccId=16&prvApiId=8CU18831I&adj0=0.0&adj1=9.0&adj2=10.0&pst=0&crid=742696110&prspt=headerBid&prvReqId=75818209503977_1710817480_7426961102031&reqsize=300x600&size=300x600&chnl=mgx&bdp=0.010&cbdp=0.010&og_cbdp=0.009&ogbdp=0.011&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&cat=IAB14&advUrl=gpc.ge&dfpBd=0.010&dt=O&dbf=1&epc=742696110&s=1&snm=SUCCESS&bId=20072875819&pcrid=16_16_489137002&tpbTkn=false&pvAgId=843336142&pvAgNm=TP+-+GE_Adgeeks+-+AMR+-+DV360+-+UA&iurl=http%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fad%3Fdbm_p%3DAKAmf-AqzEg4AYzvL72EfUiBL3-B7FVanxamQOA_D3lZ0_Nk9OAXmfGhXS9K9l3qrPpUMzPc896j%26cry%3D1&exid=43&bidflr=0.000&pbidflr=0.000&opbidflr=0.000&spbf=0&viewability=46&slotVisibility=1&adpos=1&iframingState=0&exp=ssProfile%3D0%7Cebc%3D1%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cbsw_cw_smpl%3D1%7Cdbr%3D1&mnrf=0&seat=16&ortbseat=16&brsrclk=0&bidrestime=1685764028106&fpuReq=0&bfs=103&acsn=1&bcrid=16243_16_489137002&strg=mgx&stagid=bsa-zone_1675868324828-7_123456&vls=0&mang=1&pvdTmax=242&fpusp=false&ae=true&epcexp=false&moau=false&ucrid_ver=2&omid=0&apTags%3C%3E=75&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&ftr%3C%3E=1023&mx_sbp=-10.0&mx_sua_cvg=0000000&mx_tid_sent=false&mx_epbc=8CU18831I&mx_SPRIG=0&mx_bsBucket=1&mx_ssProfile=0&mx_int_dsp_id=23&mx_lr=0&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_bsBucketRa=0&mx_sid=8CU18831I&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=4&mx_nsz=1&mx_sent_seats%3C%3E=44%23%23191%23%23250%23%23151%23%23354%23%23431%23%23257%23%2374%23%2316%23%23162%23%23165%23%23200%23%23366%23%23367%23%23148%23%23303%23%2380%23%23306&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_bsBucketKtwRl=0&mx_divid=bsa-zone_1675868324828-7_123456&mx_tgs=300x600&mx_bsProfileRa=0&mx_IAB2=0&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=1&mx_isLossNtf=false&mx_bsProfileKtwRl=0&mx_bsProfile=-1&mx_ssBucket=0&mx_gpid_sent=false&mx_commit_id=b868a86c35&mx_sent_deals%3C%3E=mn_marriot_yahoo_d%23%23mn-viant-attmet-d%23%23mn-viant-ctr-d%23%23mn-alw-oww-green-adel-d%23%23mn-alw-oww-green-ama-d%23%23+mn-adelphic-bf%23%23mn-alw-oww-green-vrz-d%23%23mn_rad_eng_disp%23%23mn-bmw-oww-yah-d%23%23mn_mtk_aac_jj_disp%23%23mn-adelphic-green-d%23%23mn_citi_yahoo_d%23%23mn-Stirista-d%23%23mn-joh-oww-gmp-vrz-dis%23%23mn-Stirista-politics%23%23mn-joh-oww-gmp-adel-dis%23%23mn_kohls_RON_dis%23%23mn_usaa_yahoo_d&acid=d75d29b0295d4057b5eaf0d740dc3255&rtime=81.0&wsip=mowx-d7498d497-fjb9s&ltime=94.0&act=headerBid&abs=0%7C0%7Cnxblock%3D-1%7Cxtmax%3D300%7Cbrr%3D1&adtypes=0&impId=10fef1cf2fb2307&reftime=15000&reftype=0&keywordSellerId=false&dsid=bsa-zone_1675868324828-7_123456&mowxReqId=d75d29b0295d4057b5eaf0d740dc3255_3&renderer=0&ifst=0&ifdp=0&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=1&dfpDiv=bsa-zone_1675868324828-7_123456&feedback_id=689f4e8c-11f5-4b53-818f-02f5d29a0c40&supplyTagId=742696110&pub_pbslot=%2F22405481091%2FPastelink_S2S_Sidebar_ROS%23bsa-zone_1675868324828-7_123456&mnrfc=1&viewability_vendor=MEDIA.NET+EXCHANGE&viewability_mnet=46&v_mkey=gen-vblt_prebid_test_2_1&v_mver=202306020826_gen-vblt_prebid_test_2&v_alg=gen-vblt_prebid_all&vcmplrt=-1.0&imp_tid_present=true&actltime=103&debug_ts=2023-06-03+03%3A47%3A08&__expireat=1685767628370&mview=1&rme=adm&utime=863&sf=0&cpr=0.1183657453077609

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-88-20.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:09 GMT
content-encoding: gzip
strict-transport-security: max-age=86400 ; includeSubDomains
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 48
expires: Sat, 03 Jun 2023 03:47:09 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3BAB 13 KB
5 KB 139ms
135ms Document
text/html 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 46964
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Jun 2023 14:44:25 GMT
expires: Sat, 01 Jun 2024 14:44:25 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7B44 783 B
919 B 155ms
154ms Document
text/html 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

GSE /

Resource Hash

2bc347dae3fdb67856a706683724d7f6631b3c59cda8e35665f85c9bb5ebf3ea

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ByNKetU1wo77CEQw341YOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-ByNKetU1wo77CEQw341YOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 03:47:09 GMT
expires: Sat, 03 Jun 2023 03:47:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

cs
cs.lkqd.net/ Frame 186F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESELUgkN9w6lvBA8t-0CoQ6t0&google_cver=1

43 B
534 B

223ms
219ms

Image
image/gif

146.20.128.172
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESELUgkN9w6lvBA8t-0CoQ6t0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6TkZIDEJ-qnukEGMWmpOwBMAE&v=APEucNXMl_GhgKmsj2QicK87QZ-B-4oripVNGxAN6_v3UcEpVwnsjyLStFLtNClVE0gR3dSvJy8rfVTiNuPJhUakiUSS5UeDaw
Protocol: H2
Server: 146.20.128.172 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:10 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESELUgkN9w6lvBA8t-0CoQ6t0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 296
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 186F
Redirect Chain

https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=Wmw1Qkljb0VzRkE

170 B
243 B

149ms
149ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=Wmw1Qkljb0VzRkE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6TkZIDEJ-qnukEGMWmpOwBMAE&v=APEucNXMl_GhgKmsj2QicK87QZ-B-4oripVNGxAN6_v3UcEpVwnsjyLStFLtNClVE0gR3dSvJy8rfVTiNuPJhUakiUSS5UeDaw

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 03 Jun 2023 03:47:10 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=Wmw1Qkljb0VzRkE
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 186F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEjxyfkViFAQy7TALmbK714&google_cver=1

43 B
766 B

271ms
135ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEjxyfkViFAQy7TALmbK714&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6TkZIDEJ-qnukEGMWmpOwBMAE&v=APEucNXMl_GhgKmsj2QicK87QZ-B-4oripVNGxAN6_v3UcEpVwnsjyLStFLtNClVE0gR3dSvJy8rfVTiNuPJhUakiUSS5UeDaw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 03 Jun 2023 03:47:10 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEjxyfkViFAQy7TALmbK714&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 186F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZHq3voFvUZ05T5XVfZOW5wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEjxyfkViFAQy7TALmbK714&google_cver=1

43 B
632 B

135ms
135ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEjxyfkViFAQy7TALmbK714&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6TkZIDEJ-qnukEGMWmpOwBMAE&v=APEucNXMl_GhgKmsj2QicK87QZ-B-4oripVNGxAN6_v3UcEpVwnsjyLStFLtNClVE0gR3dSvJy8rfVTiNuPJhUakiUSS5UeDaw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 03 Jun 2023 03:47:10 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEjxyfkViFAQy7TALmbK714&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cs
cs.lkqd.net/ Frame 4C15
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESELUgkN9w6lvBA8t-0CoQ6t0&google_cver=1

43 B
534 B

225ms
221ms

Image
image/gif

146.20.128.172
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESELUgkN9w6lvBA8t-0CoQ6t0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6TkZIDEJ-qnukEGMWmpOwBMAE&v=APEucNXDOlTVxCrjRbZFZYZ6Vd9Csbo3Sxmu05126HFJ8PeS96ZM8mM3mm1SwRjV6ZFO-YbUrIo_Y40D7Ya7IZ1wWa62vnd4bQ
Protocol: H2
Server: 146.20.128.172 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:10 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESELUgkN9w6lvBA8t-0CoQ6t0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 296
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4C15
Redirect Chain

https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=LUFON0h1ZUtLRms

170 B
232 B

150ms
149ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=LUFON0h1ZUtLRms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6TkZIDEJ-qnukEGMWmpOwBMAE&v=APEucNXDOlTVxCrjRbZFZYZ6Vd9Csbo3Sxmu05126HFJ8PeS96ZM8mM3mm1SwRjV6ZFO-YbUrIo_Y40D7Ya7IZ1wWa62vnd4bQ

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 03 Jun 2023 03:47:10 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=LUFON0h1ZUtLRms
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4C15
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEjxyfkViFAQy7TALmbK714&google_cver=1

43 B
632 B

295ms
136ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEjxyfkViFAQy7TALmbK714&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6TkZIDEJ-qnukEGMWmpOwBMAE&v=APEucNXDOlTVxCrjRbZFZYZ6Vd9Csbo3Sxmu05126HFJ8PeS96ZM8mM3mm1SwRjV6ZFO-YbUrIo_Y40D7Ya7IZ1wWa62vnd4bQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 03 Jun 2023 03:47:10 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEjxyfkViFAQy7TALmbK714&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4C15
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZHq3vReiBL7WDHSRuH4RYwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEjxyfkViFAQy7TALmbK714&google_cver=1

43 B
632 B

144ms
144ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEjxyfkViFAQy7TALmbK714&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6TkZIDEJ-qnukEGMWmpOwBMAE&v=APEucNXDOlTVxCrjRbZFZYZ6Vd9Csbo3Sxmu05126HFJ8PeS96ZM8mM3mm1SwRjV6ZFO-YbUrIo_Y40D7Ya7IZ1wWa62vnd4bQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 03 Jun 2023 03:47:10 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEjxyfkViFAQy7TALmbK714&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 VQdDSOd05UIjXCKVon8X_ASAqVpdX2ccZF2BDi7w8G4.js Show response
pagead2.googlesyndication.com/bg/ Frame 3BAB 38 KB
15 KB 178ms
177ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VQdDSOd05UIjXCKVon8X_ASAqVpdX2ccZF2BDi7w8G4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

55074348e774e542235c2295a27f17fc0480a95a5d5f671c645d810e2ef0f06e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:09:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14834
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 03:09:21 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D7E 0
20 B 192ms
191ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4011590377704&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D7E 0
20 B 188ms
187ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4011590377704&version=m202301230201&ct=2&x=8&cor=642482739479847400

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6D7E 73 KB
34 KB 177ms
176ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CCOgoRaK_t4DMrj54Q-lCNFVKsdZHesb44k6KzEu0UXd8Ho7nqP8-79fZadEfZ4McZWmGEUuVj9bAakTDYU9u2GmoLJ1Fh_Z6gUnUjPq_qSrfi8evH_j2t-wOh6lZAX81WIA7lSuBOxtnRuzscS0gZsGMWQksBOmXH1QyqdiumWtcj-oo&cry=1&dbm_d=AKAmf-C4fmd6Ju7etbF35wVGgk09zh_0zXmqZr8rmH9f8Yuy99lECKDVCgGcm2G3OVNY1J09IjJxXv3l6L3z5R4V75yKS8SzrDo4x1kkrELNwOjEzaIsv6dWqj_oSwH5HMHEkOBV5NdAY1z-TViOUmUb0CY38eqX149JMtZgTI9KptfzHB32G30AWdHJ2kQDkb8kXDuMWZwBZmidlvv1ae0loZr4NZltTZobp9DEFmFHUDD_5GYJP7CDvYQV0Ak4UVW2BeofMyGoc2VnE0VsQSVhITPdEuLdmesX3gKuw3EmLRVuwxi91uhjo-eBWm1UcGsu3x9xpCD6SAYq8NLcK8ai6Sjp7TwKr0Vv4OTcAf4vFG6LD2jNN7YNlE8cuZkRb_3k6OfzgwxpYh0G-2ObpQBN2AStu4aBEzw3ImPVWv44olQX2x812F-gWiKrzccB_jq3bUo8Fm4dum-qX4jzem3ieDBmvftXq6w7GL4cMhPtS7mf_vlgzpPlrmcnTdZLpA23B82P2TnCoLs35xa31W4NMcW73PgCbOLt5xaZj0BSPncMhsj2eS5JrVUr0RB3qVPbmrqnxRqBaR0h9GlvngwB6BmDMCQuR_Rk6awQbNT5OpXo4iQmWUZEKqDnfpclH2PWJyXCVi3A2wehwZbiBtZc3ss9x0imW_kHqOnMx6XcUjGkHzr2GM67QCt8nA4PFmQOUc0HuVP_fpTCcFa3fRed3mgF_TLKfunJ8gevK6gYubeVahItPquZiL5-UqBS1gO8l9igNXMXpgE7xplpC5kOWw9QLdFwlJvMKT75oN1TD9T8QlkAn6aRwBXtaZlQ7XQCvjYs_TVyTCat_I_R2medOkwyphQJeuM-evhKHIlDpcWafrB1swBZAnzk-zbAK7V1VGRPI-2M21PLQIRZ08RH9RB5J1ruNkD-iMnKhOcL0BJHkwbSNUJLuVeU7RKW3WLfuVUQU4DH-z9sw9SO-0T_73z487_tbPgMk_1HRDO86FyACCTvqJHFXT3JyIPSStFeSYHI07O6MlZq7xflUxqhv43-tJXTk0nxfAjHiVHvEd2CFSP0dCFsu7unUJlylVZQ68ZFYWD1QMjmzQvWftTU_6VzTb3nXLz_ryQpkg1SHcmS_6QLlrj601B6xLvYlSfCS1AVsne4ur3Mvn3Gu89JgtG0n42ol4RxGczHUsgQAz4H6KxkfXLjtfIVuY-OraacEp8U1ZMNuwXEYw_dhmXsPSlu2TSC1A5XcPc1LhOn10ohv5_m6HgjYWcb4IDiEfey7zyVnHddzNkvbIh7l4mjxUYhcdZBAz6AY3f5DM-Bi4dVLUYsZOwNn6VsVytLa0euoSWTNZhSMJyPOKgM1LHeunthZ_IggroYPag9K0njbEUlNiuV6hD2-v0aW1knmdV-xWalNq_jFC8NzsCUwompchsJb9u36GIEnXBuL0SwF1EB1Zh0e5S6IvwyIsUKnRNN_jUwjKcTJo6Rq9hnPbEAdyzG24gtpvYcJcRPoz8rLNNTYleMg34zqNK93ORtHtHFlFaB9FrZFMlJEJJSdE8fMmZq90ozWTjGXZeycDrF3tf6KuE1fxMMUJHj9hXSiQYcO1WhX7fPwYeEL9m-4FmqKxZtkwat3iuS7PJfSaJIkGulGSMgBQLwxe13VN5fd77WsKAPzQAjFHRCVo66ZFYRUSZBULYygaZwNl420QXtypPt3VGZj260BuYsyWvgY9t85h6PbT_DUM3O5e_PkkTqqLxZ_dfh-ckofsEf945wsv3zWpBQJDfFpcDoBhPsWcp_2D4xSGwnNEafW4mNrgKL2q3k4TSnDWPSt8p1vZotwDbtaXlqt982NXPahI3VkES4lHseOnvEA2xZxd0wbpF0GzDrSg6MREtYGMiKO7g0Cd30pbi6x5jzwSvgNX8xEJFfJo8QLXkMPz-r9fvb2Z7Ev7IqX8GiTj2M-RtvPnkAW4mS0bRLyQePkgRKl2K-ENJGyCpQ-jfBAeEEyxrM25Tt6cAmEOLRgtP99vbcgk9iguz35aM-0IcQwmxasISZav0qVvEv599-VLS7MLuCPYdi1ioTHY8xKJXbf3sVvGyoOoXhZZWZLDwjKwwnaDQHUtgGum7csEK0yYdEprttyOB7HEfDTIUfnz5u2DbzO6pI7dYI6fYgXgY22_OkUETtf6k5_91c4bbHUx3krH6CXhKICLVIpDZ_ubQf_9piKnztiUdxISOyRl9at4JR8vlQfgsZLTKWlIF9gPAiUc_wrV1qzdaofaq4sd3A8muHGS8TTydfx3J_SMz62G-4UhHQ92mrsOhyOYhrKNA6zs4tonTol_DhKid6IYTG49ff4zF3hm8x7j8nCh8dnoCniYeT6AR_0fGIjK6kT_Dp2k-Y2YJDCpMiZ7z_gpzBmlIQMcQABdehJKmooYfi0OhcLPutSPcO2dNOzdiqbzofTWS-kbwLBwv3DzwTElcolPgaIMKLlUqCWLbJVpUNPzun8-WDJ5XbZMew8_gdZu2RAiBsX9x65O21wk5PSqjZZoHQ6lijvN45LKxRHo-YCGb9Vjmqauuue3PIrrX5to7rT_lymx-heCwR-O1w0WOh4ETL1Fgy17Koj1KjmfpgTr5qWXdHIKs0HRSHOdu3z0FTzLTKUDcAfDvW8LQ483hJ67gV26pILWzv19H_tsXpitxZVCT5pz-y9gHvRlsUX91rlEGshopZmiHY3qnIQ50gJIRrDNq4Fa8ii6KPPczrqgAHXJPhtbo33LcRUr7uE1N_EBYAQBMegdy8zaHjFrRsKjVZQReAXXvFmLnGe_p569pFYnLciWFmffa_RF4XaQ9fWxv0hnaXxz41tLq8_ihH_SVIAnYhvf5wuf9xVR5DjSIatsKTA2VQKpL3m_m6YC7jSfpwfcJpYmToQ16gkmR_iVNCarlBoRcPMU8I37yVDrPjcI_fTUYvCPsRob14jsurGw82paZAY4R_OABnYe4-fZwZ8wT8GEK4HEe09nxy3-gO5EsHdCUADP64C6yE0TgtNHxJA0tvWbC2EHO4hBC9kyGPNw4TDwwe0Vzw8oncfxWromNP_afS20q_GyDcaDtFDRzlfaRmmdMgdDCilKjo2z1gZydWfoBaW53B7uK60Cr2zREEryarG5VFH4OcStDlIuYN6rIW6xyxj68kmRHnmY7HRRUszLqR9xlnRKem9iLavTXmoYCSd2daoArdW-ZCEs8XHqyBszA-RY7QOSUY9aasC-x94PBbzAEtd2I0Ox2PHhueTdUO2uGbAqQy_8X-611g78cwfVC08eNZgVI7GNfSK_ja8KH7sMWLxOo&pr=8%3AE805E09688EF2BB0&cid=CAQSGwBygQiDTw1BhsCkZOUhdC6hyb0qhD_btPuR2xgB&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpastelink.net%2Fainw78r4&ds=l&xdt=0&iif=1&cor=642482739479847400&adk=1814326990&idt=512&cac=0&dtd=30

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

8611390f1f6e2af766d906ed361f1a50f06cf4eaeb968435f5791d46576c3f82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34715
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 9791 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b9bb0348aa0f3bad9097a27f7f09161a999cff9fdda200184a16650fea7ac46

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3BA9 0
20 B 170ms
170ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6375679841815&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3BA9 0
20 B 170ms
170ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6375679841815&version=m202301230201&ct=2&x=8&cor=1974257255291366700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3BA9 73 KB
34 KB 241ms
240ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AyDm_ow6MxbFJed_csC8f9swp2AL3uP5U-irkp3DhGlP4vBngJAwP6ex1R7VCf7aaJOIaY__rIcbKB7Fc90o92hbkiPbvZ2FISAYopjXDTfT1PO4Y-sWF-K6PL2mCv6bt8Qppp8Trnd67Rum2qdhn_wzhY2LLlmRxMVXDmOV5iRVNMMNw&cry=1&dbm_d=AKAmf-DKIT2lV01Xo5CGGq3xXKeJUmV1cs2_ybXvUCfxZHrVtzXSVEkuLyRqSMl0OoRwxwcMV_vborOZVHGTBbLFU4mWuRxlHElOHLm9zQUqrnaQVLqzYQ8_IYEYfgFuPVWgkZ-1yXLQkYupNsHXSs2KuSTGpbxVAWbfATBqoqqMo9oK_UeDJuuM3XVu8UQd7Zf5xpcNOqPK96lSscCYPVCyrrMUqnDgmHFykDfLv9UZWvaYBZMlYESOYkWBMlHEEGG241fsIqv2qRiRDtv1K5KLZEbpiaLA0NkBfXbHyWxp_7Q77IWrHBZdVo3CS2nqqaLNtv7a1Ftx2C0cKbfRfuWSu6R8r7TVKsHOcAG7xMdbRRTkJeXJfnv58kxm4ONQxT1KzIro01PNBnywFW2qjr3QsNEFp_idJxRAeIxbWYNmFSU8ooVsT-oZkowdyz1siU13eqdg63Xmyu44lLZzd7m0nc8yCHWHd5NscCq26E_mc5UAGcyf92n3U5vV-x6vQCQGGXngeIN4yOQno2kCGeyCtW03yRlGJjL_bcqaYd_GZyVf_u-P7DlEMORxLJArDqrqz7xsLqOG0WOLcUHC6U3kHRHTrT6urZOJFvhBizIlCCLFMt0w7OA3hZGNiW9mnZK7Lk6_SIC6FO18TDgsnIYYbHp28fkd6-0uwg8hMpONLGsszHrc6ikLQRaEbtzyhruhiRZWCCO7fXXoMnr9_Z3mbhYO01JWX8b0PvwzsxvVyDd0U15lnN4JS93FJ7HrlsF2flj9jAd_1T6zRlHIB-a_DhK16J8MfqJgg2CSIlTz2LoaxxohAj2hddMy8QTMvSFJYL3DbCqHrpE1kzKUSNJL1jhF0aWBelG4vckC3oxsuO0HGXXYlSWjpnMJJuqK5uv9lPfS-3cPn7G-gGKBDx8YQVCEvvwQLyPf9PT17BSDTY9A0gijqxfUcHI-0tlGMnnP9w2uF9Ayy_Z8P6YdPeMAR1jC02ewo81L-ndiorI0dgfwOwQ0QGl1BN-w2Bw0vz21uOZuwxhsn0LOXaCa38BnacNVBBQ7K266lwfrinDXL9pvL4wmiM7-7cUY6B7ncV6upYcPCjFxZXCZTYXhviB1dEYIIRuRBF-8BgC1N3nvXa4hXe4kb3ON5t5Z75ZjGE8XS8LDugZgmp0Yig2ilbY4ZS9KQGoiM8aavf2NX6NRejOFikmHo6m7D9uR28x0CP_aHLlIskW3B5A3IerpJ77pGVXOXoJIVXjktLzwPiW19_IA38ByBkkUUZsylzuRlS8GsiMQ1zEVWqhqY6cWdin-rjZPl80LJzGY-5Swwv2PmlO8XBjZiuCQxK1GAWnpswhTMwrBfk7XQdtU5TG4wp-ufgLbNd9hePmR7gpG5q3iWVwHnjc_wI1CNTEPzLWCrzG-vXTBe2egOrLzERJUADLpdaEbe35rnwMU7i7OhnhlWT4HQF6xo7ldONlcJ9cTeMoZ36YWMCgkmTptbd2JhQ9LoNd7LXxZ0Z72uKnRqL079giriB5F3f9taEGz10dVrexnVFB0-PwpoOTagRSaPC-Dnbeex2COEr_yebgsiYLw3KNyQ9xX-rifIq1q1Zxsnz0IvIx5KINYRYDQW34wpNXMfhfGsNCinIUzXfDol832q0SfYh9JqL5rtJj72CylDDQk3buAWJDNMGn09kVjd7r3WAbUs6YGa4MSBllXgPm6kUfhy88LBHyhrbA6lB0nK3OSXxaU50HCk9B_K3GQkEpKctNx1Nt7_qiFXIEShT3cL4s-fmIrf27OcPyXIqs99A7j8K5PFSnNWBcFLlDOZIcsF26-7w9qlm4DkIzOZfNB1fO7XjbrPTW32S1MHuRBlKEVLO6981fqspdgxBs57WNT-4dKrQ_qoBs7ITomSwsI-clWvLjN5-Ns3vivBizDB3ULDcQG-C8hFDxFLDiKEjsYnnSskSgu5zQTSJfbQ95YFR0_AaprYtprXWpDF_HCVNWPVh_e7pcVgXhfle_s7IAly4cze8cdvHo5l0lbRDlxP8fPNkc15-IV15aS1AnEtvih1uSAH2wv9NXj8EFh-o3hXw4gatoPsHg9c2N_zG5KBm6bnQtMcW9fwITxQ3XvSOwi3jEPyLSzdy_mSdJJgF5yIS5_AddCLPTLYqoac3caJbwuKZtcvRSjRzRhI2W0KJaB4_XPK2XFyl21Nb8d4x8NXt55_VbO26HeHosFC9jMdd8qTqO_VdgDu-qdo-Ql2Wa8YwJpGt7fj7YqHlGmLSwdchE6iP4juyjkFS4PiVkbpFAjGB3cg_LT-tK1pXfNPBSGkxFFus5t5XKGmxfmoQEjR1pFVsdZrAxAg_YveDJE3P6wHQizcMtFWGekfZtGGTpFgDyTSZVgoXt3Zj--ReU0kIqYoA5-OZtpX4Ua8QIJ09HGph66t1IZbn-N4A2izS_OMpvypYt8xFH_Fq6rXUfHHya6eLkqjm_v7hoKLBB9YpJbHnpxDDB-Hri9edIcaZSQoDPLCnqipYmfLIZ6cYUMcQunGOuFLv3UCRj3dm_Gk0qtvytesZhXt8PIzrgMdXmg8XaB_tu9781JZWtELvDxlF8shZnC8g0u4N6Nda0foxpW5mWz1UWvPaZy6Ta-bo0pfCIgbbRFmfeH2DbVHtdKc0aLd3lPgfbLAuoBjalk_kWcj2wWGR_Wqji7Z9gzc-2sDlQgnu9lAgM2h1yQ2lD-Iuwrx36eS6NAu6gH2kXDaMUyvnx1U6qkKe4iAqb-H6uC-6072nJspZhy7SafSWsWDbd-G6dW6c227Mi2JrnrEN6RCjGmS2v59_eCfGtGuAz-AcS4Pe34kDAWzQ92mvJlekTqj0NK41Ne7V18m6qC1WOb5aEl9CUiPJrrkjxQJYv7MUunI9eWU9hIThpPQ0_9l3AoJ3ZX7ObMUz3l9LaEMPkS_ausPzNv9UXtAZ46tCva69NdZhHKVIpqw0CSa9I9ejNSNkThE21lItgq1ROznATGWNtheZRil7R0SsqZmL-qWwFPyvrFmu83FDX2vzd4JSWvlkW16TcnunCSLbHzjUey_Uz-amSKPP40l3IQmlzQhsznqZYHFr1byYL2gcQnH61xu0-R-5eOGWR08K1vQYlQzlTLGgZlSATk7ev8NvV6pe0NcnkdK2IWtQsUGdnh4I28Un3bvGvN1Q_mwoSSX_bn2QFKY1b9hx0KGWBzGLpsxHqxuLEbGx3ATqSxZqtohuUSRfpQcz5PcMqBdMqkCPrPfMoIsHYwaUEccqhlNPYWB3txCB8fxFPw-lERBQmYNp9RMhyG9yeRAWJnU-57tUY-eRv4_6c&pr=8%3AE805E09688EF2BB0&cid=CAQSGwBygQiDk1DuDGzATUWK7sn6YfdhatneK3GNFxgB&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpastelink.net%2Fainw78r4&ds=l&xdt=0&iif=1&cor=1974257255291366700&adk=2403728479&idt=585&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

4688d4845f5c192052cce7d47bec364735c7b408b841d72096e02bc46c879100

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34734
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4D12 684 B
308 B 224ms
223ms Document
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6TkZIDEMGZ6MsDGOrGnukBMAE&v=APEucNVxjerDcDixP9IoGOmWLicFejgnuEIlHvF7s3Axf-244q0OML-bQOytPV28DJKn5w6SuouigWYcalGK6AgyzGqi2mxSb9IHj6YNcPfudcA65J7_mSI

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

68e12a98552e1d10d74c35c38a6324b2ffc6e1b552ca386894875ee9b60ea169

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 03:47:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7B44 0
0 211ms
210ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305310101&jk=2139559599567410&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D0AE 0
20 B 187ms
186ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2288121708613&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D0AE 0
20 B 188ms
187ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2288121708613&version=m202301230201&ct=119&x=38&cor=14691629281178227000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK lg
coplg-w.media.net/cc/ Frame D0AE 0
126 B 1187ms
601ms Ping
text/plain 35.233.184.126
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://coplg-w.media.net/cc/lg
Requested by: Host: cdn-copclient-w.media.net
URL: https://cdn-copclient-w.media.net/cc/creativecop.js?https=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.233.184.126 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 126.184.233.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 03 Jun 2023 03:47:10 GMT
x-envoy-upstream-service-time: 115
server: envoy
content-length: 0

POST
H/1.1 200
OK lg
coplg-w.media.net/cc/ Frame D0AE 0
124 B 855ms
283ms Ping
text/plain 35.233.184.126
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://coplg-w.media.net/cc/lg
Requested by: Host: cdn-copclient-w.media.net
URL: https://cdn-copclient-w.media.net/cc/creativecop.js?https=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.233.184.126 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 126.184.233.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 03 Jun 2023 03:47:09 GMT
x-envoy-upstream-service-time: 3
server: envoy
content-length: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B434 83 KB
35 KB 196ms
193ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BhKwnlUgssBZ_632FasjbmcWUqmT-x13Kl2InxdaEFCflnwsUuEH7TdOjYsGhpsK8JF-5fA-c6BqqmlginPvs1h05V_FYjfZUdA7_HffhK90pjaz5opVkbUp4kJmOZJ2-pBapx1ft-oKlZjnOLqksSmOQhinVsbkhk8GHdyzSlIy-2P04&cry=1&dbm_d=AKAmf-APv8OSEHG_Ed7pGFU3TqXXbqXpsKAjgn2iVg3u8CoNvQm2Hb1JLgJjafUySGoxEVIFFkf3fB7sAqgzIEI5t99hm26AKWqKnzCnGIwVP_vZM9FSyB2qmHZ0GaHlxpuwLKlps94fAiZb3g9_B0o4XmEs4ll1gxtdhxZCvMtTc7qrFc0Jz_51DVFVNGuWhoEDvl7FcfqDLSNo4KUQuBkLEb-wMzlv6R3jcGXFVjhiLiRamj3_otw7Yc9KNGs6eC_hCbRdJ9Ata0TEOC3yDsN8dLOsDIpElG3BiGHWLL72qx5towU29pAarweY48No-bBxEAVdWIZSrZ7flqivsfLCszhq_BSw3Fa_o05YlRdNn7azV3yzsg-lLBZEcqjyli2liI1a3h0iUm3PKtxiLf0yiAYIs4_1QQDTVwOR_cVNwL7GW0eMOrwZwmf6hJupZjub0ZVKK8dgbJKXVXFYXtIb-po35aTmE2dJx1oW2wyoOgv2kDGZwV-j2a0xaA33CH6_Grc1ujFPa8H4vwV-hKlaZos96HtOZzSA4d3j5MrbxsnrHuhFATUuyTc9bTHM5XQZISTWBzswlhC8LlfjYARDxHh6OwTFU6jzv46QMGfzUU-UXGMW6MtmwpioNeTQgmH0IVOSpmHFkPEHDxbzPlRfebFepdtk_QrA4AETpTkSDPUkpjPrBFMKJKzy1I3C96ennwVhwoDO_8Rc65iywSnLD59Egf8b_x-w4AsSv9dp2ASpTjyqkGSezLJs4pNSuiPr23D77PGBjUHofwwqEfJFtNpOcn70VCAJgxlc1jyzbf5kobmNd1h-uQRDIH6dl3i9BI0CpLta2J0fsxLAkiG6YKPtViwwC4C2bm6ewLW4vKbVJIkjC-bqYaphHm_Pioa27eSEV1fc5LpqUSp_kV2QlSaPEr7L8Zi5Gqahl9ZCVr9URWWMaWThgH953a51nAjCMUjC7sflTziQ0_316BWxUBvn6TA7v4Dddao6U_QS1SuPic7qc7BHBtReUwoc4PZxg87F3Wemq6FIx-QATElokwIpbT9qSmRetQVD0wsYJ_zukv6wIkOZB0qd4QXz6yq6KH4N8JAYh8Fc-tLcbrG-TYOxDdUKcd7wHudG74_7yT7ewRrU-UbIDioJ0EZ9DToCt9haNfVnSU2uv59ipLya7LWWsOCGDGnk4j2Lj6VQ2-7NZASPsJ5oTBazWEApo8NcQ0SCX2c816iX48SI5lSXO1YAT81KlYgYPrK8tO0xUACGTNHmtU0K04IjYthk1rqclW7U37K7GnbyZYK7ZHSxLn0QYvgXbNIjbSrvQVgDvxaNV6a2yr239_3BKycym9lB8OhDlXCeHPjELL6HWr0V4ZIVotOgiQ_x7UUsO_owh5zATRXhNc5s1gBwNC88JoJkez2xqXQx1E48-HwlLtL54BcIvNTegw6lI51mTxR3zm0WuuYTB9cQBmNHXxbJwtLINGRvcCuzyXO2SnnVpMA6U5qtcpFIpE2jKN4xYBstaDJi2_F0XbksFPmHDAexHy6U44r-cA6LuWmVRfZxGMrKIXf71R75TUF6s6qhrtMwLwkfw7CvbTV42LWkHZjy8CJuuEPEdX0477UavTZ25MH8n9jlinA2Qo7fnzbkcmFBwk6nK665rMRVfeR6WyjRVL-HGaxpjsD6qS8QXorJuoNjh6Y4mdxBEKJ3FJg-PFJJIU1Hk7TlyU6fWLTdn55SZGDERhsRFVxPWN2eWew9_rGf1ja5hWGt8r3kdDjqB7VJIivvdbK_QY5Y58yF9Hv9e65yiSYPIZWU0S3h1FajiQnnT_D7mlJrbVP22b0yugP6M6nnJfAC9-GyZRbVrjd9aRynQDgXqbpzIa4_mIKzsyd3ZVYaMWGdXJ8zrO_O3jAGpGb1qtF3lz2dx9XptKsJbTzj33KcMI_LbUTlSdkhiOQbMHOPgU6p35QOO4QEf5iQeP1Jng7wHyUdv2c01-1vTPVV-mzUERk36jl_8JvkbizcyE4UN7JbrlU2mOap2r0NTEOedwRUKA11xZ2xrwROR6Rimc9AN2pknuZdqYGs8FUixQzdPzAgtQ8ABepGF8UQ3zflGGtfnv6DL7opNH2ykiBZzqAsVzbyn8jH9ulcZy_Go57XaGlW4Ph98ib5bs_in5N8A6Zj1J4__S_xNKT90MqQkKG2HFw4Ivgg2vsaSnarsQM1vwxBX-JNudhF0X8stGwo84bL7mavKdgqOL8smHYW6TlWQqbd84PQ79FdGO3ongm4Ov1kHDX-UEUzg2vZCqgVoEE-90uHRI5e1TtC5MvHJBn1Q-SYOT1stcm30DSl_xhmay0T-kpLY38yWqLUC79vdK5EaHWHpEVwpjRKlN4JwT_gbgIwHfjFzLC-yDTyOVcPy3aRHsmqdMpXIdNcIdyJNerIubdVshrnt_sC0eXAIrCUvavjkdCGKsK9S0KDnXbWuFOwKp6gzD2Wj0fvpGRdn4qDO3-j-Nb9j8yUwKSq3Dszmeo_XHmK4Z1Rg1IIbVUaL-_IF3ipVDnBF59BlsZnm5BOXMar_78A2aziMrb5d1aTLfZ5-WIhOJAfpZzg8s87de-9hSlXPicm05V1PemJp1HNf5V_3vRc74uK8KEwubO9F3ak2ZmM7XqLi2EpsdPPXe7OVsWFeOdw9LLRRPIo45eoWcuI9PZUW7hex4TOJ9YrUxj6d2mvAJPlJutGGZrqP4LcMznrPFmx1eMOrNqAr6CfjcliiNC5UWzygFIRMT_q95bun_Lp6XG1wyGHb_MACsWvHbpaCdw9pjOlKxHqB8YHNY_z_UshyERtPeCnPWroDJwGedM-3sYEAH604mVICKdjco73rRIwNH5qmxIIKf5wvuwolrW5GbyTXSlKUbJgnm3FjDKjaRjbMJa_NgM5mQdmxM7tAPYuGMYaQuVY7L2zPbeNTJ1zYlKvrLS28DOqk3tVqJogCkrg_WV5v9y3gbRRtk-nBNNvAZ5LgnMdhn3YZdTRtyIrMHlb1OK_gRgqPKQTFH95iAZoB9kuVlhTKRq8Dn91Dr1hWa-VBE0or4vN4zLHaNSzEmkjix14-BUK4Kw-T7RuFSC1i_JEx2SkTO-Zh9R4rZP0R-QHoBlS4RHXXhvd-n4rxod0s3YEXrZU9mURbVRHAEwRkfVQIgIdHzIv0xk20KWUnPmlfsImOdI6BBh1W2WjA22mK52hswSLEoiCBiXWe0pGDa9Uue9UoY1Ktj0LJSdnNSyemOQhEWAVsIKV1tgAFKQrNKHzIZZ6Vt3zGNnay7myjIBTlxJVVundMKh_ik4_E1ET4zEd7MiSrJYmYGWHd2iNPRGzc9QQ23osInbC6ZizXS38IjzLuUqkK22xNVLWklwrF9gX8bgalYMtjgO-U-VC9awxJMXhC-QAlZEoUykj87HWGApuYZzfRQircAUwitPq3l7IW9ziDbO0RCDjSebJ_c5fUZSOCrSOXxcRwTbOrRhCoNYt6HKK_8xpG1ZXPLydUMgKpCF8sFY-7u7CfvxA3xZ-E4KdHeMUo3I2AMWVBuBbkweraUvKnlbV2RPaYkE4DC0m5C4M6eLrmOM8PdYzT-ztLM5S0n19skIkXngNdLohCrr4VFnQyw&cid=CAQSGwBygQiDEMJRO47-UFINQa-ln2zdFIw-RHoZoxgB&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpastelink.net%2Fainw78r4&ds=l&xdt=0&iif=1&cor=14691629281178227000&adk=1953862145&idt=662&cac=0&dtd=14&fbi=1

Requested by

Host: cdn-copclient-w.media.net
URL: https://cdn-copclient-w.media.net/cc/creativecop.js?https=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

0979842b768e8f240395935c0e9759ae77ba6aa9848e72b13934e53e59dbf7ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35640
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D0AE 83 KB
35 KB 337ms
336ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn-copclient-w.media.net
URL: https://cdn-copclient-w.media.net/cc/creativecop.js?https=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

30f596abdb835aaf9cb8c1a7edfb0ce81faaa6f2a159a9963335953d9a9799c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35383
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3BAB 0
10 B 145ms
143ms Image
text/plain 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?t3-Prg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:09 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/ Frame 6D7E 29 KB
11 KB 168ms
167ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CCOgoRaK_t4DMrj54Q-lCNFVKsdZHesb44k6KzEu0UXd8Ho7nqP8-79fZadEfZ4McZWmGEUuVj9bAakTDYU9u2GmoLJ1Fh_Z6gUnUjPq_qSrfi8evH_j2t-wOh6lZAX81WIA7lSuBOxtnRuzscS0gZsGMWQksBOmXH1QyqdiumWtcj-oo&cry=1&dbm_d=AKAmf-C4fmd6Ju7etbF35wVGgk09zh_0zXmqZr8rmH9f8Yuy99lECKDVCgGcm2G3OVNY1J09IjJxXv3l6L3z5R4V75yKS8SzrDo4x1kkrELNwOjEzaIsv6dWqj_oSwH5HMHEkOBV5NdAY1z-TViOUmUb0CY38eqX149JMtZgTI9KptfzHB32G30AWdHJ2kQDkb8kXDuMWZwBZmidlvv1ae0loZr4NZltTZobp9DEFmFHUDD_5GYJP7CDvYQV0Ak4UVW2BeofMyGoc2VnE0VsQSVhITPdEuLdmesX3gKuw3EmLRVuwxi91uhjo-eBWm1UcGsu3x9xpCD6SAYq8NLcK8ai6Sjp7TwKr0Vv4OTcAf4vFG6LD2jNN7YNlE8cuZkRb_3k6OfzgwxpYh0G-2ObpQBN2AStu4aBEzw3ImPVWv44olQX2x812F-gWiKrzccB_jq3bUo8Fm4dum-qX4jzem3ieDBmvftXq6w7GL4cMhPtS7mf_vlgzpPlrmcnTdZLpA23B82P2TnCoLs35xa31W4NMcW73PgCbOLt5xaZj0BSPncMhsj2eS5JrVUr0RB3qVPbmrqnxRqBaR0h9GlvngwB6BmDMCQuR_Rk6awQbNT5OpXo4iQmWUZEKqDnfpclH2PWJyXCVi3A2wehwZbiBtZc3ss9x0imW_kHqOnMx6XcUjGkHzr2GM67QCt8nA4PFmQOUc0HuVP_fpTCcFa3fRed3mgF_TLKfunJ8gevK6gYubeVahItPquZiL5-UqBS1gO8l9igNXMXpgE7xplpC5kOWw9QLdFwlJvMKT75oN1TD9T8QlkAn6aRwBXtaZlQ7XQCvjYs_TVyTCat_I_R2medOkwyphQJeuM-evhKHIlDpcWafrB1swBZAnzk-zbAK7V1VGRPI-2M21PLQIRZ08RH9RB5J1ruNkD-iMnKhOcL0BJHkwbSNUJLuVeU7RKW3WLfuVUQU4DH-z9sw9SO-0T_73z487_tbPgMk_1HRDO86FyACCTvqJHFXT3JyIPSStFeSYHI07O6MlZq7xflUxqhv43-tJXTk0nxfAjHiVHvEd2CFSP0dCFsu7unUJlylVZQ68ZFYWD1QMjmzQvWftTU_6VzTb3nXLz_ryQpkg1SHcmS_6QLlrj601B6xLvYlSfCS1AVsne4ur3Mvn3Gu89JgtG0n42ol4RxGczHUsgQAz4H6KxkfXLjtfIVuY-OraacEp8U1ZMNuwXEYw_dhmXsPSlu2TSC1A5XcPc1LhOn10ohv5_m6HgjYWcb4IDiEfey7zyVnHddzNkvbIh7l4mjxUYhcdZBAz6AY3f5DM-Bi4dVLUYsZOwNn6VsVytLa0euoSWTNZhSMJyPOKgM1LHeunthZ_IggroYPag9K0njbEUlNiuV6hD2-v0aW1knmdV-xWalNq_jFC8NzsCUwompchsJb9u36GIEnXBuL0SwF1EB1Zh0e5S6IvwyIsUKnRNN_jUwjKcTJo6Rq9hnPbEAdyzG24gtpvYcJcRPoz8rLNNTYleMg34zqNK93ORtHtHFlFaB9FrZFMlJEJJSdE8fMmZq90ozWTjGXZeycDrF3tf6KuE1fxMMUJHj9hXSiQYcO1WhX7fPwYeEL9m-4FmqKxZtkwat3iuS7PJfSaJIkGulGSMgBQLwxe13VN5fd77WsKAPzQAjFHRCVo66ZFYRUSZBULYygaZwNl420QXtypPt3VGZj260BuYsyWvgY9t85h6PbT_DUM3O5e_PkkTqqLxZ_dfh-ckofsEf945wsv3zWpBQJDfFpcDoBhPsWcp_2D4xSGwnNEafW4mNrgKL2q3k4TSnDWPSt8p1vZotwDbtaXlqt982NXPahI3VkES4lHseOnvEA2xZxd0wbpF0GzDrSg6MREtYGMiKO7g0Cd30pbi6x5jzwSvgNX8xEJFfJo8QLXkMPz-r9fvb2Z7Ev7IqX8GiTj2M-RtvPnkAW4mS0bRLyQePkgRKl2K-ENJGyCpQ-jfBAeEEyxrM25Tt6cAmEOLRgtP99vbcgk9iguz35aM-0IcQwmxasISZav0qVvEv599-VLS7MLuCPYdi1ioTHY8xKJXbf3sVvGyoOoXhZZWZLDwjKwwnaDQHUtgGum7csEK0yYdEprttyOB7HEfDTIUfnz5u2DbzO6pI7dYI6fYgXgY22_OkUETtf6k5_91c4bbHUx3krH6CXhKICLVIpDZ_ubQf_9piKnztiUdxISOyRl9at4JR8vlQfgsZLTKWlIF9gPAiUc_wrV1qzdaofaq4sd3A8muHGS8TTydfx3J_SMz62G-4UhHQ92mrsOhyOYhrKNA6zs4tonTol_DhKid6IYTG49ff4zF3hm8x7j8nCh8dnoCniYeT6AR_0fGIjK6kT_Dp2k-Y2YJDCpMiZ7z_gpzBmlIQMcQABdehJKmooYfi0OhcLPutSPcO2dNOzdiqbzofTWS-kbwLBwv3DzwTElcolPgaIMKLlUqCWLbJVpUNPzun8-WDJ5XbZMew8_gdZu2RAiBsX9x65O21wk5PSqjZZoHQ6lijvN45LKxRHo-YCGb9Vjmqauuue3PIrrX5to7rT_lymx-heCwR-O1w0WOh4ETL1Fgy17Koj1KjmfpgTr5qWXdHIKs0HRSHOdu3z0FTzLTKUDcAfDvW8LQ483hJ67gV26pILWzv19H_tsXpitxZVCT5pz-y9gHvRlsUX91rlEGshopZmiHY3qnIQ50gJIRrDNq4Fa8ii6KPPczrqgAHXJPhtbo33LcRUr7uE1N_EBYAQBMegdy8zaHjFrRsKjVZQReAXXvFmLnGe_p569pFYnLciWFmffa_RF4XaQ9fWxv0hnaXxz41tLq8_ihH_SVIAnYhvf5wuf9xVR5DjSIatsKTA2VQKpL3m_m6YC7jSfpwfcJpYmToQ16gkmR_iVNCarlBoRcPMU8I37yVDrPjcI_fTUYvCPsRob14jsurGw82paZAY4R_OABnYe4-fZwZ8wT8GEK4HEe09nxy3-gO5EsHdCUADP64C6yE0TgtNHxJA0tvWbC2EHO4hBC9kyGPNw4TDwwe0Vzw8oncfxWromNP_afS20q_GyDcaDtFDRzlfaRmmdMgdDCilKjo2z1gZydWfoBaW53B7uK60Cr2zREEryarG5VFH4OcStDlIuYN6rIW6xyxj68kmRHnmY7HRRUszLqR9xlnRKem9iLavTXmoYCSd2daoArdW-ZCEs8XHqyBszA-RY7QOSUY9aasC-x94PBbzAEtd2I0Ox2PHhueTdUO2uGbAqQy_8X-611g78cwfVC08eNZgVI7GNfSK_ja8KH7sMWLxOo&pr=8%3AE805E09688EF2BB0&cid=CAQSGwBygQiDTw1BhsCkZOUhdC6hyb0qhD_btPuR2xgB&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpastelink.net%2Fainw78r4&ds=l&xdt=0&iif=1&cor=642482739479847400&adk=1814326990&idt=512&cac=0&dtd=30

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 21:03:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24211
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11027
x-xss-protection: 0
server: cafe
etag: 5492578185836041520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Jun 2023 21:03:38 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/ Frame 6D7E 11 KB
4 KB 168ms
168ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 14:15:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48718
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 6053914914909336730
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Jun 2023 14:15:11 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6D7E 0
0 475ms
184ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvzdHdjVyEXztmQLn6A4rQMwJY-dPIhaj3dlxTlnXKQtuCu0usJo9dinoWBnXCvxYf290eP0TGqgaWXide1VbFkv8m7XA8YV_tal7WW8LFKkFfKbghl8tyn9E5rt5yCVOn_idvEaSXdYOoFzXbQgBVl2xJo5YpgFDLbBxEgXeRAdMPiFU1YGKwe9W3NqTW7nUJSVT3nwZUUdjG6_bNRtZ_AqTTAyT32j-7u6yGFjcDLyGZRVK5B5W98mOBlhsLc9FzYaaiGWoBrvcrDS7cWHICVv54V9nlj2qI9qhPAs1MNlFzycPqLvpHIMljmpf0x2aUFw5TjN_WiC5qV0uvuLpzi7TtMwoOZkZNz8z1TzsUjAM0WShQfMS96_4plSQrzyL_UXEamn2WdsZNxjpVHjYdM37BbDbBmJS7p2T0fEUHJpjUseCEMyCbZqtDbM-GSZxIvDjXDwjjwrfm2IjUl4vhND-R8KMnqUeRLj34isW6swuztK_1XBx1KryfKeAedFM8O6LFcjdX2oRuwBJGHkpxF1GhnpQRzUmIrSNpJhrOcOQkxCGuJ4SjZ92PhEYOJJhjXWHPd_PZYzCjguxp2ZlN1UwwLNmxCu4M0X0vD7_uuX2Fyngmi58M_j8nJyM2p8lR3Tk0qXHPsrOf8jPxlw7fGZms6uIXMGXoEPB46oZsxLQld9Lno7gpyG9H42u-FsPWV8B8NBioe8Z25naAM7O1n5JJufV8NUM2nKeI0SOeQBaYpN7RaatDOZ70e962fHsvJL05izHml6-Q_uex8REMjx_K4cDDcxaubQ2lUBSakVTnT43cwNn-8ALtZFG2B28Ap3EjRLd9VjYccKKFtQMkG5gmNVGUxjz1g7l6xckjpWfVChD-4lYWctZ9dt-TzTZEuQy-FhNSA29yhhpekZFeVjEaaZ5S2-If85oHWbkUYlElzeUr087lyCQFG1o4LrKf4_LRLP67I7-fBZ0CbcSMkdDHEM_tfhktc170kgIpWOHh8-fdTXg_yDh15wjkWwurs1JQ7L9XIdCBM_JJ-xnbcIm2tNG5zCx4NTQqe5t_NGjFk9z16SnZG_awrXfy4y7W0DuTheEI&sai=AMfl-YQpYWgWotgh9LFczCsP1lEAQ5dDA2uneppeH2jQI4xLZ32ENM5mEIvR0hGroOSLZ5XPLuqzOmKMI-E-tBYYWOBS7az7oDBaaYHKD59LY1yeMiX-yuRz8ugH8GTWv8PXTLMpgA_wr5GaLRQJf1hhT8s5efiej5aCOe8sGMoWF4GRYbV89HM&sig=Cg0ArKJSzKRb1NFEwlp6EAE&uach_m=[UACH]&pr=8:E805E09688EF2BB0&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230531.34183&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 03 Jun 2023 03:47:10 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 03 Jun 2023 03:47:10 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6D7E 41 KB
15 KB 172ms
172ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 18:25:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33713
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Jun 2024 18:25:16 GMT

GET
H2 200 3818194417041688045
s0.2mdn.net/simgad/ Frame 6D7E 90 KB
91 KB 437ms
134ms Image
image/png 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/3818194417041688045

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

sffe /

Resource Hash

d35a5ce9acfbc3cc426c0cb20d50aa8a5e45c64aea1aa01d9384468c0d8a46db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 May 2023 21:00:54 GMT
x-content-type-options: nosniff
age: 283576
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92439
x-xss-protection: 0
last-modified: Tue, 30 May 2023 09:17:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 May 2024 21:00:54 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 8C23 281 B
554 B 443ms
137ms Document
text/html 23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=ge
Requested by: Host: pastelink.net
URL: https://pastelink.net/ainw78r4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 03 Jun 2023 03:47:10 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 6D7E 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4f7380799ae6f0b52cdcd5f72dc70bf1ccd5d631e99aa156360ccd3fdcbbe49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

cs
cs.lkqd.net/ Frame 4D12
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&gdpr=0
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESELUgkN9w6lvBA8t-0CoQ6t0&gdpr=0&google_cver=1

43 B
534 B

222ms
219ms

Image
image/gif

146.20.128.172
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESELUgkN9w6lvBA8t-0CoQ6t0&gdpr=0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6TkZIDEMGZ6MsDGOrGnukBMAE&v=APEucNVxjerDcDixP9IoGOmWLicFejgnuEIlHvF7s3Axf-244q0OML-bQOytPV28DJKn5w6SuouigWYcalGK6AgyzGqi2mxSb9IHj6YNcPfudcA65J7_mSI
Protocol: H2
Server: 146.20.128.172 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:10 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESELUgkN9w6lvBA8t-0CoQ6t0&gdpr=0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 307
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4D12
Redirect Chain

https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=VDVERkJPY2NJMGM

170 B
232 B

148ms
147ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=VDVERkJPY2NJMGM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6TkZIDEMGZ6MsDGOrGnukBMAE&v=APEucNVxjerDcDixP9IoGOmWLicFejgnuEIlHvF7s3Axf-244q0OML-bQOytPV28DJKn5w6SuouigWYcalGK6AgyzGqi2mxSb9IHj6YNcPfudcA65J7_mSI

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 03 Jun 2023 03:47:10 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=VDVERkJPY2NJMGM
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4D12
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEjxyfkViFAQy7TALmbK714&google_cver=1&gdpr=0

43 B
632 B

268ms
135ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEjxyfkViFAQy7TALmbK714&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6TkZIDEMGZ6MsDGOrGnukBMAE&v=APEucNVxjerDcDixP9IoGOmWLicFejgnuEIlHvF7s3Axf-244q0OML-bQOytPV28DJKn5w6SuouigWYcalGK6AgyzGqi2mxSb9IHj6YNcPfudcA65J7_mSI
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 03 Jun 2023 03:47:10 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEjxyfkViFAQy7TALmbK714&google_cver=1&gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 324
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4D12
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZHq3vReiBL7WDHSRuH4RYwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEjxyfkViFAQy7TALmbK714&google_cver=1

43 B
632 B

143ms
136ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEjxyfkViFAQy7TALmbK714&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6TkZIDEMGZ6MsDGOrGnukBMAE&v=APEucNVxjerDcDixP9IoGOmWLicFejgnuEIlHvF7s3Axf-244q0OML-bQOytPV28DJKn5w6SuouigWYcalGK6AgyzGqi2mxSb9IHj6YNcPfudcA65J7_mSI
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 03 Jun 2023 03:47:10 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEjxyfkViFAQy7TALmbK714&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3818194417041688045
s0.2mdn.net/simgad/ Frame 3BA9 90 KB
90 KB 472ms
237ms Image
image/png 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/3818194417041688045

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AyDm_ow6MxbFJed_csC8f9swp2AL3uP5U-irkp3DhGlP4vBngJAwP6ex1R7VCf7aaJOIaY__rIcbKB7Fc90o92hbkiPbvZ2FISAYopjXDTfT1PO4Y-sWF-K6PL2mCv6bt8Qppp8Trnd67Rum2qdhn_wzhY2LLlmRxMVXDmOV5iRVNMMNw&cry=1&dbm_d=AKAmf-DKIT2lV01Xo5CGGq3xXKeJUmV1cs2_ybXvUCfxZHrVtzXSVEkuLyRqSMl0OoRwxwcMV_vborOZVHGTBbLFU4mWuRxlHElOHLm9zQUqrnaQVLqzYQ8_IYEYfgFuPVWgkZ-1yXLQkYupNsHXSs2KuSTGpbxVAWbfATBqoqqMo9oK_UeDJuuM3XVu8UQd7Zf5xpcNOqPK96lSscCYPVCyrrMUqnDgmHFykDfLv9UZWvaYBZMlYESOYkWBMlHEEGG241fsIqv2qRiRDtv1K5KLZEbpiaLA0NkBfXbHyWxp_7Q77IWrHBZdVo3CS2nqqaLNtv7a1Ftx2C0cKbfRfuWSu6R8r7TVKsHOcAG7xMdbRRTkJeXJfnv58kxm4ONQxT1KzIro01PNBnywFW2qjr3QsNEFp_idJxRAeIxbWYNmFSU8ooVsT-oZkowdyz1siU13eqdg63Xmyu44lLZzd7m0nc8yCHWHd5NscCq26E_mc5UAGcyf92n3U5vV-x6vQCQGGXngeIN4yOQno2kCGeyCtW03yRlGJjL_bcqaYd_GZyVf_u-P7DlEMORxLJArDqrqz7xsLqOG0WOLcUHC6U3kHRHTrT6urZOJFvhBizIlCCLFMt0w7OA3hZGNiW9mnZK7Lk6_SIC6FO18TDgsnIYYbHp28fkd6-0uwg8hMpONLGsszHrc6ikLQRaEbtzyhruhiRZWCCO7fXXoMnr9_Z3mbhYO01JWX8b0PvwzsxvVyDd0U15lnN4JS93FJ7HrlsF2flj9jAd_1T6zRlHIB-a_DhK16J8MfqJgg2CSIlTz2LoaxxohAj2hddMy8QTMvSFJYL3DbCqHrpE1kzKUSNJL1jhF0aWBelG4vckC3oxsuO0HGXXYlSWjpnMJJuqK5uv9lPfS-3cPn7G-gGKBDx8YQVCEvvwQLyPf9PT17BSDTY9A0gijqxfUcHI-0tlGMnnP9w2uF9Ayy_Z8P6YdPeMAR1jC02ewo81L-ndiorI0dgfwOwQ0QGl1BN-w2Bw0vz21uOZuwxhsn0LOXaCa38BnacNVBBQ7K266lwfrinDXL9pvL4wmiM7-7cUY6B7ncV6upYcPCjFxZXCZTYXhviB1dEYIIRuRBF-8BgC1N3nvXa4hXe4kb3ON5t5Z75ZjGE8XS8LDugZgmp0Yig2ilbY4ZS9KQGoiM8aavf2NX6NRejOFikmHo6m7D9uR28x0CP_aHLlIskW3B5A3IerpJ77pGVXOXoJIVXjktLzwPiW19_IA38ByBkkUUZsylzuRlS8GsiMQ1zEVWqhqY6cWdin-rjZPl80LJzGY-5Swwv2PmlO8XBjZiuCQxK1GAWnpswhTMwrBfk7XQdtU5TG4wp-ufgLbNd9hePmR7gpG5q3iWVwHnjc_wI1CNTEPzLWCrzG-vXTBe2egOrLzERJUADLpdaEbe35rnwMU7i7OhnhlWT4HQF6xo7ldONlcJ9cTeMoZ36YWMCgkmTptbd2JhQ9LoNd7LXxZ0Z72uKnRqL079giriB5F3f9taEGz10dVrexnVFB0-PwpoOTagRSaPC-Dnbeex2COEr_yebgsiYLw3KNyQ9xX-rifIq1q1Zxsnz0IvIx5KINYRYDQW34wpNXMfhfGsNCinIUzXfDol832q0SfYh9JqL5rtJj72CylDDQk3buAWJDNMGn09kVjd7r3WAbUs6YGa4MSBllXgPm6kUfhy88LBHyhrbA6lB0nK3OSXxaU50HCk9B_K3GQkEpKctNx1Nt7_qiFXIEShT3cL4s-fmIrf27OcPyXIqs99A7j8K5PFSnNWBcFLlDOZIcsF26-7w9qlm4DkIzOZfNB1fO7XjbrPTW32S1MHuRBlKEVLO6981fqspdgxBs57WNT-4dKrQ_qoBs7ITomSwsI-clWvLjN5-Ns3vivBizDB3ULDcQG-C8hFDxFLDiKEjsYnnSskSgu5zQTSJfbQ95YFR0_AaprYtprXWpDF_HCVNWPVh_e7pcVgXhfle_s7IAly4cze8cdvHo5l0lbRDlxP8fPNkc15-IV15aS1AnEtvih1uSAH2wv9NXj8EFh-o3hXw4gatoPsHg9c2N_zG5KBm6bnQtMcW9fwITxQ3XvSOwi3jEPyLSzdy_mSdJJgF5yIS5_AddCLPTLYqoac3caJbwuKZtcvRSjRzRhI2W0KJaB4_XPK2XFyl21Nb8d4x8NXt55_VbO26HeHosFC9jMdd8qTqO_VdgDu-qdo-Ql2Wa8YwJpGt7fj7YqHlGmLSwdchE6iP4juyjkFS4PiVkbpFAjGB3cg_LT-tK1pXfNPBSGkxFFus5t5XKGmxfmoQEjR1pFVsdZrAxAg_YveDJE3P6wHQizcMtFWGekfZtGGTpFgDyTSZVgoXt3Zj--ReU0kIqYoA5-OZtpX4Ua8QIJ09HGph66t1IZbn-N4A2izS_OMpvypYt8xFH_Fq6rXUfHHya6eLkqjm_v7hoKLBB9YpJbHnpxDDB-Hri9edIcaZSQoDPLCnqipYmfLIZ6cYUMcQunGOuFLv3UCRj3dm_Gk0qtvytesZhXt8PIzrgMdXmg8XaB_tu9781JZWtELvDxlF8shZnC8g0u4N6Nda0foxpW5mWz1UWvPaZy6Ta-bo0pfCIgbbRFmfeH2DbVHtdKc0aLd3lPgfbLAuoBjalk_kWcj2wWGR_Wqji7Z9gzc-2sDlQgnu9lAgM2h1yQ2lD-Iuwrx36eS6NAu6gH2kXDaMUyvnx1U6qkKe4iAqb-H6uC-6072nJspZhy7SafSWsWDbd-G6dW6c227Mi2JrnrEN6RCjGmS2v59_eCfGtGuAz-AcS4Pe34kDAWzQ92mvJlekTqj0NK41Ne7V18m6qC1WOb5aEl9CUiPJrrkjxQJYv7MUunI9eWU9hIThpPQ0_9l3AoJ3ZX7ObMUz3l9LaEMPkS_ausPzNv9UXtAZ46tCva69NdZhHKVIpqw0CSa9I9ejNSNkThE21lItgq1ROznATGWNtheZRil7R0SsqZmL-qWwFPyvrFmu83FDX2vzd4JSWvlkW16TcnunCSLbHzjUey_Uz-amSKPP40l3IQmlzQhsznqZYHFr1byYL2gcQnH61xu0-R-5eOGWR08K1vQYlQzlTLGgZlSATk7ev8NvV6pe0NcnkdK2IWtQsUGdnh4I28Un3bvGvN1Q_mwoSSX_bn2QFKY1b9hx0KGWBzGLpsxHqxuLEbGx3ATqSxZqtohuUSRfpQcz5PcMqBdMqkCPrPfMoIsHYwaUEccqhlNPYWB3txCB8fxFPw-lERBQmYNp9RMhyG9yeRAWJnU-57tUY-eRv4_6c&pr=8%3AE805E09688EF2BB0&cid=CAQSGwBygQiDk1DuDGzATUWK7sn6YfdhatneK3GNFxgB&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpastelink.net%2Fainw78r4&ds=l&xdt=0&iif=1&cor=1974257255291366700&adk=2403728479&idt=585&cac=0&dtd=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

sffe /

Resource Hash

d35a5ce9acfbc3cc426c0cb20d50aa8a5e45c64aea1aa01d9384468c0d8a46db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 May 2023 21:00:54 GMT
x-content-type-options: nosniff
age: 283576
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92439
x-xss-protection: 0
last-modified: Tue, 30 May 2023 09:17:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 May 2024 21:00:54 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/ Frame 3BA9 29 KB
11 KB 138ms
137ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 21:03:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24212
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11027
x-xss-protection: 0
server: cafe
etag: 5492578185836041520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Jun 2023 21:03:38 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/ Frame 3BA9 11 KB
4 KB 151ms
151ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 14:15:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48719
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 6053914914909336730
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Jun 2023 14:15:11 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3BA9 0
0 403ms
184ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssMLuUYYx4lmNvBn-6lrwkZiuXKKBrevP2NaKLBzHjPEBKuev2sSO4oemizuheFbN45dGmC8dBaGwRw6Kp9O_a_EJehlCGcutQ4o6LVtmudmoMQO5XB5X4ILWz0IGp8pyAe0-BansQ3AM1rQTcAVZ6Xs389-MtCvTMkmOEt7JhAG8Pm_HRjXtMjmdCswhxxbWsi6OvAmXKyECyKfRhVCQRfOoxPH3lLTSnfnBR9n4IgiMUUFT3CORvTsC9vEPomaWsTkoOeQb6qTZCsubeaHge0U9ptkw0YvndhXqZHca4QI8Q-dUGO0FvdMZcLokvukxDXPszSJ6ic-k8xYJ_b_7drepmoC-FIjKOaPiOa5o0ulAu-n7BAXPbTsHVjWBYqc72r_c-mD-v4sQRLoEeao2voht2-JbnTt4zTRcclYtonew2hzgyLLVR01FwxeUScxVPqyYrZsbOl7LISRX-wIG8BSdhTnY9KPu-P0ERLqnjIN5qqMyabtcjK0dRbWpUYJAnwEzbX_j3pAdb_A1OuVZDr5Kk1MeCWer5GhUCg97Dje-2ZD9FZkF3cg5r2vSWA54WZy0yyehS5XBunOoC7NHeHUfGxM2i-MHEDg4Pci9OIoIt58raF0qbu8QonCTaq5Gv_bGsGhy8_CAoeZW6I8bzxBk2GaUmAHqH85kCAX86keP6h8Qn8WrvU0SuW8FdNtVvwNxxgPxfZYRDpmMW51HlanBO2fbeuveBmv9gXPpLYwgkK8l9r6yUWG7rr1SEDZ28ogPiazQmlxHA6Woz_efrABBVnY-TDOlJMAZjGrJPQwSCCVgGxsjRU5T3iLdFewFOW6F4Xx4JJDc3RSt4Tmwurg5hjncXHy_GJlBFs5rQaZXLw9Hi6T8QrwrEexYANk-b0J84ffdHPhdOPm3fR-vaJVdZOMgHpFnU7UHRM_7MAxwnVz_0oAJM5m2wwZy4-K5DLMDlLj2xX8_qQyIeXWVCljwszBwtPtY2mdDB9FAnIau8ZPLdehipYnI1JlL8mTb3yu3InqkA373AIox8G4yHasN-K10isM3j6BAPTBkjwo9iWzVQKYM4XVyMWG43CsH6NGJW9tFw&sai=AMfl-YRMzPL-j6LVJYRKDI7-EtugC_2K_4PpTTBarJbG0Q28duo8wRdlrFHjfLZuIWhQxdUPpOEZRcOPT3T_dI9a661fIXWM6hPFOocmP56KRafXgIRQUyydo6uKDvKo0zkU2ofCGUt7ah2mdJpDk8dBZCUkeUcESl_T6xoOxUM21DnJ_c4AtKs&sig=Cg0ArKJSzKbkCGZbSfxHEAE&uach_m=[UACH]&pr=8:E805E09688EF2BB0&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230531.65218&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 03 Jun 2023 03:47:10 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 03 Jun 2023 03:47:10 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3BA9 41 KB
15 KB 141ms
141ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 18:25:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33714
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Jun 2024 18:25:16 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame A355 281 B
554 B 455ms
144ms Document
text/html 23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=ge
Requested by: Host: pastelink.net
URL: https://pastelink.net/ainw78r4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 03 Jun 2023 03:47:10 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 3BA9 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b10c5d75507b2058e34ce5170e4b07a0a27fc6a13021d678ccde552b30c76e2f

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame B434 111 KB
39 KB 413ms
135ms Script
text/javascript 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastelink.net/
Origin: https://pastelink.net
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:43:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 241
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 04 Jun 2023 03:43:09 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/ Frame B434 11 KB
4 KB 137ms
136ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/omrhp.js

Requested by

Host: cdn-copclient-w.media.net
URL: https://cdn-copclient-w.media.net/cc/creativecop.js?https=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 14:15:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48719
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 6053914914909336730
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Jun 2023 14:15:11 GMT

POST
H/1.1 200
OK lg
coplg-w.media.net/cc/ Frame D0AE 0
124 B 754ms
291ms Ping
text/plain 35.233.184.126
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://coplg-w.media.net/cc/lg
Requested by: Host: cdn-copclient-w.media.net
URL: https://cdn-copclient-w.media.net/cc/creativecop.js?https=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.233.184.126 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 126.184.233.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 03 Jun 2023 03:47:10 GMT
x-envoy-upstream-service-time: 1
server: envoy
content-length: 0

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/ Frame B434 29 KB
11 KB 142ms
141ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/abg_lite.js

Requested by

Host: cdn-copclient-w.media.net
URL: https://cdn-copclient-w.media.net/cc/creativecop.js?https=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 21:03:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24212
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11027
x-xss-protection: 0
server: cafe
etag: 5492578185836041520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Jun 2023 21:03:38 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B434 41 KB
15 KB 142ms
142ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 18:25:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33714
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Jun 2024 18:25:16 GMT

POST
H/1.1 200
OK lg
coplg-w.media.net/cc/ Frame D0AE 0
124 B 832ms
283ms Ping
text/plain 35.233.184.126
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://coplg-w.media.net/cc/lg
Requested by: Host: cdn-copclient-w.media.net
URL: https://cdn-copclient-w.media.net/cc/creativecop.js?https=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.233.184.126 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 126.184.233.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 03 Jun 2023 03:47:10 GMT
x-envoy-upstream-service-time: 2
server: envoy
content-length: 0

POST
H/1.1 200
OK lg
coplg-w.media.net/cc/ Frame D0AE 0
124 B 825ms
276ms Ping
text/plain 35.233.184.126
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://coplg-w.media.net/cc/lg
Requested by: Host: cdn-copclient-w.media.net
URL: https://cdn-copclient-w.media.net/cc/creativecop.js?https=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.233.184.126 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 126.184.233.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 03 Jun 2023 03:47:10 GMT
x-envoy-upstream-service-time: 1
server: envoy
content-length: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame D0AE 111 KB
39 KB 516ms
255ms Script
text/javascript 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: cdn-copclient-w.media.net
URL: https://cdn-copclient-w.media.net/cc/creativecop.js?https=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastelink.net/
Origin: https://pastelink.net
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:43:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 241
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 04 Jun 2023 03:43:09 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/ Frame D0AE 11 KB
4 KB 138ms
138ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/omrhp.js

Requested by

Host: cdn-copclient-w.media.net
URL: https://cdn-copclient-w.media.net/cc/creativecop.js?https=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 14:15:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48719
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 6053914914909336730
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Jun 2023 14:15:11 GMT

POST
H/1.1 200
OK lg
coplg-w.media.net/cc/ Frame D0AE 0
124 B 835ms
280ms Ping
text/plain 35.233.184.126
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://coplg-w.media.net/cc/lg
Requested by: Host: cdn-copclient-w.media.net
URL: https://cdn-copclient-w.media.net/cc/creativecop.js?https=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.233.184.126 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 126.184.233.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 03 Jun 2023 03:47:10 GMT
x-envoy-upstream-service-time: 1
server: envoy
content-length: 0

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/ Frame D0AE 29 KB
11 KB 137ms
136ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/abg_lite.js

Requested by

Host: cdn-copclient-w.media.net
URL: https://cdn-copclient-w.media.net/cc/creativecop.js?https=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 21:03:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24212
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11027
x-xss-protection: 0
server: cafe
etag: 5492578185836041520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Jun 2023 21:03:38 GMT

POST
H/1.1 200
OK lg
coplg-w.media.net/cc/ Frame D0AE 0
124 B 389ms
280ms Ping
text/plain 35.233.184.126
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://coplg-w.media.net/cc/lg
Requested by: Host: cdn-copclient-w.media.net
URL: https://cdn-copclient-w.media.net/cc/creativecop.js?https=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.233.184.126 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 126.184.233.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 03 Jun 2023 03:47:10 GMT
x-envoy-upstream-service-time: 1
server: envoy
content-length: 0

POST
H/1.1 200
OK lg
coplg-w.media.net/cc/ Frame D0AE 0
124 B 288ms
287ms Ping
text/plain 35.233.184.126
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://coplg-w.media.net/cc/lg
Requested by: Host: cdn-copclient-w.media.net
URL: https://cdn-copclient-w.media.net/cc/creativecop.js?https=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.233.184.126 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 126.184.233.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 03 Jun 2023 03:47:10 GMT
x-envoy-upstream-service-time: 1
server: envoy
content-length: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D0AE 41 KB
15 KB 190ms
189ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: cdn-copclient-w.media.net
URL: https://cdn-copclient-w.media.net/cc/creativecop.js?https=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 18:25:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33714
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Jun 2024 18:25:16 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 123E 37 KB
12 KB 479ms
194ms Document
text/html 95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

3573e1d8bb1f663a088437f90cc48936601f7ecb9524a1ce0f700f7ae45e5f4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 12238
content-type: text/html; charset=UTF-8
date: Sat, 03 Jun 2023 03:47:10 GMT
expires: Mon, 05 Jun 2023 03:47:10 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 publishertag.prebid.135.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 516ms
225ms Script
text/javascript 178.250.7.2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.135.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1685763600000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 04 Jun 2023 03:47:10 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame AE0A 22 KB
8 KB 145ms
144ms Document
text/html 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 200408
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 20:07:02 GMT
expires: Thu, 30 May 2024 20:07:02 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 13D4 22 KB
8 KB 141ms
140ms Document
text/html 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 200408
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 20:07:02 GMT
expires: Thu, 30 May 2024 20:07:02 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 VQdDSOd05UIjXCKVon8X_ASAqVpdX2ccZF2BDi7w8G4.js Show response
pagead2.googlesyndication.com/bg/ Frame AE0A 38 KB
15 KB 137ms
137ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VQdDSOd05UIjXCKVon8X_ASAqVpdX2ccZF2BDi7w8G4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

55074348e774e542235c2295a27f17fc0480a95a5d5f671c645d810e2ef0f06e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:09:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14834
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 03:09:21 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D02A 22 KB
8 KB 143ms
140ms Document
text/html 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 200408
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 20:07:02 GMT
expires: Thu, 30 May 2024 20:07:02 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 VQdDSOd05UIjXCKVon8X_ASAqVpdX2ccZF2BDi7w8G4.js Show response
pagead2.googlesyndication.com/bg/ Frame 13D4 38 KB
15 KB 138ms
137ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VQdDSOd05UIjXCKVon8X_ASAqVpdX2ccZF2BDi7w8G4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

55074348e774e542235c2295a27f17fc0480a95a5d5f671c645d810e2ef0f06e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:09:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14834
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 03:09:21 GMT

POST
H/1.1 200
OK lg
coplg-w.media.net/cc/ Frame D0AE 0
124 B 286ms
282ms Ping
text/plain 35.233.184.126
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://coplg-w.media.net/cc/lg
Requested by: Host: cdn-copclient-w.media.net
URL: https://cdn-copclient-w.media.net/cc/creativecop.js?https=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.233.184.126 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 126.184.233.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 03 Jun 2023 03:47:10 GMT
x-envoy-upstream-service-time: 2
server: envoy
content-length: 0

POST
H/1.1 200
OK lg
coplg-w.media.net/cc/ Frame D0AE 0
124 B 278ms
278ms Ping
text/plain 35.233.184.126
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://coplg-w.media.net/cc/lg
Requested by: Host: cdn-copclient-w.media.net
URL: https://cdn-copclient-w.media.net/cc/creativecop.js?https=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.233.184.126 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 126.184.233.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 03 Jun 2023 03:47:10 GMT
x-envoy-upstream-service-time: 1
server: envoy
content-length: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 531E 22 KB
8 KB 145ms
140ms Document
text/html 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: cdn-copclient-w.media.net
URL: https://cdn-copclient-w.media.net/cc/creativecop.js?https=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 200408
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 20:07:02 GMT
expires: Thu, 30 May 2024 20:07:02 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 8C23 34 KB
10 KB 145ms
144ms Script
text/html 23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=ge
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 030640c513ebeda61a248534f3dd8589b12213cab09eb3d079f16083a7dc4546

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=ge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 03:47:10 GMT
Content-Encoding: gzip
Last-Modified: Sat, 03 Jun 2023 02:29:36 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=81685
Connection: keep-alive
Content-Length: 10113
Expires: Sun, 04 Jun 2023 02:28:35 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A355 34 KB
10 KB 163ms
162ms Script
text/html 23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=ge
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 030640c513ebeda61a248534f3dd8589b12213cab09eb3d079f16083a7dc4546

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=ge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 03:47:10 GMT
Content-Encoding: gzip
Last-Modified: Sat, 03 Jun 2023 02:29:36 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=81685
Connection: keep-alive
Content-Length: 10113
Expires: Sun, 04 Jun 2023 02:28:35 GMT

GET
H3 200 VQdDSOd05UIjXCKVon8X_ASAqVpdX2ccZF2BDi7w8G4.js Show response
pagead2.googlesyndication.com/bg/ Frame D02A 38 KB
15 KB 145ms
145ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VQdDSOd05UIjXCKVon8X_ASAqVpdX2ccZF2BDi7w8G4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

55074348e774e542235c2295a27f17fc0480a95a5d5f671c645d810e2ef0f06e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:09:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14834
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 03:09:21 GMT

GET
H3 200 VQdDSOd05UIjXCKVon8X_ASAqVpdX2ccZF2BDi7w8G4.js Show response
pagead2.googlesyndication.com/bg/ Frame 531E 38 KB
15 KB 138ms
137ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VQdDSOd05UIjXCKVon8X_ASAqVpdX2ccZF2BDi7w8G4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

55074348e774e542235c2295a27f17fc0480a95a5d5f671c645d810e2ef0f06e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:09:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14834
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 03:09:21 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6D7E 0
0 173ms
173ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvzdHdjVyEXztmQLn6A4rQMwJY-dPIhaj3dlxTlnXKQtuCu0usJo9dinoWBnXCvxYf290eP0TGqgaWXide1VbFkv8m7XA8YV_tal7WW8LFKkFfKbghl8tyn9E5rt5yCVOn_idvEaSXdYOoFzXbQgBVl2xJo5YpgFDLbBxEgXeRAdMPiFU1YGKwe9W3NqTW7nUJSVT3nwZUUdjG6_bNRtZ_AqTTAyT32j-7u6yGFjcDLyGZRVK5B5W98mOBlhsLc9FzYaaiGWoBrvcrDS7cWHICVv54V9nlj2qI9qhPAs1MNlFzycPqLvpHIMljmpf0x2aUFw5TjN_WiC5qV0uvuLpzi7TtMwoOZkZNz8z1TzsUjAM0WShQfMS96_4plSQrzyL_UXEamn2WdsZNxjpVHjYdM37BbDbBmJS7p2T0fEUHJpjUseCEMyCbZqtDbM-GSZxIvDjXDwjjwrfm2IjUl4vhND-R8KMnqUeRLj34isW6swuztK_1XBx1KryfKeAedFM8O6LFcjdX2oRuwBJGHkpxF1GhnpQRzUmIrSNpJhrOcOQkxCGuJ4SjZ92PhEYOJJhjXWHPd_PZYzCjguxp2ZlN1UwwLNmxCu4M0X0vD7_uuX2Fyngmi58M_j8nJyM2p8lR3Tk0qXHPsrOf8jPxlw7fGZms6uIXMGXoEPB46oZsxLQld9Lno7gpyG9H42u-FsPWV8B8NBioe8Z25naAM7O1n5JJufV8NUM2nKeI0SOeQBaYpN7RaatDOZ70e962fHsvJL05izHml6-Q_uex8REMjx_K4cDDcxaubQ2lUBSakVTnT43cwNn-8ALtZFG2B28Ap3EjRLd9VjYccKKFtQMkG5gmNVGUxjz1g7l6xckjpWfVChD-4lYWctZ9dt-TzTZEuQy-FhNSA29yhhpekZFeVjEaaZ5S2-If85oHWbkUYlElzeUr087lyCQFG1o4LrKf4_LRLP67I7-fBZ0CbcSMkdDHEM_tfhktc170kgIpWOHh8-fdTXg_yDh15wjkWwurs1JQ7L9XIdCBM_JJ-xnbcIm2tNG5zCx4NTQqe5t_NGjFk9z16SnZG_awrXfy4y7W0DuTheEI&sai=AMfl-YQpYWgWotgh9LFczCsP1lEAQ5dDA2uneppeH2jQI4xLZ32ENM5mEIvR0hGroOSLZ5XPLuqzOmKMI-E-tBYYWOBS7az7oDBaaYHKD59LY1yeMiX-yuRz8ugH8GTWv8PXTLMpgA_wr5GaLRQJf1hhT8s5efiej5aCOe8sGMoWF4GRYbV89HM&sig=Cg0ArKJSzKRb1NFEwlp6EAE&uach_m=[UACH]&pr=8:E805E09688EF2BB0&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=695&vt=11&dtpt=693&dett=2&cstd=0&cisv=r20230531.34183&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 03 Jun 2023 03:47:10 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6D7E 0
0 175ms
174ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstsYYnGfhtHcg0JzD5N9yfWeD0DwM8PQMDBH_3w9Qc3LMIA57yMbsRYOReiM8Ww7310VPEwbi4QfLq8Tjl8JoaVkAkVYKm8pzbsdESN_mEzORe3Q4mOEvXfagUMbFB-RXIUJn0OqK9KA4qDAGifRYNp0qIS_IfTgK6fm7QqULfnVLDeVP5vU3PrCJLPTMbBHXdEAy1NfJPOuAyynhEmRLc3-0rBScEbZiZtwcpE0E9GvaOlwNv9GV7USeuTws2vZZ1plm4L4xE5ZG95DJCl6Bu-J21kRB35j9UuVWXzBDb4V7hH2D1zdkcEjEOTSk10btWdiroXPM089fU9E3VGWBLx-SyAAQ&sai=AMfl-YQPQq6XR1lJpbSV1AAiigA2KYd9W1iqI62nBMURPzXSq5mihtgF5GauVPJr6Zbjmi1nFQWHFnS5HzkWG2xrd_RbRSm5FtdLzM0W6zxMtrjZ4Pr_AMsZQcZS5YHW7m70YFT_htmyrDiYCVXcxG3p&sig=Cg0ArKJSzOk_GfvmsCPMEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 03 Jun 2023 03:47:10 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 191ms
177ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305310101&jk=2139559599567410&bg=!AgGlAVXNAAY9J7QfHSc7ADkAdvg8WldbSqtckCX6qoUu0xRNYkSumcDKYwAgVM7jkzXLWESmP8e0L-vXPE1fRPIzpT7TnPtVGBICAAABIVIAAAACaAEHCgCLSa_kTofBSjYvvMdjNx7t5uMLsqeFytudDyId_SmCIU38MFY7b-foM-XnY1I8fnajAKPXBCv9aO190xWdlpZhD7hY0IsOjZvBt1-cSdMDmv1Mvu5X-D8swRyCVPg7E5U-vG7yeE03Toa3sG-eJqEmYk33B-WQ7ZRvyRRZS2q-zrmFI8Ya2poLH9LlrpkCnJ3TTX0kMKLM6sFVRxgvLxw46E12Ztkyeg6F7Af3Sp5KU9tF25ZWfuolBUPmKW2tbtWsuL6R_AlLH3jtET8-T1SZlYelBraiFCHvVj64IFOaug8QU5yo48I5kS7rjDo9kRTxMYNWe5jnhN3DYeK8g0QUvGlz0w_2neiSF43brE82feXrgdvDdaj9Z5-MMlbaGNJrfsGkNfTYBmiuvUCwXsvBqAdoSCYWxGsqXBnqa9I0Yj1H8qZ2qby7FXWMk4UryNkXufvFiZKVI8kSqc9bJa7urHKkW3ziu55XbmqlIKXGwgH_988PribUbuJs-cgFItY3ve6oTQe45tUzUgja4pQZBlp5b73DLuGVV7H-n3P6OX4mlaXfy8Svk-r3gy6skcCLYavji4YTp5hg8ZoJ85vEbKlJBDpNecbIpmXqFrZ0e1aAUiQ4emFKUeR-EQy9jqdmmX04WbshfO0h_ONhv6SFTWsxlUoOV1owdpHOzShjkSWZEGJXoQiEN0dbs5cPXc3BMKfZ-9XlAt_eRBVbjR-7miu7wnXfCaO0VKMtVLMiGBhEFjBkD3X5Ogos3bs_4tObhB9_iQDBIE9zHlNTGZ3tHvLl-bcZl82DhLdJpPmBtVtW9aqEYZmlxjexyi-Ged1vQH_OAdqWA0ajotk2uOib85gxuW_Joy7xh0DgwfhipEQNCqHSpYq61dbp6HEvFIsb1RKztRcOgeUIgRWpZPco-HX0CQhs_k2yVXd8RV6dU6IipflI11vYS3xU2YIbgjZYiQgy04hRGGywxjbT7rNVoDhYVvs6C2DiGG6zUIQeYQaTt0EX17PA5MR6wOR8rTlQCdwwyjU-hWNXQMHSa-w8pu-rIm6RALc7TD_5KNKGkXb41PHg78PWrKee
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3BA9 0
0 192ms
179ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssMLuUYYx4lmNvBn-6lrwkZiuXKKBrevP2NaKLBzHjPEBKuev2sSO4oemizuheFbN45dGmC8dBaGwRw6Kp9O_a_EJehlCGcutQ4o6LVtmudmoMQO5XB5X4ILWz0IGp8pyAe0-BansQ3AM1rQTcAVZ6Xs389-MtCvTMkmOEt7JhAG8Pm_HRjXtMjmdCswhxxbWsi6OvAmXKyECyKfRhVCQRfOoxPH3lLTSnfnBR9n4IgiMUUFT3CORvTsC9vEPomaWsTkoOeQb6qTZCsubeaHge0U9ptkw0YvndhXqZHca4QI8Q-dUGO0FvdMZcLokvukxDXPszSJ6ic-k8xYJ_b_7drepmoC-FIjKOaPiOa5o0ulAu-n7BAXPbTsHVjWBYqc72r_c-mD-v4sQRLoEeao2voht2-JbnTt4zTRcclYtonew2hzgyLLVR01FwxeUScxVPqyYrZsbOl7LISRX-wIG8BSdhTnY9KPu-P0ERLqnjIN5qqMyabtcjK0dRbWpUYJAnwEzbX_j3pAdb_A1OuVZDr5Kk1MeCWer5GhUCg97Dje-2ZD9FZkF3cg5r2vSWA54WZy0yyehS5XBunOoC7NHeHUfGxM2i-MHEDg4Pci9OIoIt58raF0qbu8QonCTaq5Gv_bGsGhy8_CAoeZW6I8bzxBk2GaUmAHqH85kCAX86keP6h8Qn8WrvU0SuW8FdNtVvwNxxgPxfZYRDpmMW51HlanBO2fbeuveBmv9gXPpLYwgkK8l9r6yUWG7rr1SEDZ28ogPiazQmlxHA6Woz_efrABBVnY-TDOlJMAZjGrJPQwSCCVgGxsjRU5T3iLdFewFOW6F4Xx4JJDc3RSt4Tmwurg5hjncXHy_GJlBFs5rQaZXLw9Hi6T8QrwrEexYANk-b0J84ffdHPhdOPm3fR-vaJVdZOMgHpFnU7UHRM_7MAxwnVz_0oAJM5m2wwZy4-K5DLMDlLj2xX8_qQyIeXWVCljwszBwtPtY2mdDB9FAnIau8ZPLdehipYnI1JlL8mTb3yu3InqkA373AIox8G4yHasN-K10isM3j6BAPTBkjwo9iWzVQKYM4XVyMWG43CsH6NGJW9tFw&sai=AMfl-YRMzPL-j6LVJYRKDI7-EtugC_2K_4PpTTBarJbG0Q28duo8wRdlrFHjfLZuIWhQxdUPpOEZRcOPT3T_dI9a661fIXWM6hPFOocmP56KRafXgIRQUyydo6uKDvKo0zkU2ofCGUt7ah2mdJpDk8dBZCUkeUcESl_T6xoOxUM21DnJ_c4AtKs&sig=Cg0ArKJSzKbkCGZbSfxHEAE&uach_m=[UACH]&pr=8:E805E09688EF2BB0&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=665&vt=11&dtpt=664&dett=2&cstd=0&cisv=r20230531.65218&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 03 Jun 2023 03:47:10 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3BA9 0
0 189ms
176ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvG0ByhISn06Dmce7-wYJwdL5cbAm-_qe0q6G4jzjV54-Qpljw40gxJZgz-wtuzID5wwA2FoKOo8nVmPXuCoGpAdD2JdBGNj0daAcksN7YGfTwXFuZaG8QVGHesV09S1Zh8fSI2LZJGJpQh_4nFcEgYdzps9R-CYRGpvo8VE3EY2iWOFKno8klc1g2jxYu-fxyciDaisN7p9Z2zi-JB4YgQzWif509hleAakOPl6YVggaIDCmTS3cOt8Frlya8ESDI-zHOjY6ZiDMUPXQ9DjOTPPR2IKxX3oVIqXXyVGvgxtXSDPfTC6zMw0uGKLQmtC8BouPVBoMRi-qA6Jkjol4cHH3ucoy8mA&sai=AMfl-YTunLWnMPmj8_51WUKQu3EMajrDLdwlFjkiS9m47xAfhTEmddknrJ0_cIjkgXjb2D2v2azb-S0G2PPizv-NMVYcf7ZPe14OgjKDvHdKrJnrOaAaPXPj6QsYtGmZxK-_tK9VOSldAtSz67kw8Zkk&sig=Cg0ArKJSzL7n9MRJuL9mEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 03 Jun 2023 03:47:10 GMT

GET
H2 200 sync Show response
gum.criteo.com/ Frame 123E 61 B
301 B 442ms
147ms Script
text/javascript 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:10 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 269254
expires: 60

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 26C6
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
https://eus.rubiconproject.com/usync.html?p=medianet

281 B
554 B

150ms
144ms

Document
text/html

23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=medianet
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://contextual.media.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 03 Jun 2023 03:47:11 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sat, 03 Jun 2023 03:47:11 GMT
location: https://eus.rubiconproject.com/usync.html?p=medianet
server: AkamaiGHost

GET
H2

200

cksync.html Show response
contextual.media.net/ Frame 3472
Redirect Chain

https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D9%26vsid%3D3287656304262554000V10%26type%3Drkt%26refUrl%3D%26vid%3D576403066532876563042625540...
https://contextual.media.net/cksync.html?cs=9&vsid=3287656304262554000V10&type=rkt&refUrl=&vid=57640306653287656304262554000V10&ovsid=5133329525987312891

235 B
659 B

194ms
194ms

Document
text/html

95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/cksync.html?cs=9&vsid=3287656304262554000V10&type=rkt&refUrl=&vid=57640306653287656304262554000V10&ovsid=5133329525987312891

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

7adfac299561b9d5ab03c88e9d582cf76bd31746a4c0564d7d0d428199c943df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://contextual.media.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-length: 235
content-type: text/html;charset=UTF-8
date: Sat, 03 Jun 2023 03:47:11 GMT
expires: Sat, 03 Jun 2023 03:47:11 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma: no-cache
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

Redirect headers

Content-Length: 0
Date: Sat, 03 Jun 2023 03:47:11 GMT
Location: https://contextual.media.net/cksync.html?cs=9&vsid=3287656304262554000V10&type=rkt&refUrl=&vid=57640306653287656304262554000V10&ovsid=5133329525987312891
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame D8CF 16 KB
6 KB 428ms
140ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3287656304262554000V10%26type%3Dpba%26refUrl%3D%26vid%3D57640306653287656304262554000V10%26ovsid%3DPM_UID
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://contextual.media.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=29654
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Sat, 03 Jun 2023 03:47:11 GMT
expires: Sat, 03 Jun 2023 12:01:25 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2

200

cksync.php
contextual.media.net/ Frame 123E
Redirect Chain

https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=9&vsid=3287656304262554000V10&type=son&refUrl=&vid=57640306653287656304262554000V10&ovsid=[UID]
https://contextual.media.net/cksync.php?cs=9&vsid=3287656304262554000V10&type=son&refUrl=&vid=57640306653287656304262554000V10&ovsid=eb37c243-e762-4663-8f4a-e46868cef88e

61 B
472 B

162ms
161ms

Image
image/gif

95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=9&vsid=3287656304262554000V10&type=son&refUrl=&vid=57640306653287656304262554000V10&ovsid=eb37c243-e762-4663-8f4a-e46868cef88e

Requested by

Protocol

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 03 Jun 2023 03:47:11 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Sat, 03 Jun 2023 03:47:11 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 03 Jun 2023 03:47:11 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-79
Content-Type: text/plain; charset=utf8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://contextual.media.net/cksync.php?cs=9&vsid=3287656304262554000V10&type=son&refUrl=&vid=57640306653287656304262554000V10&ovsid=eb37c243-e762-4663-8f4a-e46868cef88e
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

cksync.html
contextual.media.net/ Frame 123E
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D9%26vsid%3D3287656304262554...
https://us-u.openx.net/w/1.0/cm?cc=1&id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D9%26vsid%3D32876563042...
https://contextual.media.net/cksync.html?cs=9&vsid=3287656304262554000V10&type=opx&refUrl=&vid=57640306653287656304262554000V10&ovsid=5178bca0-cd6d-0f95-092c-d6c678c904d9

235 B
235 B

167ms
166ms

Image
text/html

95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.html?cs=9&vsid=3287656304262554000V10&type=opx&refUrl=&vid=57640306653287656304262554000V10&ovsid=5178bca0-cd6d-0f95-092c-d6c678c904d9

Requested by

Protocol

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 03 Jun 2023 03:47:11 GMT
server: Apache
vary: Accept-Encoding
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: text/html;charset=UTF-8
cache-control: max-age=0, no-cache, no-store
content-length: 235
x-mnet-hl2: E
expires: Sat, 03 Jun 2023 03:47:11 GMT

Redirect headers

date: Sat, 03 Jun 2023 03:47:11 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://contextual.media.net/cksync.html?cs=9&vsid=3287656304262554000V10&type=opx&refUrl=&vid=57640306653287656304262554000V10&ovsid=5178bca0-cd6d-0f95-092c-d6c678c904d9
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET rmp1r1
sync.1rx.io/usersync2/ Frame 123E 0
0

GET
H2

200

cksync
cs.media.net/ Frame 123E
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=9&google_nid=media&google_cm=1&google_hm=MzI4NzY1NjMwNDI2MjU1NDAwMFYxMA%3D%3D&google_sc=1
https://cs.media.net/cksync?type=g&cs=9&google_gid=CAESEC9v7xdlIRJEF3dyI0xmWEk&google_cver=1

61 B
453 B

168ms
151ms

Image
image/gif

23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&cs=9&google_gid=CAESEC9v7xdlIRJEF3dyI0xmWEk&google_cver=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol: H2
Server: 23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:10 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Sat, 03 Jun 2023 03:47:10 GMT

Redirect headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cs.media.net/cksync?type=g&cs=9&google_gid=CAESEC9v7xdlIRJEF3dyI0xmWEk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cksync.php
contextual.media.net/ Frame 123E
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3287656304262554000V10%26type%3Ddxu%26refUrl%3D%26vid%3D57640306653287656304262...
https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3287656304262554000V10%26type%3Ddxu%26refUrl%3D%26vid%3D57640306653287656...
https://contextual.media.net/cksync.php?cs=9&vsid=3287656304262554000V10&type=dxu&refUrl=&vid=57640306653287656304262554000V10&ovsid=EcXQKwG31Q5ier5

61 B
458 B

193ms
170ms

Image
image/gif

95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=9&vsid=3287656304262554000V10&type=dxu&refUrl=&vid=57640306653287656304262554000V10&ovsid=EcXQKwG31Q5ier5

Requested by

Protocol

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 03 Jun 2023 03:47:11 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Sat, 03 Jun 2023 03:47:11 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 03 Jun 2023 03:47:11 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-0943143fd00beb9c6@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://contextual.media.net/cksync.php?cs=9&vsid=3287656304262554000V10&type=dxu&refUrl=&vid=57640306653287656304262554000V10&ovsid=EcXQKwG31Q5ier5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cksync.php
contextual.media.net/ Frame 123E
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=1429da15-ccc0-4ee3-b308-445f3f95edac

61 B
623 B

168ms
164ms

Image
image/gif

95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=1429da15-ccc0-4ee3-b308-445f3f95edac

Requested by

Protocol

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 03 Jun 2023 03:47:11 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Sat, 03 Jun 2023 03:47:11 GMT

Redirect headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:10 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=1429da15-ccc0-4ee3-b308-445f3f95edac
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1007819
content-length: 0
expires: Sat, 03 Jun 2023 00:00:00 GMT

GET /
b1sync.zemanta.com/usersync/medianet/ Frame 123E 0
0

GET
H2

200

cksync.php
contextual.media.net/ Frame 123E
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3287656304262554000V10
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3287656304262554000V10
https://contextual.media.net/cksync.php?type=mf&ovsid=26e3c68c-4921-46fd-851f-7715b86baa3c&cs=1

61 B
472 B

165ms
163ms

Image
image/gif

95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?type=mf&ovsid=26e3c68c-4921-46fd-851f-7715b86baa3c&cs=1

Requested by

Protocol

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 03 Jun 2023 03:47:12 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Sat, 03 Jun 2023 03:47:12 GMT

Redirect headers

Location: //contextual.media.net/cksync.php?type=mf&ovsid=26e3c68c-4921-46fd-851f-7715b86baa3c&cs=1
Date: Sat, 03 Jun 2023 03:47:12 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

cksync
cs.media.net/ Frame 123E
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e3707cb1-3f6a-4e6f-9166-acd9967ce73c

61 B
457 B

149ms
148ms

Image
image/gif

23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e3707cb1-3f6a-4e6f-9166-acd9967ce73c
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol: H2
Server: 23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:11 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Sat, 03 Jun 2023 03:47:11 GMT

Redirect headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:11 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e3707cb1-3f6a-4e6f-9166-acd9967ce73c
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 199

GET
H2 200 log
hblg.media.net/ Frame 9791 35 B
191 B 151ms
150ms Image
image/gif 23.212.88.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/log?logid=kfke&evtid=adpvlog&__q=Ae4FMgCAjAQAAACAAAAAgAEAAAAIAAAEAAEAAAAAAgEEAAAAAAAAAAAAAAAAAAxQ_ARAZDc1ZDI5YjAyOTVkNDA1N2I1ZWFmMGQ3NDBkYzMyNTXckqXEBZYDBEdFGnBhc3RlbGluay5uZXQSOENVMTg4MzFJPmJzYS16b25lXzE2NzU4NjgzMjQ4MjgtN18xMjM0NTYOMzAweDYwMApldV9iZQQyMwxQUkVCSUQSOFBSVzIzSEc1BDE2AD5ic2Etem9uZV8xNjc1ODY4MzI0ODI4LTdfMTIzNDU2AjA8cnRiLWNvbW1vbi01OTZiOWNkNWY2LThzbjR0LkJFAjAABgAwZ2VuLXZibHRfcHJlYmlkX3Rlc3RfMl8xRjIwMjMwNjAyMDgyNl9nZW4tdmJsdF9wcmViaWRfdGVzdF8yJmdlbi12Ymx0X3ByZWJpZF9hbGxcJE1FRElBLk5FVCBFWENIQU5HRQICYg&evttyp=1

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-88-20.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:10 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Sat, 03 Jun 2023 03:47:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B434 171 KB
53 KB 162ms
161ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Jun 2023 03:47:10 GMT

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/3244123426570389665/ Frame 2227 70 KB
20 KB 141ms
138ms Document
text/html 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3244123426570389665/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

sffe /

Resource Hash

6e89f6ccc603e7c485791be3224ecb1e98b265796e2208ed247fd8adfe46b012

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 219023
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 19941
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 14:56:47 GMT
expires: Thu, 30 May 2024 14:56:47 GMT
last-modified: Mon, 08 May 2023 13:05:05 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B434 0
0 180ms
179ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvJ1JV1fR1HWWiT-eCGbbEO6If1qp2Ubl-ATaEcPQYup3yTUpEubpcPoGn9QJtkQ6CFZY25pIjdT57p_EVitQgfTDMI-h2TNBjz46dRYKiM8x1vRj_wocA9zuQbN3gvDrURdyDxai1M4OU9x40mXbUpKhpPZNQyuwNUX45I7CFTQFv2O1Ef40eXEUSuyBkH7JovK_wV1qQg&sai=AMfl-YR9fdpGDQXpMCgow-57KtCNRc9flsBhOdCGwtxNZ4RteYRfg00_JnLuvB8FL9fQq3oY1J8urEWsUWYlakUJ83ypDHN1mbk_0RoItKXHEWdGJVfdpqu-xS3abULlf0AX068&sig=Cg0ArKJSzNdkgBsI5XDjEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=622&cbvp=1&cstd=618&cisv=r20230531.00663&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 03 Jun 2023 03:47:10 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 8C23
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=2QXSzswRTryN_V-rHRqAkg&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2QXSzswRTryN_V-rHRqAkg

43 B
479 B

325ms
235ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2QXSzswRTryN_V-rHRqAkg

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 03 Jun 2023 03:47:12 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ND524G08K00JGCKGXPHF
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2QXSzswRTryN_V-rHRqAkg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET token
token.rubiconproject.com/ Frame 8C23 0
0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 8C23
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECN3Y7f_ctW35jFZe93qCoY&google_cver=1

42 B
677 B

607ms
147ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECN3Y7f_ctW35jFZe93qCoY&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECN3Y7f_ctW35jFZe93qCoY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 8C23
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://match.adsrvr.org/track/cmb/rubicon?
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e3707cb1-3f6a-4e6f-9166-acd9967ce73c&gdpr=0&gdpr_consent=&expires=30

42 B
677 B

235ms
153ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e3707cb1-3f6a-4e6f-9166-acd9967ce73c&gdpr=0&gdpr_consent=&expires=30
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:11 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e3707cb1-3f6a-4e6f-9166-acd9967ce73c&gdpr=0&gdpr_consent=&expires=30
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 289

GET dcm
aax-eu.amazon-adsystem.com/s/ Frame 8C23 0
0

POST
H/1.1 200
OK lg
coplg-w.media.net/cc/ Frame D0AE 0
124 B 286ms
286ms Ping
text/plain 35.233.184.126
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://coplg-w.media.net/cc/lg
Requested by: Host: cdn-copclient-w.media.net
URL: https://cdn-copclient-w.media.net/cc/creativecop.js?https=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.233.184.126 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 126.184.233.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 03 Jun 2023 03:47:10 GMT
x-envoy-upstream-service-time: 1
server: envoy
content-length: 0

POST
H/1.1 200
OK lg
coplg-w.media.net/cc/ Frame D0AE 0
124 B 279ms
278ms Ping
text/plain 35.233.184.126
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://coplg-w.media.net/cc/lg
Requested by: Host: cdn-copclient-w.media.net
URL: https://cdn-copclient-w.media.net/cc/creativecop.js?https=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.233.184.126 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 126.184.233.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 03 Jun 2023 03:47:10 GMT
x-envoy-upstream-service-time: 2
server: envoy
content-length: 0

POST
H/1.1 200
OK lg
coplg-w.media.net/cc/ Frame D0AE 0
124 B 278ms
277ms Ping
text/plain 35.233.184.126
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://coplg-w.media.net/cc/lg
Requested by: Host: cdn-copclient-w.media.net
URL: https://cdn-copclient-w.media.net/cc/creativecop.js?https=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.233.184.126 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 126.184.233.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 03 Jun 2023 03:47:10 GMT
x-envoy-upstream-service-time: 1
server: envoy
content-length: 0

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D0AE 171 KB
53 KB 215ms
214ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cdn-copclient-w.media.net
URL: https://cdn-copclient-w.media.net/cc/creativecop.js?https=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Jun 2023 03:47:10 GMT

POST
H/1.1 200
OK lg
coplg-w.media.net/cc/ Frame D0AE 0
124 B 281ms
281ms Ping
text/plain 35.233.184.126
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://coplg-w.media.net/cc/lg
Requested by: Host: cdn-copclient-w.media.net
URL: https://cdn-copclient-w.media.net/cc/creativecop.js?https=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.233.184.126 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 126.184.233.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 03 Jun 2023 03:47:10 GMT
x-envoy-upstream-service-time: 1
server: envoy
content-length: 0

POST
H/1.1 200
OK lg
coplg-w.media.net/cc/ Frame D0AE 0
124 B 285ms
284ms Ping
text/plain 35.233.184.126
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://coplg-w.media.net/cc/lg
Requested by: Host: cdn-copclient-w.media.net
URL: https://cdn-copclient-w.media.net/cc/creativecop.js?https=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.233.184.126 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 126.184.233.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 03 Jun 2023 03:47:10 GMT
x-envoy-upstream-service-time: 6
server: envoy
content-length: 0

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/3244123426570389665/ Frame 27CC 70 KB
20 KB 139ms
138ms Document
text/html 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3244123426570389665/index.html?ev=01_250

Requested by

Host: cdn-copclient-w.media.net
URL: https://cdn-copclient-w.media.net/cc/creativecop.js?https=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

sffe /

Resource Hash

6e89f6ccc603e7c485791be3224ecb1e98b265796e2208ed247fd8adfe46b012

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 219023
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 19941
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 14:56:47 GMT
expires: Thu, 30 May 2024 14:56:47 GMT
last-modified: Mon, 08 May 2023 13:05:05 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D0AE 0
0 176ms
176ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstG8AB0Ob8D4j11SOTWolBvNX6Bdl68m5vDQ2eaJLB4R1Oi8zQT4Ps_o-DbTra-kQfPCy9WsJYWXFJBtnd_ZgslAfjjZL2I5GBhu6hUHoef_gEzI2szJ6oae0shusYH2aFZCcZU8eFlmdjawMH8ilPlu8xxac6bGl8DKTBdE9S3nc2yE0A4p5pXvOSMUsrMXGToGYxvPhpy&sai=AMfl-YSx7ZxS5fXIdrG8Ycx-L8yuJvb8PM361IOa3RQlGsMKNX03kJYnZpapZJnCXYqcZGFGL_XxYLtdZpXuaIhfGaoMVqJ9q5u7bNTEj_4Q8l2m4GG6Popwz4-S6XC1kSIRlcE&sig=Cg0ArKJSzBhUBQPa7HPLEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=649&cbvp=1&cstd=646&cisv=r20230531.44101&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 03 Jun 2023 03:47:10 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AE0A 0
20 B 179ms
178ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BDHeQvbd6ZK7RJJak3wOHz5aICgAAAAA4AeAEAg&bg=!w8ClwJTNAAY9J7QfHSc7ADkAdvg8Wp9iB9V4-LIa6qRkSZ56PkCX18yxgu5YDJoQLV6v_MgO08sPuAWk5dnjvxrRYAy0ixCd_HoCAAABCFIAAAACaAEHmQKqofcMUd2T6iDi-Ljp2cyHEDnnLOKCXY7TfvprsECOBfGBAOBqd7eybTSLOoF8NGjUftAjBK2-rEicmaSPDrFOJuG2ZbYkt9_WEp_S1NEHyaxsPEsnBacMBwalLKfwatuiEAP6iGRGwNOjvu-B57HMhj_R4AwJoR3RFLrnccCL1qDF6bZXKz3SkX_gX_PAJbiZ23W_FMPncSON3UXdcVj9YPFc0pXaAUtSbAKidA39WRvvZkA0QFsHZLXancNjgfL98jhUIXvTcJFhDxlpNJXbyETuTzgRJ-NCHlQIb1ygEQCAkoxtdTuFd4josBbtsLVn_BSrPN7rXRObj_kkWIJoJFUoOH5cmwSTQRS1mVguGPKmEjv1T1Vu4Gb9NRF5QLcvu7zzdiED8uO3cgxiUDE_G-5-gZ1Af2YUd1EBLvJMilrqElUyqCG0PSCeFuqYgz2Tw8v1bNhP6iB5Rwe22KKTxuwCi-tTJnAaJGYssl_tJLEMWTCK_gLpz4cJt-oXayKTS_eAyaH4ZPt8_sxfdJHlOnTTzi4zwQo1-64tLWmfzOnoXePyBN3lopNdGy8De2tbEbqeCiSEC6KI-rMsQkyKqq1r1FLvIEZeoyS8uy1GWfw8w9MYCMhs0lF57nzfGlP7uourol6nAm_uvCyn4dHvhWCrTjsTvuVLHwxuaIwzraFYdkpv5iYOETLSVVNM6BlgjoJMmu5fgfwKswnPMyCVq_vR_fRwF0ukeceubGMlHDV-iTVrQre17WiCBzStYM6vgmptwqhhxLIDba9hieHevv4g48wk6RX2NOwjE9h3I_nkoKpe7l0XweJboXuv0NXmVkKhuWKcPljZHjMwXfbutqivqh4wFUVuGiB0ZUMOP6qo_7dR3GIMiJhXCfSD14qqZ30gCEsbDKZnnQ

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 0606 15 KB
6 KB 317ms
149ms Document
text/html 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pastelink.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 03:47:10 GMT
server: Kestrel
server-processing-duration-in-ticks: 361297
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 93 KB
30 KB 507ms
218ms XHR
text/javascript 178.250.7.2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 19 May 2023 17:15:21 GMT
server: nginx
etag: W/"6467aea9-175c4"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 04 Jun 2023 03:47:11 GMT

GET
H2 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 2227 32 KB
11 KB 146ms
141ms Script
text/javascript 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3244123426570389665/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3244123426570389665/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:31:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83718
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 03 Jun 2023 04:31:52 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 13D4 0
20 B 175ms
175ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bl4pKvbd6ZI7FKsvVgQe5-L3QDQAAAAA4AeAEAg&bg=!WVqlWg7NAAY9J7QfHSc7ADkAdvg8WrX4x39dv9wilahnO6CB2qsA9oXxj68gMwhxLtnOb5bgDNEm9Xf4ZQNrCloN0N5QU3aXOMsCAAABUlIAAAADaAEHCgCBQ3qoBL8lgJDLbpiVS693JyXiOB_itni3GdoLG5_kdJRaZxp92sf16EW2GSZ5yDNMr0291_kMkax_yIEzriIX1q8dpBg5b4AJSYPj_clO_baYlgU8q8S1YzbLxBaS6rOOoH3Ikv2vIEPS26LxyqZ1CvRULGZO9v7Egt147c_pa-wImQK17ajxlMEGTBldsDkeA6oRPsmofnjLAvGmgIZk4zL38kxK-gLqvWQDXLe2olFN50s6BtiOPniHWxT_i8TiMsdff_Ihv8QAoTyATZavfZGWwwOXuYoJWorSTp-diEr6bLmEjlVpIzAkF7IU5mvZwPKXwth8lIFe_GLfaEnFZ2QAIYP23Ai2eVWfFnL6Ld6FYCCG-yeMngAuj4rWi5GMFL_hbUDI_r9b1_bp_xobKB5AubPktMs3bTsvywBR-8KAPtMMYAaPgd-6SA1w6QZk-AkrcnakSawtndigW2yxh0PDY7O0JDcyYYkkOtRGCjtArzbIJex-g1m3-CwvCl4x39AQoHxxHs_SBUKupkf8k1iT1wkiSyvmarFPLJHqp7K3SXOoKjhntPMyt6mccKV_Li9gdEBrmRHJYfaa381q_QypfoG38B-4luHFedUramGNBzb4FjT0BIzkQ5qSLkv88V3vcE32tuoiCo9WVdshhUNTshNOrsvZ4UB4jyCZ49qLQ9GhwPQyhbpIFsYxw5dZVOW097fp-9TCLGCsCYLP2d3KueD8C7AU-YnfrZ6oJOTS9tj_Og8a1cAPZPcL5Fh6R3ViLHoxPjJyswumiQbxRJByj3hOgXf85mO2iZmqnKfLq2Sc1La6KZ-Py3t15Vcme_4SaUNMVgehnv2byrq5YIT4eUB7zubuSMO9QXcyXSfkn_fj61l1aVrVr7h7NgAJeHcwzJyUkvBNenwZPm-ylxKFHLCYOA4EDC5cs0a5om_mnSH6q5pCk2HEqoYleEID59le02oguzzBa5ABWHCach1Z62_7dvG3hauIsDsoyPjklQdpzZK11ipJT0DbPoPZi_0R2AcqvrdT3WxovD4bOzHZSPaGkql0hePs2AAy6ozh_H6mIsihGXHs9yikUIkG4qpyTuHgATij

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 27CC 32 KB
11 KB 134ms
134ms Script
text/javascript 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3244123426570389665/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3244123426570389665/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:31:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83718
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 03 Jun 2023 04:31:52 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D02A 0
20 B 174ms
173ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_fqFvbd6ZIOkMMvw3wPUgI2ADQAAAAA4AeAEAg&bg=!RkWlRRHNAAY9J7QfHSc7ADkAdvg8WujGzOJhIiPyNwWCjI6n6fz9xrgRB7-xiI723T4izPR200hFRHsomuCMyBnp7_lrjHi5T-kCAAABEVIAAAADaAEHCgCJHCdZtLH0a0hORB_2c8ZjyNxeOKEHgNe_p1Tz1VjKCU1CFJnoCeqNdbJAppvzVRpmG9WoMGJJzBBRrFJgAiBstvlmHuDKYxX94uH8MUs_gr2ROq9V4N1c4OIpQ66snoks1GnmM60wPloJvySzLPdMhqR_HXK3nasj9uYes4CDgJDCIykelrSxGQWZAt2emsVXQ4wCLIZ3M9TVPQ7qndOJTVeNaCWxf_rSxm2tghwMqRo0WyC38KI8qBwf0tiAveE8AgvVIjYIYuY2bAMioc71VFy6T1w-aqCj-4VSQrGlssO6nmeuFzU05ZzdTrWWozUp9_ke1f4YmWEUjKSFIljHV9nmTeM87psw4a0V9T_hgSCymN-5Akp4gODYJyZT4GsM8mGC9C94LAmgnEmoVcSrsyQ8mipAAXAe5BI3mmO4KmvZozefl524qbL7RFsLGgjttEKBk-A48OQSQQTdg6-dybAPAHKOybgoypRirJVwinsDZky2ujQn87eVJhcOnL7_LrvTh4RiZeh32y9ABXbwavkul9YV5MMjVbDgY9UjqhQQYmBhWfe_ELFw9Ago7h2QVCaPSIIKTNAcm3a6ldf9YprllMSGugQnfI7I4xm4grOqrjqzTFMsOzoEwCDP9e5BWT5wtpKa9ZUqWJXx7w4xJy2EP5CdSoOsY4g8ZwJlXw7bF3EzeRlEnDxO4c3useJYvVXn3Ed8L9lUyVqGuUcpvw4N-THU6S421ajhLMh2NkyW_BYYz9FpyPog7Sf7h8wIrAMmfNGVsBE24EYhmclp8NcqmGmVdXIR2qzTPc0zTFHeRNKidzdWUSU-5RYzQT7MxepT-6qR8g4oFGIhnhbx-6HnOvx1OaJ-zm2LZUXDywjHO5fwJexmAUwljMLKn3yBr3iVUxFwGgwS0bkrRLpiwd2OXn2s0Zh1GAG2qLbsrY4JIV8qz7x8uDMXTk_VPMCyLT001lTOHhQqmZO2PdPVUeRUnt2PKUXbxDwq5k3EP7mUa_RDOrHXzaWthI1_ZfL4KTsFy6DWFeJ8KkAP1EXYVLB8yGDOFG5BCTqyNisva02CM5e7FmTCmnfIB2ZPIk6_1U-PzHiXfhNabLw_ZmuB5crrPn3zrVUAJIEo-DvMJFL8Dbtzhz_W6LXZblyn4ImAqxEZ8FvK7nVW

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 531E 0
20 B 176ms
175ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BVNSivbd6ZM_YMI7y3gPKka_YCwAAAAA4AeAEAg&bg=!-_il-KzNAAY9J7QfHSc7ADkAdvg8Wl_HYbdQHjz6568IE14GF7njVt2CSZRogbJalgI5CWKFpHkJxtIRIjwq7sSer0LXlGvHDDwCAAAA8lIAAAADaAEHmQLPhp2zkl38GWljKZ_I4VThb9dyhwtkfNYqDuZ-tPXeQLaW2F-VcGaHbWt7O20CDzUBSzM1N99gJhyxgznz3r0KsDmS6-4fA0rEjHS_dGX-MxGHOndCktkgTfPwefOoBUN98_QiN3BXA3nxWZXG8k3GU8Jjb1z5oApv1DeIllFNZv0VvDFVlj6sWIbB-KbtBccrgMV3lp5uv_LB8YqKRZXCAflger7f5dWJLLht6vSrvU-_rgPtdXw8hpKG6lpfLoof7j-aoLQuwMCzYiPGPCOQr3VCzX1jOWSx74WqYZX6Wri8zFGa4ISOnMiZhsFEM-u_lytlxDT0p_3hSMH6ejZgJS8t9VQy4CyL1sH8iZMnsYzi6u8dgo4gwR1GE0Xb8XtcEIOl9xfNMLW3XKEjdJQ150ZlhdG0ceTm48nsGw5m18CcMJ7gRYNGJ8VPEDMzirKtrv4vXyRJ9KmSr5FD90tKWjMxzmMDmOU_7ucHvsSv6tI3Gy1cAEMn-ykTGer9UXeUCMJlUBJcCkx2PPCB4XB7yxNrtJuGuhBs4XFBAk1mtudVOrwzjInS0EsxM6Fwv6BTpt-UqM48VCFKIT1n7U_g6_IZCWbNtuw0Vf6fxbPxi1lJR03buHG5bD8b9-y5VKD7mMj7cHjYsw0s5Sd3rLl89j3vV6AJ65ABIhihGXUXzytr8J5Em6rHZkRTZ0dS_81SjZIsPWPh1DezbzoDbv3YZLPaifMsxlPNh_8JD-6FbtT4av445mQq48mQJ64IFhTEuQwEGyQgDhm9DEHG6BRw0Tj8W9B6MzR6TgpErsQpDTSMD7cfWkKUIVDaDb6mS8To8Vvi985tYwXuD1wrVY-5tBm-ttOWhQflXC-mKbGsoMo5xesW8V8sSZa9OZL4qwc413GKd4yvyfArtfsAIeFM8R0AlkpxyzgbH3IFFWeHAoHNchvE9WsGiQTHlGjIpLY

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame B434 0
0 171ms
170ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvJ1JV1fR1HWWiT-eCGbbEO6If1qp2Ubl-ATaEcPQYup3yTUpEubpcPoGn9QJtkQ6CFZY25pIjdT57p_EVitQgfTDMI-h2TNBjz46dRYKiM8x1vRj_wocA9zuQbN3gvDrURdyDxai1M4OU9x40mXbUpKhpPZNQyuwNUX45I7CFTQFv2O1Ef40eXEUSuyBkH7JovK_wV1qQg&sai=AMfl-YR9fdpGDQXpMCgow-57KtCNRc9flsBhOdCGwtxNZ4RteYRfg00_JnLuvB8FL9fQq3oY1J8urEWsUWYlakUJ83ypDHN1mbk_0RoItKXHEWdGJVfdpqu-xS3abULlf0AX068&sig=Cg0ArKJSzNdkgBsI5XDjEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=968&vt=11&dtpt=346&dett=3&cstd=618&cisv=r20230531.00663&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 03 Jun 2023 03:47:11 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame D0AE 0
0 182ms
177ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstG8AB0Ob8D4j11SOTWolBvNX6Bdl68m5vDQ2eaJLB4R1Oi8zQT4Ps_o-DbTra-kQfPCy9WsJYWXFJBtnd_ZgslAfjjZL2I5GBhu6hUHoef_gEzI2szJ6oae0shusYH2aFZCcZU8eFlmdjawMH8ilPlu8xxac6bGl8DKTBdE9S3nc2yE0A4p5pXvOSMUsrMXGToGYxvPhpy&sai=AMfl-YSx7ZxS5fXIdrG8Ycx-L8yuJvb8PM361IOa3RQlGsMKNX03kJYnZpapZJnCXYqcZGFGL_XxYLtdZpXuaIhfGaoMVqJ9q5u7bNTEj_4Q8l2m4GG6Popwz4-S6XC1kSIRlcE&sig=Cg0ArKJSzBhUBQPa7HPLEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1009&vt=11&dtpt=360&dett=3&cstd=646&cisv=r20230531.44101&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 03 Jun 2023 03:47:11 GMT

GET
H3 200 1_300x600_1.jpg
s0.2mdn.net/sadbundle/3244123426570389665/ Frame 2227 262 KB
262 KB 138ms
134ms Image
image/jpeg 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3244123426570389665/1_300x600_1.jpg

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

sffe /

Resource Hash

c3b7f9cd42fba6931d9cb9acc435e69b7702384253c2d44b575f5dfbcc4f870b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3244123426570389665/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:45:33 GMT
x-content-type-options: nosniff
age: 601298
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 268607
x-xss-protection: 0
last-modified: Mon, 08 May 2023 13:05:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 26 May 2024 04:45:33 GMT

GET
H3 200 tetesept_300x600.jpg
s0.2mdn.net/sadbundle/3244123426570389665/ Frame 2227 344 KB
344 KB 145ms
142ms Image
image/jpeg 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3244123426570389665/tetesept_300x600.jpg

Requested by

Host: pastelink.net
URL: https://pastelink.net/ainw78r4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

sffe /

Resource Hash

151019919e1c3ef6d9d171f10dbbcdb7e65da11979c94e30175e7d9a56caf724

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3244123426570389665/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:45:51 GMT
x-content-type-options: nosniff
age: 262880
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 352561
x-xss-protection: 0
last-modified: Mon, 08 May 2023 13:05:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 May 2024 02:45:51 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame D8CF 5 KB
6 KB 445ms
144ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=1218950&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3287656304262554000V10%26type%3Dpba%26refUrl%3D%26vid%3D57640306653287656304262554000V10%26ovsid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 6d8fe878e5869b2d7c32abb99d5dead770cc8854ba81e7a9e3779d644212ac85

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Sat, 03 Jun 2023 03:47:09 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 0606 431 B
569 B 143ms
143ms Fetch
application/json 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertag&domain=pastelink.net&sn=ChromeSyncframe&so=0&topUrl=pastelink.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pastelink.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7382d7796188b8c863b4a5ee8f7e2efe570e9cdecbd8a2d8f6a949cb9c31c3e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pastelink.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:10 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 941104
expires: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 26C6 34 KB
10 KB 160ms
159ms Script
text/html 23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 030640c513ebeda61a248534f3dd8589b12213cab09eb3d079f16083a7dc4546

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 03:47:11 GMT
Content-Encoding: gzip
Last-Modified: Sat, 03 Jun 2023 02:29:36 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=81684
Connection: keep-alive
Content-Length: 10113
Expires: Sun, 04 Jun 2023 02:28:35 GMT

GET
H2 200 usync.html Show response
u.4dex.io/ Frame D2D1 822 B
1 KB 526ms
161ms Document
text/html 34.149.40.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.4dex.io/usync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1685763600000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 1fb7230ee1cb4c4a7c4ba1f7224f971d1141dd39672b690b509987c90c062dc0

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-length: 822
content-type: text/html; charset=utf-8
date: Sat, 03 Jun 2023 03:47:11 GMT
expires: 0
pragma: no-cache
vary: Origin Accept-Encoding
via: 1.1 google

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame D956 16 KB
6 KB 138ms
137ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1685763600000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=29654
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Sat, 03 Jun 2023 03:47:11 GMT
expires: Sat, 03 Jun 2023 12:01:25 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame 6320 9 KB
4 KB 500ms
124ms Document
text/html 13.32.99.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1685763600000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-85.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b24b19152e92ee2240cdf53444b33a1b8ec286e9a44072890c5490c9d8ddfa3d

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 72050
cache-control: max-age=86400
content-encoding: br
content-type: text/html
date: Fri, 02 Jun 2023 07:46:22 GMT
etag: W/"fd0102e5847015626666169917857ba8"
last-modified: Wed, 12 Apr 2023 16:16:50 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
x-amz-cf-id: QIvEtGbCwmdlABLXb8_frPYo2uErtapg9SvCyNiKm3299PY2IJawoA==
x-amz-cf-pop: FRA60-P3
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:b4af218c-2bc9-4531-9210-521693d9d5d7
x-amz-meta-codebuild-content-md5: 9cec9a15b660da7393081e2fc6c34731
x-amz-meta-codebuild-content-sha256: 8e6d48a695640d90e0623cd4e573f94721be8c1becd249758c7df42fcffde7be
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame B953 37 KB
12 KB 165ms
165ms Document
text/html 95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1685763600000

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a107608e47fc591a2809a6230a1d16faaa8e2296a615e13fdbf7669dcdf9c9ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 12237
content-type: text/html; charset=UTF-8
date: Sat, 03 Jun 2023 03:47:11 GMT
expires: Mon, 05 Jun 2023 03:47:11 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 19AC 281 B
554 B 137ms
136ms Document
text/html 23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1685763600000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 03 Jun 2023 03:47:11 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 9A37 4 KB
2 KB 136ms
136ms Document
text/html 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1685764027994

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1685763600000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

0bd511b3a03180e5fdcbf4f6ffd9b1c6875a082ac9bd517f79fb70406fd71554

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1374
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 8743 52 KB
17 KB 518ms
172ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1685763600000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 03 Jun 2023 03:47:11 GMT
ETag: "623de86a-cf34"
Expires: Sun, 04 Jun 2023 03:47:13 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2

200

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=MzAyNTcxNzc5MjM0NzQyMzY1OQ==&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEDWCCTzkWYXSDCxm7O51SMM&gdpr=0&gdpr_consent=&google_cver=1

43 B
338 B

145ms
145ms

Image
image/gif

185.86.139.94

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEDWCCTzkWYXSDCxm7O51SMM&gdpr=0&gdpr_consent=&google_cver=1
Protocol: H2
Server: 185.86.139.94 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 03 Jun 2023 03:47:13 GMT
cache-control: no-cache,no-store
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEDWCCTzkWYXSDCxm7O51SMM&gdpr=0&gdpr_consent=&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=1429da15-ccc0-4ee3-b308-445f3f95edac&gdpr=0&gdpr_consent=

43 B
347 B

1390ms
155ms

Image
image/gif

185.86.139.94

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=1429da15-ccc0-4ee3-b308-445f3f95edac&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.86.139.94 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 03 Jun 2023 03:47:12 GMT
cache-control: no-cache,no-store
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:10 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=1429da15-ccc0-4ee3-b308-445f3f95edac&gdpr=0&gdpr_consent=
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 986668
content-length: 0
expires: Sat, 03 Jun 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MzAyNTcxNzc5MjM0NzQyMzY1OQ==&gdpr=0&gdpr_consent=

170 B
188 B

144ms
143ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MzAyNTcxNzc5MjM0NzQyMzY1OQ==&gdpr=0&gdpr_consent=

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MzAyNTcxNzc5MjM0NzQyMzY1OQ==&gdpr=0&gdpr_consent=
pragma: no-cache
date: Sat, 03 Jun 2023 03:47:12 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET

/
dmp.adform.net/serving/cookie/match/
Redirect Chain

https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MzFsM3lsbFBZdThUbmk2RVNKM1p5YUhHdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZ...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDMxbDN5bGxQWXU4VG5pNkVT...
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx...
https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZX...

0
0

GET
H2 200 p-EtBqU4Lj3YbAv.gif
cms.quantserve.com/pixel/ 35 B
372 B 524ms
158ms Image
image/gif 91.228.74.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.168 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:11 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

cksync.php
contextual.media.net/ Frame 26C6
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LIFGDKTP-25-DSTK
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LIFGDKTP-25-DSTK

61 B
459 B

189ms
187ms

Image
image/gif

95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?type=rbcn&ovsid=LIFGDKTP-25-DSTK

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet

Protocol

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 03 Jun 2023 03:47:12 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Sat, 03 Jun 2023 03:47:12 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://contextual.media.net/cksync.php?type=rbcn&ovsid=LIFGDKTP-25-DSTK
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
Expires: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 19AC 34 KB
10 KB 148ms
148ms Script
text/html 23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 030640c513ebeda61a248534f3dd8589b12213cab09eb3d079f16083a7dc4546

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 03:47:11 GMT
Content-Encoding: gzip
Last-Modified: Sat, 03 Jun 2023 02:29:36 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=81684
Connection: keep-alive
Content-Length: 10113
Expires: Sun, 04 Jun 2023 02:28:35 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 9A37
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://onetag-sys.com/match/?int_id=1&uid=d5d1647a-b7c0-4d00-b7dc-8c445fc6620b&gdpr=1&gdpr_consent=

0
291 B

138ms
138ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=1&uid=d5d1647a-b7c0-4d00-b7dc-8c445fc6620b&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1685764027994

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Sat, 03 Jun 2023 03:47:12 GMT
Server: MT3 851 9bd98ae master cdg-pixel-x34 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://onetag-sys.com/match/?int_id=1&uid=d5d1647a-b7c0-4d00-b7dc-8c445fc6620b&gdpr=1&gdpr_consent=
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 03 Jun 2023 03:47:11 GMT

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 9A37 0
239 B 1970ms
136ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1685764027994
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

/
onetag-sys.com/match/ Frame 9A37
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=9151607127440319276

0
291 B

186ms
163ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=9151607127440319276

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1685764027994

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Sat, 03 Jun 2023 03:47:11 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.239.206.129; 91.239.206.129; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: f313f465-9942-4a53-95a1-8abc05d64941
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=9151607127440319276
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 9A37 42 B
677 B 589ms
145ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=0VIBXsDlMz323UsxRYARZEjXT5E8_a5eTzZwstk5Jh8
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1685764027994
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9A37
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiH9dxD6EyMnnx7l7ApjxEt3FeQFmAGOl_A

170 B
188 B

227ms
204ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiH9dxD6EyMnnx7l7ApjxEt3FeQFmAGOl_A

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1685764027994

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiH9dxD6EyMnnx7l7ApjxEt3FeQFmAGOl_A
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H/1.1 200
OK sync
ssbsync-global.smartadserver.com/api/ Frame 9A37 0
75 B 2054ms
146ms Image
text/plain 185.86.138.152

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1685764027994
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.152 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:12 GMT
content-length: 0

GET
H2 400 711916.gif
id.rlcdn.com/ Frame 9A37 0
0 1041ms
150ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1685764027994
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9A37
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=dnKiWkreB1GcRTEBU2MHNKRs2QEVxvNVa-kE6LP2hfg

43 B
479 B

492ms
224ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=dnKiWkreB1GcRTEBU2MHNKRs2QEVxvNVa-kE6LP2hfg

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1685764027994

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 03 Jun 2023 03:47:12 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 16YFY9E0E31VZVMSN6ST
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=dnKiWkreB1GcRTEBU2MHNKRs2QEVxvNVa-kE6LP2hfg
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ Frame 9A37 0
42 B 1488ms
138ms Image
text/plain 198.47.127.18

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1685764027994
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.18 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:12 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 9A37
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEN88eBY_K73UeoonKUdFHW4&google_cver=1

0
291 B

174ms
165ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESEN88eBY_K73UeoonKUdFHW4&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1685764027994

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESEN88eBY_K73UeoonKUdFHW4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET occ
ups.analytics.yahoo.com/ups/58488/ Frame 9A37 0
0

GET
H2

200

/
onetag-sys.com/match/ Frame 9A37
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
https://onetag-sys.com/match/?int_id=29&uid=e3707cb1-3f6a-4e6f-9166-acd9967ce73c&gdpr=0&gdpr_consent=

0
291 B

158ms
157ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=29&uid=e3707cb1-3f6a-4e6f-9166-acd9967ce73c&gdpr=0&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1685764027994

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:11 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://onetag-sys.com/match/?int_id=29&uid=e3707cb1-3f6a-4e6f-9166-acd9967ce73c&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 233

GET
H2 200 sync
x.bidswitch.net/ Frame 9A37 43 B
145 B 149ms
147ms Image
image/gif 52.57.182.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1685764027994
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.182.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-182-76.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 sync Show response
gum.criteo.com/ Frame B953 88 B
343 B 145ms
143ms Script
text/javascript 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1d466a5af213f70080d85c1e4642ca34c2dd0e0cc7b87e6675ac50e2a74c5ae4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:10 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 613846
expires: 60

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame AA39
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
https://eus.rubiconproject.com/usync.html?p=medianet

281 B
554 B

165ms
159ms

Document
text/html

23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=medianet
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://contextual.media.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 03 Jun 2023 03:47:11 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sat, 03 Jun 2023 03:47:11 GMT
location: https://eus.rubiconproject.com/usync.html?p=medianet
server: AkamaiGHost

GET
H2

200

cksync.php
contextual.media.net/ Frame B953
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3287656304262554000V10
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3287656304262554000V10
https://contextual.media.net/cksync.php?type=mf&ovsid=6fbbdc0b-9914-4613-81a7-47320acdd0a0&cs=1

61 B
472 B

163ms
162ms

Image
image/gif

95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?type=mf&ovsid=6fbbdc0b-9914-4613-81a7-47320acdd0a0&cs=1

Requested by

Protocol

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 03 Jun 2023 03:47:12 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Sat, 03 Jun 2023 03:47:12 GMT

Redirect headers

Location: //contextual.media.net/cksync.php?type=mf&ovsid=6fbbdc0b-9914-4613-81a7-47320acdd0a0&cs=1
Date: Sat, 03 Jun 2023 03:47:12 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

cksync
cs.media.net/ Frame B953
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e3707cb1-3f6a-4e6f-9166-acd9967ce73c

61 B
457 B

162ms
161ms

Image
image/gif

23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e3707cb1-3f6a-4e6f-9166-acd9967ce73c
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol: H2
Server: 23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:11 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Sat, 03 Jun 2023 03:47:11 GMT

Redirect headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:11 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e3707cb1-3f6a-4e6f-9166-acd9967ce73c
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 199

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame C995 16 KB
6 KB 143ms
142ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3287656304262554000V10%26type%3Dpba%26refUrl%3D%26vid%3D57640315263287656304262554000V10%26ovsid%3DPM_UID
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://contextual.media.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=29654
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Sat, 03 Jun 2023 03:47:11 GMT
expires: Sat, 03 Jun 2023 12:01:25 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2

200

cksync.php
contextual.media.net/ Frame B953
Redirect Chain

https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3287656304262554000V10&type=son&refUrl=&vid=57640315263287656304262554000V10&ovsid=[UID]
https://contextual.media.net/cksync.php?cs=8&vsid=3287656304262554000V10&type=son&refUrl=&vid=57640315263287656304262554000V10&ovsid=0938de77-c641-4fdb-962f-c7ea949e7edc

61 B
472 B

161ms
160ms

Image
image/gif

95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=8&vsid=3287656304262554000V10&type=son&refUrl=&vid=57640315263287656304262554000V10&ovsid=0938de77-c641-4fdb-962f-c7ea949e7edc

Requested by

Protocol

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 03 Jun 2023 03:47:11 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Sat, 03 Jun 2023 03:47:11 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 03 Jun 2023 03:47:11 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-177
Content-Type: text/plain; charset=utf8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://contextual.media.net/cksync.php?cs=8&vsid=3287656304262554000V10&type=son&refUrl=&vid=57640315263287656304262554000V10&ovsid=0938de77-c641-4fdb-962f-c7ea949e7edc
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET rmp1r1
sync.1rx.io/usersync2/ Frame B953 0
0

GET
H2

200

cksync.php
contextual.media.net/ Frame B953
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3287656304262554000V10%26type%3Ddxu%26refUrl%3D%26vid%3D57640315263287656304262...
https://contextual.media.net/cksync.php?cs=8&vsid=3287656304262554000V10&type=dxu&refUrl=&vid=57640315263287656304262554000V10&ovsid=EcXQKwG31Q5ier5

61 B
458 B

187ms
184ms

Image
image/gif

95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=8&vsid=3287656304262554000V10&type=dxu&refUrl=&vid=57640315263287656304262554000V10&ovsid=EcXQKwG31Q5ier5

Requested by

Protocol

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 03 Jun 2023 03:47:12 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Sat, 03 Jun 2023 03:47:12 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 03 Jun 2023 03:47:11 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-03b3f67f69a828fdc@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://contextual.media.net/cksync.php?cs=8&vsid=3287656304262554000V10&type=dxu&refUrl=&vid=57640315263287656304262554000V10&ovsid=EcXQKwG31Q5ier5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
b1sync.zemanta.com/usersync/medianet/ Frame B953 0
0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame ADA0
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8194647a-b7c0-4700-9e25-ab932002dcd3&gdpr=0&gdpr_consent=

42 B
324 B

172ms
136ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8194647a-b7c0-4700-9e25-ab932002dcd3&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3287656304262554000V10%26type%3Dpba%26refUrl%3D%26vid%3D57640306653287656304262554000V10%26ovsid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 03 Jun 2023 03:47:11 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Sat, 03 Jun 2023 03:47:12 GMT
Expires: Sat, 03 Jun 2023 03:47:11 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 851 9bd98ae master cdg-pixel-x28 config_version:"unknown"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8194647a-b7c0-4700-9e25-ab932002dcd3&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 7ACC
Redirect Chain

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329525987312891

42 B
273 B

710ms
148ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329525987312891
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3287656304262554000V10%26type%3Dpba%26refUrl%3D%26vid%3D57640306653287656304262554000V10%26ovsid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 03 Jun 2023 03:47:11 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Content-Length: 0
Date: Sat, 03 Jun 2023 03:47:11 GMT
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329525987312891
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 4159
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
95 B

603ms
135ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3287656304262554000V10%26type%3Dpba%26refUrl%3D%26vid%3D57640306653287656304262554000V10%26ovsid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 03 Jun 2023 03:47:12 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 03:47:10 GMT
expires: Sat, 03 Jun 2023 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 663276
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET pubmatic
d5p.de17a.com/getuid/ Frame AF7C 0
0

GET dcm
aax-eu.amazon-adsystem.com/s/ Frame 2FFB 0
0

GET
H2 200 p-5aWVS_roA1dVM.gif Show response
cms.quantserve.com/pixel/ Frame 5CF2 35 B
424 B 247ms
155ms Document
image/gif 91.228.74.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3287656304262554000V10%26type%3Dpba%26refUrl%3D%26vid%3D57640306653287656304262554000V10%26ovsid%3DPM_UID

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.168 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
content-type: image/gif
date: Sat, 03 Jun 2023 03:47:11 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 61B1
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9151607127440319276&gdpr=0&gdpr_consent=

42 B
446 B

415ms
134ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9151607127440319276&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3287656304262554000V10%26type%3Dpba%26refUrl%3D%26vid%3D57640306653287656304262554000V10%26ovsid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 03 Jun 2023 03:47:11 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

AN-X-Request-Uuid: 3430a8b0-468d-4f9b-9e84-d27782a91867
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Sat, 03 Jun 2023 03:47:11 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9151607127440319276&gdpr=0&gdpr_consent=
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 91.239.206.129; 91.239.206.129; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame CA7E
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7240301386218403990&gdpr=0&gdpr_consent=

42 B
298 B

134ms
134ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7240301386218403990&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3287656304262554000V10%26type%3Dpba%26refUrl%3D%26vid%3D57640306653287656304262554000V10%26ovsid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 03 Jun 2023 03:47:10 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Date: Sat, 03 Jun 2023 03:47:12 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7240301386218403990&gdpr=0&gdpr_consent=
Server: nginx
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET pm
match.prod.bidr.io/cookie-sync/ Frame 7582 0
0

GET b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame CDC6 0
0

GET sync
sync.srv.stackadapt.com/ Frame 7F25 0
0

GET bridge
cm.adgrx.com/ Frame 060E 0
0

GET usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame C1A1 0
0

GET cookiesync
core.iprom.net/ Frame B675 0
0

GET cm
ipac.ctnsnet.com/int/ Frame 2676 0
0

GET /
csync.loopme.me/ Frame 547B 0
0

GET cm
green.erne.co/pubmatic/ Frame 5E53 0
0

GET i.match
a.tribalfusion.com/ Frame 0E88 0
0

GET
H2 200 cksync.php Show response
contextual.media.net/ Frame 5688 61 B
475 B 233ms
171ms Document
image/gif 95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/cksync.php?cs=9&vsid=3287656304262554000V10&type=pba&refUrl=&vid=57640306653287656304262554000V10&ovsid=6929E52C-09DD-4DB0-8D3D-B5F73033A0BC

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-length: 61
content-type: image/gif
date: Sat, 03 Jun 2023 03:47:11 GMT
expires: Sat, 03 Jun 2023 03:47:11 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma: no-cache
server: Apache
strict-transport-security: max-age=31536000
x-mnet-hl2: E

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D8CF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aSnlLAndTbCNPbX3MDOgvA%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

154ms
153ms

Image
text/html

23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3287656304262554000V10%26type%3Dpba%26refUrl%3D%26vid%3D57640306653287656304262554000V10%26ovsid%3DPM_UID
Protocol: H2
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:12 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=29653
accept-ranges: bytes
content-length: 5554
expires: Sat, 03 Jun 2023 12:01:25 GMT

Redirect headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET qmap
sync.crwdcntrl.net/ Frame D8CF 0
0

GET cr
cr.frontend.weborama.fr/ Frame D8CF 0
0

GET

/
dmp.adform.net/serving/cookie/match/ Frame D8CF
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=6929E52C-09DD-4DB0-8D3D-B5F73033A0BC
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MzFsSmc0U1loaHJUYXU5SVo2S240MURlUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=

0
0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame D8CF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjkyOUU1MkMtMDlERC00REIwLThEM0QtQjVGNzMwMzNBMEJD&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

514ms
150ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3287656304262554000V10%26type%3Dpba%26refUrl%3D%26vid%3D57640306653287656304262554000V10%26ovsid%3DPM_UID
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 03 Jun 2023 03:47:12 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame D8CF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPPLlleHwzcHnIlNIhvWhH8&google_cver=1

42 B
529 B

510ms
147ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPPLlleHwzcHnIlNIhvWhH8&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3287656304262554000V10%26type%3Dpba%26refUrl%3D%26vid%3D57640306653287656304262554000V10%26ovsid%3DPM_UID
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 03 Jun 2023 03:47:12 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPPLlleHwzcHnIlNIhvWhH8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET pubmatic
um.simpli.fi/ Frame D8CF 0
0

GET match
c1.adform.net/serving/cookie/ Frame D8CF 0
0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame D8CF
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e3707cb1-3f6a-4e6f-9166-acd9967ce73c&gdpr=0&gdpr_consent=

42 B
278 B

407ms
135ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e3707cb1-3f6a-4e6f-9166-acd9967ce73c&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3287656304262554000V10%26type%3Dpba%26refUrl%3D%26vid%3D57640306653287656304262554000V10%26ovsid%3DPM_UID
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 03 Jun 2023 03:47:11 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:11 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e3707cb1-3f6a-4e6f-9166-acd9967ce73c&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 355

GET sync
ups.analytics.yahoo.com/ups/58292/ Frame D8CF 0
0

GET
H2 200 6929E52C-09DD-4DB0-8D3D-B5F73033A0BC
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame D8CF 43 B
603 B 1717ms
160ms Image
image/gif 34.242.99.146

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/6929E52C-09DD-4DB0-8D3D-B5F73033A0BC?gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.99.146 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET

sync
pool.admedo.com/ Frame D8CF
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=2bc77ec1-1b8a-492a-a8e9-13ff962d1fec

0
0

GET current
pubmatic-match.dotomi.com/match/bounce/ Frame D8CF 0
0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame D8CF
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8050394066574565614&gdpr=0&gdpr_consent=&us_privacy=

1 B
195 B

224ms
136ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8050394066574565614&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3287656304262554000V10%26type%3Dpba%26refUrl%3D%26vid%3D57640306653287656304262554000V10%26ovsid%3DPM_UID
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sat, 03 Jun 2023 03:47:11 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8050394066574565614&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Sat, 03 Jun 2023 03:47:11 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame D8CF
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=6c31093b-415f-4c03-83bf-715972b83d01-647ab7c0-4745&gdpr=0&gdpr_consent=

42 B
264 B

147ms
146ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=6c31093b-415f-4c03-83bf-715972b83d01-647ab7c0-4745&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3287656304262554000V10%26type%3Dpba%26refUrl%3D%26vid%3D57640306653287656304262554000V10%26ovsid%3DPM_UID
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 03 Jun 2023 03:47:12 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:12 GMT
server: A
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=6c31093b-415f-4c03-83bf-715972b83d01-647ab7c0-4745&gdpr=0&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame D8CF
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:ce6ee35b-28b0-40c0-bbd6-89c8f1e85a8a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=114&uid=6929E52C-09DD-4DB0-8D3D-B5F73033A0BC

0
291 B

141ms
141ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=114&uid=6929E52C-09DD-4DB0-8D3D-B5F73033A0BC

Requested by

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=114&uid=6929E52C-09DD-4DB0-8D3D-B5F73033A0BC
date: Sat, 03 Jun 2023 03:47:13 GMT
cache-control: private,max-age=86400
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 108
content-type: text/html; charset=utf-8

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6D7E 42 B
174 B 226ms
173ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuSJmZX_wi6ECJbfRKdOrRBGVdgngOSB7NzaaeBMrQ1spm0jytGJlzbMAO7lkuLMtPzBO9MQsiqS-u9u3a4R1H_Y6eAqTqvATE&sig=Cg0ArKJSzPNslGQX1BJyEAE&id=lidar2&mcvt=1042&p=0,0,90,728&mtos=1042,1042,1042,1042,1042&tos=1042,0,0,0,0&v=20230531&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=1814326990&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685764028802&rpt=1778&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6D7E 42 B
108 B 225ms
173ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuSbRvToGB3BAO6tv0tXS0DTfh280umdstDbH4IX7qumyuQQ2Bp0cKKaAAyUny8-cTjZRR7EmAMdc9ePffDiLMDTdZUXoFqN-rAAGjzHzrQjolTd5P1&sig=Cg0ArKJSzMsI61kCtEYMEAE&id=lidar2&mcvt=1049&p=1105,436,1195,1164&mtos=1049,1049,1049,1049,1049&tos=1049,0,0,0,0&v=20230531&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=840525636&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685764028802&rpt=1774&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3BA9 42 B
108 B 217ms
173ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssfkCDXZIaJFX9qwePz1kSlkEixuHA7BIwNASA1WJUtJcaSUOc1NenI6Er2B0tdIqRNUYuGBooVuqQvWXNDxMAKRKpeeP3J4Ko&sig=Cg0ArKJSzF8AYxQnL029EAE&id=lidar2&mcvt=1015&p=0,0,90,728&mtos=1015,1015,1015,1015,1015&tos=1015,0,0,0,0&v=20230531&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=2403728479&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685764028817&rpt=1803&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3BA9 42 B
108 B 211ms
173ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsszydFLz6l7lMdRh8F2tHVSaVZaq1ADP6WZ6WGD790LCytMJJbOwORtuAY2jZ5l0N6Jr8wzRi-rUPKTf8XcfwzoysyTZAr7ChJs7bABWmeEvF5uEHi_&sig=Cg0ArKJSzPmsy4bYfgRpEAE&id=lidar2&mcvt=1024&p=345,310,435,1038&mtos=1024,1024,1024,1024,1024&tos=1024,0,0,0,0&v=20230531&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3944560474&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685764028817&rpt=1800&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK lg
coplg-w.media.net/cc/ Frame D0AE 0
124 B 315ms
296ms Ping
text/plain 35.233.184.126
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://coplg-w.media.net/cc/lg
Requested by: Host: cdn-copclient-w.media.net
URL: https://cdn-copclient-w.media.net/cc/creativecop.js?https=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.233.184.126 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 126.184.233.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 03 Jun 2023 03:47:11 GMT
x-envoy-upstream-service-time: 1
server: envoy
content-length: 0

GET
H2 200 log
c21lg-d.media.net/ Frame B953 35 B
164 B 311ms
287ms Image
image/gif 23.212.88.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-c&ovsid=6FuNsG8iBt4ixdMXH19q_k2OInZqGVcY&cs=15&vsid=3287656304262554000V10
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-88-20.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 03 Jun 2023 03:47:11 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 03 Jun 2023 03:47:11 GMT
content-length: 35
content-type: image/gif

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame E50F 4 KB
2 KB 1508ms
157ms Document
text/html 34.249.214.187

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.214.187 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 5c24a5ad3c2a3064d5575c221b0c84b321485b72dd669241c6c9523a13ebb5c7

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Sat, 03 Jun 2023 03:47:13 GMT
etag: W/"096d54d10ea8c3b533e983f793527c176"
server: nginx
timing-allow-origin: *

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 1BF5 4 KB
2 KB 158ms
142ms Document
text/html 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

322ffddbb428f4ccb15062c8d4ff735e0b058618f1684c086770ff9453f2a0df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1397
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET sync
ssbsync.smartadserver.com/api/ Frame 2B38 0
0

GET usermatch
ssum-sec.casalemedia.com/ Frame FB0C 0
0

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 053A
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

281 B
554 B

136ms
135ms

Document
text/html

23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 03 Jun 2023 03:47:12 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sat, 03 Jun 2023 03:47:12 GMT
location: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server: AkamaiGHost

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame DCAD 16 KB
6 KB 149ms
137ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=29654
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Sat, 03 Jun 2023 03:47:11 GMT
expires: Sat, 03 Jun 2023 12:01:25 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 00CD 0
0

GET
H/1.1 200
OK user-sync Show response
sync.adkernel.com/ Frame 67B9 635 B
1 KB 1698ms
139ms Document
text/html 77.245.57.72

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: d30e2ba1e91b86317e66d641209200f039cb870cef4d8cee2f29cf0bfcaa572c

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Age: 0
Cache-Control: no-store
Connection: close
Content-Length: 635
Content-Type: text/html; charset=utf-8
Date: Sat, 03 Jun 2023 03:47:13 GMT
Pragma: no-cache
Server: nginx

GET sync-iframe
cs-server-s2s.yellowblue.io/ Frame D22F 0
0

GET
H2

200

sync
ads.servenobid.com/ Frame 6320
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
https://ads.servenobid.com/sync?pid=312&uid=9151607127440319276

0
344 B

159ms
159ms

Image
image/avif

34.243.181.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=312&uid=9151607127440319276
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 34.243.181.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-181-201.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:12 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Date: Sat, 03 Jun 2023 03:47:11 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.239.206.129; 91.239.206.129; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 4e6e5fdc-fe90-4b29-b30a-07933398aa6d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://ads.servenobid.com/sync?pid=312&uid=9151607127440319276
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 6320
Redirect Chain

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
https://ads.servenobid.com/sync?pid=310&uid=GwIDvRZHbbCb_prYT-2rymQm

0
350 B

163ms
163ms

Image
image/avif

34.243.181.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=310&uid=GwIDvRZHbbCb_prYT-2rymQm
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 34.243.181.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-181-201.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:13 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Pragma: no-cache
Date: Sat, 03 Jun 2023 03:47:13 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ads.servenobid.com/sync?pid=310&uid=GwIDvRZHbbCb_prYT-2rymQm
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET pixel
ap.lijit.com/ Frame 6320 0
0

GET rmpssp
sync.1rx.io/usersync2/ Frame 6320 0
0

GET
H2

200

sync
ads.servenobid.com/ Frame 6320
Redirect Chain

https://p.rfihub.com/cm?pub=44007&in=1
https://ads.servenobid.com/sync?pid=324&uid=5133329525987312891

0
344 B

161ms
161ms

Image
image/avif

34.243.181.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=324&uid=5133329525987312891
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 34.243.181.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-181-201.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:12 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Location: https://ads.servenobid.com/sync?pid=324&uid=5133329525987312891
Date: Sat, 03 Jun 2023 03:47:11 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

sync
ads.servenobid.com/ Frame 6320
Redirect Chain

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
https://ads.servenobid.com/sync?pid=332&uid=0938de77-c641-4fdb-962f-c7ea949e7edc

0
356 B

158ms
158ms

Image
image/avif

34.243.181.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=332&uid=0938de77-c641-4fdb-962f-c7ea949e7edc
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 34.243.181.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-181-201.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:12 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Pragma: no-cache
Date: Sat, 03 Jun 2023 03:47:12 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-177
Content-Type: text/plain; charset=utf8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://ads.servenobid.com/sync?pid=332&uid=0938de77-c641-4fdb-962f-c7ea949e7edc
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET 0
prebid.a-mo.net/cchain/ Frame 6320 0
0

GET occ
ups.analytics.yahoo.com/ups/58559/ Frame 6320 0
0

GET redirectuser
ssp.disqus.com/ Frame 6320 0
0

GET occ
ups.analytics.yahoo.com/ups/58632/ Frame 6320 0
0

GET
H2 204 v1
match.sharethrough.com/universal/ Frame 6320 0
356 B 664ms
137ms Image
text/plain 35.157.25.132

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.25.132 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:12 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 6320
Redirect Chain

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
https://ads.servenobid.com/sync?pid=353&uid=3287656304262554000V10

0
346 B

159ms
157ms

Image
image/avif

34.243.181.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=353&uid=3287656304262554000V10
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 34.243.181.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-181-201.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:12 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Sat, 03 Jun 2023 03:47:12 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location: https://ads.servenobid.com/sync?pid=353&uid=3287656304262554000V10
content-type: text/html
cache-control: max-age=0, no-cache, no-store
content-length: 154
x-mnet-hl2: E
expires: Sat, 03 Jun 2023 03:47:12 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame AA39 34 KB
10 KB 159ms
159ms Script
text/html 23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 030640c513ebeda61a248534f3dd8589b12213cab09eb3d079f16083a7dc4546

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 03:47:11 GMT
Content-Encoding: gzip
Last-Modified: Sat, 03 Jun 2023 02:29:36 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=81684
Connection: keep-alive
Content-Length: 10113
Expires: Sun, 04 Jun 2023 02:28:35 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3BA9 0
20 B 170ms
170ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6375679841815&version=m202301230201&ct=2&x=8&cor=1974257255291366700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D7E 0
20 B 171ms
170ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4011590377704&version=m202301230201&ct=2&x=8&cor=642482739479847400

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 8743 0
861 B 145ms
144ms Script
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 03 Jun 2023 03:47:12 GMT
AN-X-Request-Uuid: e5d69a57-639a-4125-9077-de47303c7204
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 91.239.206.129; 91.239.206.129; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame FBE6 16 KB
6 KB 134ms
134ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Requested by: Host: u.4dex.io
URL: https://u.4dex.io/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://u.4dex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=29653
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Sat, 03 Jun 2023 03:47:12 GMT
expires: Sat, 03 Jun 2023 12:01:25 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1BF5
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiH9dxqCLLuOVAAJshCQzOVU634j0PSSwjg

170 B
188 B

147ms
146ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiH9dxqCLLuOVAAJshCQzOVU634j0PSSwjg

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiH9dxqCLLuOVAAJshCQzOVU634j0PSSwjg
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 400 711916.gif
id.rlcdn.com/ Frame 1BF5 0
0 437ms
150ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

/
onetag-sys.com/match/ Frame 1BF5
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
https://onetag-sys.com/match/?int_id=1&uid=7ecc647a-b7c0-4900-805a-c63e83b5dacd&gdpr=0&gdpr_consent=

0
291 B

135ms
135ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=1&uid=7ecc647a-b7c0-4900-805a-c63e83b5dacd&gdpr=0&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Sat, 03 Jun 2023 03:47:12 GMT
Server: MT3 851 9bd98ae master cdg-pixel-x31 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://onetag-sys.com/match/?int_id=1&uid=7ecc647a-b7c0-4900-805a-c63e83b5dacd&gdpr=0&gdpr_consent=
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 03 Jun 2023 03:47:11 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 1BF5
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=2&uid=LIFGDKTP-25-DSTK&gdpr=0

0
291 B

137ms
137ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=2&uid=LIFGDKTP-25-DSTK&gdpr=0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://onetag-sys.com/match/?int_id=2&uid=LIFGDKTP-25-DSTK&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 1BF5
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=9151607127440319276

0
291 B

137ms
134ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=9151607127440319276

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Sat, 03 Jun 2023 03:47:12 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.239.206.129; 91.239.206.129; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: b34446a5-b344-49f3-b65c-2a0fe67652a9
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=9151607127440319276
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 1BF5 42 B
677 B 138ms
134ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=dnKiWkreB1GcRTEBU2MHNKRs2QEVxvNVa-kE6LP2hfg
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

/
onetag-sys.com/match/ Frame 1BF5
Redirect Chain

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
https://onetag-sys.com/match/?int_id=107&uid=3025717792347423659

0
291 B

135ms
135ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=107&uid=3025717792347423659

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=107&uid=3025717792347423659
date: Sat, 03 Jun 2023 03:47:12 GMT
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1BF5
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=c98XbXPyw0Uh7HhxsmKr3A3zevZ-JlCmvYSlZ822J9E

43 B
720 B

406ms
225ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=c98XbXPyw0Uh7HhxsmKr3A3zevZ-JlCmvYSlZ822J9E

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 03 Jun 2023 03:47:12 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: EM8AE3Y58CN26CBT0QQB
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=c98XbXPyw0Uh7HhxsmKr3A3zevZ-JlCmvYSlZ822J9E
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 1BF5
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=9151607127440319276

42 B
95 B

141ms
141ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=9151607127440319276
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 03 Jun 2023 03:47:13 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sat, 03 Jun 2023 03:47:13 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.239.206.129; 91.239.206.129; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 0bf6e5fd-9681-4284-9283-60febfda0059
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=9151607127440319276
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 1BF5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEN88eBY_K73UeoonKUdFHW4&google_cver=1

0
291 B

136ms
135ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESEN88eBY_K73UeoonKUdFHW4&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESEN88eBY_K73UeoonKUdFHW4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET occ
ups.analytics.yahoo.com/ups/58488/ Frame 1BF5 0
0

GET
H2

200

/
onetag-sys.com/match/ Frame 1BF5
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=29&uid=e3707cb1-3f6a-4e6f-9166-acd9967ce73c&gdpr=0&gdpr_consent=

0
291 B

136ms
135ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=29&uid=e3707cb1-3f6a-4e6f-9166-acd9967ce73c&gdpr=0&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:12 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://onetag-sys.com/match/?int_id=29&uid=e3707cb1-3f6a-4e6f-9166-acd9967ce73c&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 233

GET
H2

200

/
onetag-sys.com/match/ Frame 1BF5
Redirect Chain

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag&bsw_user_id=2bc77ec1-1b8a-492a-a8e9-13ff962d1fec&gdpr=0&gdpr_consent=&us_privacy=
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=onetag&bsw_user_id=2bc77ec1-1b8a-492a-a8e9-13ff962d1fec&gdpr=0&gdpr_consent=&us_privacy=
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=55851cb9-2b78-41de-82c5-3741697a0521&ssp=onetag&gdpr=0
https://onetag-sys.com/match/?int_id=30&uid=2bc77ec1-1b8a-492a-a8e9-13ff962d1fec&gdpr=0&gdpr_consent=&us_privacy=

0
291 B

135ms
135ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=30&uid=2bc77ec1-1b8a-492a-a8e9-13ff962d1fec&gdpr=0&gdpr_consent=&us_privacy=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: //onetag-sys.com/match/?int_id=30&uid=2bc77ec1-1b8a-492a-a8e9-13ff962d1fec&gdpr=0&gdpr_consent=&us_privacy=
date: Sat, 03 Jun 2023 03:47:12 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 sync
ads.servenobid.com/ Frame 1BF5 0
365 B 161ms
158ms Image
image/avif 34.243.181.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=318&uid=dnKiWkreB1GcRTEBU2MHNKRs2QEVxvNVa-kE6LP2hfg
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.181.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-181-201.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:12 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B434 42 B
64 B 170ms
168ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuh8AxG0qsNcDUwHOHHkD-_OR0ZKkL8KToQzYoC-G01gP2cABRku2fs8_dzF8tkwVEZxji0urXs1mO0AujM5bZ_oINVwctqxLI&sig=Cg0ArKJSzPn9Iriv-jWlEAE&id=lidar2&mcvt=1011&p=0,0,600,300&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20230531&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=1953862145&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685764029702&rpt=1377&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 053A 34 KB
10 KB 147ms
147ms Script
text/html 23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 030640c513ebeda61a248534f3dd8589b12213cab09eb3d079f16083a7dc4546

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 03:47:12 GMT
Content-Encoding: gzip
Last-Modified: Sat, 03 Jun 2023 02:29:36 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=81683
Connection: keep-alive
Content-Length: 10113
Expires: Sun, 04 Jun 2023 02:28:35 GMT

GET sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 053A 0
0

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 24CB
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu

281 B
554 B

135ms
134ms

Document
text/html

23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Requested by: Host: u.4dex.io
URL: https://u.4dex.io/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://u.4dex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 03 Jun 2023 03:47:13 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sat, 03 Jun 2023 03:47:13 GMT
location: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
server: AkamaiGHost

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 8743 0
861 B 136ms
136ms Script
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 03 Jun 2023 03:47:13 GMT
AN-X-Request-Uuid: 9d9ff685-8eb2-4560-85c9-19bdef1c8c83
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 91.239.206.129; 91.239.206.129; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET

usersync
usersync.gumgum.com/ Frame E50F
Redirect Chain

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
https://usersync.gumgum.com/usersync?b=apn&i=9151607127440319276

0
0

GET

match
ads.betweendigital.com/ Frame E50F
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_5991c293-fdb1-47f7-8b2e-7b2ed0bc47d0&gdpr=0&gdpr_consent=&us_privacy=1---
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26u...
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26u...

0
0

GET sync
sync.srv.stackadapt.com/ Frame E50F 0
0

GET /
b1sync.zemanta.com/usersync/gumgum/ Frame E50F 0
0

GET rtset
bh.contextweb.com/bh/ Frame E50F 0
0

GET redirectObuid
sync.outbrain.com/ Frame E50F 0
0

GET

usersync
usersync.gumgum.com/ Frame E50F
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://usersync.gumgum.com/usersync?b=opx&i=6e69714f-4e78-0d23-0d18-b84502769743

0
0

GET

usersync
usersync.gumgum.com/ Frame E50F
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=oth&i=y-LHJdPshE2pdMAQxlCKGya2GPQxuPZeiN6A9y~A

0
0

GET generic
sync.ipredictive.com/d/sync/cookie/ Frame E50F 0
0

GET services
sync.technoratimedia.com/ Frame E50F 0
0

GET 142
match.deepintent.com/usersync/ Frame E50F 0
0

GET

usersync
usersync.gumgum.com/ Frame E50F
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://usersync.gumgum.com/usersync?b=idi&i=7772982b-b393-4343-9871-06b288e8b54c

0
0

GET sync
ssbsync.smartadserver.com/api/ Frame E50F 0
0

GET
H2 200 sync
ads.servenobid.com/ Frame E50F 0
358 B 166ms
158ms Image
image/avif 34.243.181.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=309&uid=e_5991c293-fdb1-47f7-8b2e-7b2ed0bc47d0
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.181.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-181-201.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:13 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET user-sync
sync.adkernel.com/ Frame DBC5 0
0

GET e9d4ff858b5e32317e843f5ed11b2659.gif
cs.iqzone.com/ Frame B38E 0
0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame C7E2 16 KB
6 KB 139ms
134ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=29652
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Sat, 03 Jun 2023 03:47:13 GMT
expires: Sat, 03 Jun 2023 12:01:25 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET

usersync
usersync.gumgum.com/ Frame 858D
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=ttd&i=e3707cb1-3f6a-4e6f-9166-acd9967ce73c

0
0

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 7239
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://usersync.gumgum.com/usersync?b=mmh&i=7ecc647a-b7c0-4900-805a-c63e83b5dacd&gdpr=0&gdpr_consent=

35 B
250 B

525ms
163ms

Document
image/gif

34.247.233.198

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=mmh&i=7ecc647a-b7c0-4900-805a-c63e83b5dacd&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.233.198 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Sat, 03 Jun 2023 03:47:14 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Sat, 03 Jun 2023 03:47:13 GMT
Expires: Sat, 03 Jun 2023 03:47:12 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 851 9bd98ae master cdg-pixel-x35 config_version:"unknown"
location: https://usersync.gumgum.com/usersync?b=mmh&i=7ecc647a-b7c0-4900-805a-c63e83b5dacd&gdpr=0&gdpr_consent=

GET URnmbSKM
sync-tm.everesttech.net/upi/pid/ Frame 1990 0
0

GET
H3 200 pixel Show response
cm.g.doubleclick.net/ Frame F0FF 170 B
188 B 148ms
143ms Document
image/png 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81OTkxYzI5My1mZGIxLTQ3ZjctOGIyZS03YjJlZDBiYzQ3ZDA=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 03:47:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET idsync
tg.socdm.com/aux/ Frame 98B3 0
0

GET gumgum
cs.admanmedia.com/sync/ Frame A5DE 0
0

GET usermatchredir
ssum-sec.casalemedia.com/ Frame EE2E 0
0

GET cm-notify
creativecdn.com/ Frame 6CD2 0
0

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 9025
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
554 B

149ms
148ms

Document
text/html

23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 03 Jun 2023 03:47:13 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sat, 03 Jun 2023 03:47:13 GMT
location: https://eus.rubiconproject.com/usync.html?p=gumgum
server: AkamaiGHost

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 24CB 34 KB
10 KB 149ms
149ms Script
text/html 23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 030640c513ebeda61a248534f3dd8589b12213cab09eb3d079f16083a7dc4546

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 03:47:13 GMT
Content-Encoding: gzip
Last-Modified: Sat, 03 Jun 2023 02:29:36 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=81682
Connection: keep-alive
Content-Length: 10113
Expires: Sun, 04 Jun 2023 02:28:35 GMT

GET SPug
simage4.pubmatic.com/AdServer/ Frame D8CF 0
0

GET

user-sync
sync.adkernel.com/ Frame 67B9
Redirect Chain

https://ib.adnxs.com/getuid?%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D578434%26t%3Dimage%26uid%3D%24UID%26us_privacy%3D1YN-
https://sync.adkernel.com/user-sync?zone=181225&dsp=578434&t=image&uid=9151607127440319276&us_privacy=1YN-

0
0

GET
H2

200

setuid
u.4dex.io/ Frame 24CB
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=LIFGDKTP-25-DSTK
https://u.4dex.io/setuid?bidder=rubicon&uid=LIFGDKTP-25-DSTK

0
570 B

147ms
147ms

Image
text/plain

34.149.40.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.4dex.io/setuid?bidder=rubicon&uid=LIFGDKTP-25-DSTK
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Protocol: H2
Server: 34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:13 GMT
via: 1.1 google
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://u.4dex.io/setuid?bidder=rubicon&uid=LIFGDKTP-25-DSTK
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 99EE 3 KB
2 KB 138ms
137ms Document
text/html 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5adb88524e24e50

Requested by

Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

8f1fe2c1d9514f38766cb7120bdedeaa9edf9fe96ddb5bf6e1ab9f14cabdb43e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://sync.adkernel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1267
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 9025 34 KB
10 KB 161ms
160ms Script
text/html 23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 030640c513ebeda61a248534f3dd8589b12213cab09eb3d079f16083a7dc4546

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 03:47:13 GMT
Content-Encoding: gzip
Last-Modified: Sat, 03 Jun 2023 02:29:36 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=81682
Connection: keep-alive
Content-Length: 10113
Expires: Sun, 04 Jun 2023 02:28:35 GMT

GET occ
ups.analytics.yahoo.com/ups/58488/ Frame 99EE 0
0

GET
H2

200

/
onetag-sys.com/match/ Frame 99EE
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://onetag-sys.com/match/?int_id=1&uid=7ecc647a-b7c0-4900-805a-c63e83b5dacd&gdpr=1&gdpr_consent=

0
291 B

142ms
142ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=1&uid=7ecc647a-b7c0-4900-805a-c63e83b5dacd&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Sat, 03 Jun 2023 03:47:13 GMT
Server: MT3 851 9bd98ae master cdg-pixel-x9 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://onetag-sys.com/match/?int_id=1&uid=7ecc647a-b7c0-4900-805a-c63e83b5dacd&gdpr=1&gdpr_consent=
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 03 Jun 2023 03:47:12 GMT

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 99EE 0
239 B 142ms
140ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

/
onetag-sys.com/match/ Frame 99EE
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=9151607127440319276

0
291 B

144ms
144ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=9151607127440319276

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Sat, 03 Jun 2023 03:47:13 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.239.206.129; 91.239.206.129; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 74c76521-fda2-4da7-b2b6-5622dce9cea0
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=9151607127440319276
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 99EE 42 B
677 B 136ms
133ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=c98XbXPyw0Uh7HhxsmKr3A3zevZ-JlCmvYSlZ822J9E
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK sync
ssbsync-global.smartadserver.com/api/ Frame 99EE 0
75 B 163ms
160ms Image
text/plain 185.86.138.152

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.152 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:13 GMT
content-length: 0

GET
H2 400 711916.gif
id.rlcdn.com/ Frame 99EE 0
0 163ms
160ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ Frame 99EE 0
39 B 162ms
159ms Image
text/plain 198.47.127.18

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.18 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:13 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 99EE
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
https://onetag-sys.com/match/?int_id=29&uid=e3707cb1-3f6a-4e6f-9166-acd9967ce73c&gdpr=0&gdpr_consent=

0
291 B

142ms
141ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=29&uid=e3707cb1-3f6a-4e6f-9166-acd9967ce73c&gdpr=0&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:13 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://onetag-sys.com/match/?int_id=29&uid=e3707cb1-3f6a-4e6f-9166-acd9967ce73c&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 233

GET
H2 200 sync
x.bidswitch.net/ Frame 99EE 43 B
145 B 161ms
158ms Image
image/gif 52.57.182.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.182.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-182-76.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:47:13 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET user-sync
sync.adkernel.com/ Frame 99EE 0
0

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 153ms
151ms Ping
text/plain 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-S3DKHVPF03&gtm=45je35v0&_p=281023327&cid=950220863.1685764027&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAI&ngs=1&sid=1685764026&sct=1&seg=0&dl=https%3A%2F%2Fpastelink.net%2Fainw78r4&dt=10%20Top%20Mobile%20Apps%20For%20Small%20American%20Fridge%20Freezers%20-%20Pastelink.net&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:47:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

usersync
usersync.gumgum.com/ Frame 9025
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LIFGDKTP-25-DSTK
https://usersync.gumgum.com/usersync?b=mag&i=LIFGDKTP-25-DSTK

0
0

GET occ
ups.analytics.yahoo.com/ups/58675/ Frame D2D1 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.1rx.io
URL: https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3287656304262554000V10%26type%3Dr1%26refUrl%3D%26vid%3D57640306653287656304262554000V10%26ovsid%3D%5BRX_UUID%5D

Domain: b1sync.zemanta.com
URL: https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3287656304262554000V10%26type%3Dzem%26refUrl%3D%26vid%3D57640306653287656304262554000V10%26ovsid%3D__ZUID__

Domain: token.rubiconproject.com
URL: https://token.rubiconproject.com/token?pid=36584

Domain: token.rubiconproject.com
URL: https://token.rubiconproject.com/token?pid=25470

Domain: token.rubiconproject.com
URL: https://token.rubiconproject.com/token?pid=2974&pt=n&a=1

Domain: token.rubiconproject.com
URL: https://token.rubiconproject.com/token?pid=2249&pt=n

Domain: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=

Domain: dmp.adform.net
URL: https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDMxbDN5bGxQWXU4VG5pNkVTSjNaeWFIR3ciLCJkIjpbeyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent=

Domain: ups.analytics.yahoo.com
URL: https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=

Domain: sync.1rx.io
URL: https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3287656304262554000V10%26type%3Dr1%26refUrl%3D%26vid%3D57640315263287656304262554000V10%26ovsid%3D%5BRX_UUID%5D

Domain: b1sync.zemanta.com
URL: https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3287656304262554000V10%26type%3Dzem%26refUrl%3D%26vid%3D57640315263287656304262554000V10%26ovsid%3D__ZUID__

Domain: d5p.de17a.com
URL: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID

Domain: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6929E52C-09DD-4DB0-8D3D-B5F73033A0BC&redir=true&gdpr=0&gdpr_consent=

Domain: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=

Domain: sync.srv.stackadapt.com
URL: https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=

Domain: cm.adgrx.com
URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=

Domain: cm-supply-web.gammaplatform.com
URL: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel

Domain: core.iprom.net
URL: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=

Domain: ipac.ctnsnet.com
URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]

Domain: csync.loopme.me
URL: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}

Domain: green.erne.co
URL: https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=

Domain: a.tribalfusion.com
URL: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Domain: sync.crwdcntrl.net
URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=6929E52C-09DD-4DB0-8D3D-B5F73033A0BC&gdpr=0&gdpr_consent=

Domain: cr.frontend.weborama.fr
URL: https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=

Domain: dmp.adform.net
URL: https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=

Domain: um.simpli.fi
URL: https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Domain: c1.adform.net
URL: https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent=

Domain: ups.analytics.yahoo.com
URL: https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6929E52C-09DD-4DB0-8D3D-B5F73033A0BC&redir=true&gdpr=0&gdpr_consent=

Domain: pool.admedo.com
URL: https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=2bc77ec1-1b8a-492a-a8e9-13ff962d1fec

Domain: pubmatic-match.dotomi.com
URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=6929E52C-09DD-4DB0-8D3D-B5F73033A0BC&gdpr=0&gdpr_consent=

Domain: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID

Domain: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D

Domain: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D

Domain: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D

Domain: ap.lijit.com
URL: https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID

Domain: sync.1rx.io
URL: https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D

Domain: prebid.a-mo.net
URL: https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D

Domain: ups.analytics.yahoo.com
URL: https://ups.analytics.yahoo.com/ups/58559/occ

Domain: ssp.disqus.com
URL: https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID

Domain: ups.analytics.yahoo.com
URL: https://ups.analytics.yahoo.com/ups/58632/occ

Domain: ups.analytics.yahoo.com
URL: https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=

Domain: pixel-us-east.rubiconproject.com
URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LIFGDKTP-25-DSTK

Domain: usersync.gumgum.com
URL: https://usersync.gumgum.com/usersync?b=apn&i=9151607127440319276

Domain: ads.betweendigital.com
URL: https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1

Domain: sync.srv.stackadapt.com
URL: https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=

Domain: b1sync.zemanta.com
URL: https://b1sync.zemanta.com/usersync/gumgum/?puid=e_5991c293-fdb1-47f7-8b2e-7b2ed0bc47d0&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

Domain: bh.contextweb.com
URL: https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25

Domain: sync.outbrain.com
URL: https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D

Domain: usersync.gumgum.com
URL: https://usersync.gumgum.com/usersync?b=opx&i=6e69714f-4e78-0d23-0d18-b84502769743

Domain: usersync.gumgum.com
URL: https://usersync.gumgum.com/usersync?b=oth&i=y-LHJdPshE2pdMAQxlCKGya2GPQxuPZeiN6A9y~A

Domain: sync.ipredictive.com
URL: https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

Domain: sync.technoratimedia.com
URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D

Domain: match.deepintent.com
URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

Domain: usersync.gumgum.com
URL: https://usersync.gumgum.com/usersync?b=idi&i=7772982b-b393-4343-9871-06b288e8b54c

Domain: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=

Domain: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=1---

Domain: cs.iqzone.com
URL: https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=e_5991c293-fdb1-47f7-8b2e-7b2ed0bc47d0&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz

Domain: usersync.gumgum.com
URL: https://usersync.gumgum.com/usersync?b=ttd&i=e3707cb1-3f6a-4e6f-9166-acd9967ce73c

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=

Domain: tg.socdm.com
URL: https://tg.socdm.com/aux/idsync?proto=gumgum

Domain: cs.admanmedia.com
URL: https://cs.admanmedia.com/sync/gumgum?puid=e_5991c293-fdb1-47f7-8b2e-7b2ed0bc47d0&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---

Domain: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D

Domain: creativecdn.com
URL: https://creativecdn.com/cm-notify?pi=gumgum

Domain: simage4.pubmatic.com
URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=159463&gdpr=0&gdpr_consent=&us_privacy=

Domain: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=181225&dsp=578434&t=image&uid=9151607127440319276&us_privacy=1YN-

Domain: ups.analytics.yahoo.com
URL: https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=

Domain: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=175005&r=c98XbXPyw0Uh7HhxsmKr3A3zevZ-JlCmvYSlZ822J9E

Domain: usersync.gumgum.com
URL: https://usersync.gumgum.com/usersync?b=mag&i=LIFGDKTP-25-DSTK

Domain: ups.analytics.yahoo.com
URL: https://ups.analytics.yahoo.com/ups/58675/occ?gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

91 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pastelink.net/	1970-01-20 13:06:04	Name: PHPSESSID Value: ee0u6lk58a216a2a1cp8jrs2s7
.pastelink.net/	1970-01-20 14:25:40	Name: _gcl_au Value: 1.1.108354501.1685764026
.pastelink.net/	1970-01-20 21:52:04	Name: _ga Value: GA1.2.950220863.1685764027
.pastelink.net/	1970-01-20 12:17:30	Name: _gid Value: GA1.2.141431920.1685764027
.pastelink.net/	1970-01-20 12:16:04	Name: _gat_UA-55088947-2 Value: 1
.omnitagjs.com/	1970-01-20 12:59:16	Name: ayl_visitor Value: a879d6cc411eaf72cb2e9977433af7fa
.smartadserver.com/	1970-01-20 21:03:06	Name: pbw Value: %24b%3d16890%3b%24o%3d11100
.smartadserver.com/	1969-12-31 23:59:59	Name: vs Value: 587752=5479427
.smartadserver.com/	1969-12-31 23:59:59	Name: TestIfCookie Value: ok
.smartadserver.com/	1970-01-20 21:03:06	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 12:17:30	Name: sasd Value: %24qc%3D1314590126%3B%24ql%3DUnknown%3B%24qt%3D107_0_0t%3B%24dma%3D0
.smartadserver.com/	1970-01-20 21:03:06	Name: pid Value: 3025717792347423659
.smartadserver.com/	1970-01-20 12:17:30	Name: sasd2 Value: q=%24qc%3D1314590126%3B%24ql%3DUnknown%3B%24qt%3D107_0_0t%3B%24dma%3D0&c=1&l=1224194952&lo=1424563188&lt=638213608280366554&o=1
.adnxs.com/	1970-01-20 14:25:40	Name: icu Value: ChgIvahBEAoYASABKAEwvO_qowY4AUABSAEQvO_qowYYAA..
.adnxs.com/	1970-01-20 14:25:40	Name: uuid2 Value: 9151607127440319276
.rubiconproject.com/	1970-01-20 21:01:40	Name: khaos Value: LIFGDKTP-25-DSTK
.pastelink.net/	1970-01-20 21:37:40	Name: __gads Value: ID=91592cc233a78658:T=1685764028:RT=1685764028:S=ALNI_MaMKMAVa0slu_YOUX1-RkLxak2Mxg
.pastelink.net/	1970-01-20 21:37:40	Name: __gpi Value: UID=00000c2b81ad0a74:T=1685764028:RT=1685764028:S=ALNI_MZP-KBZ2ptFe9Kuq1Q1t0FmjDPykg
.pastelink.net/	1970-01-20 21:52:04	Name: _ga_S3DKHVPF03 Value: GS1.1.1685764026.1.0.1685764028.0.0.0
.doubleclick.net/	1970-01-20 21:52:04	Name: IDE Value: AHWqTUkc6yJORSjP3pvlDPyLldK6GajzNwA6wUwddx9wvXuF3VVOFXAKBigvrd5J
.bidswitch.net/	1970-01-20 21:01:40	Name: c Value: 1685764029
.bidswitch.net/	1970-01-20 21:01:40	Name: tuuid_lu Value: 1685764029
.bidswitch.net/	1970-01-20 21:01:40	Name: tuuid Value: 2bc77ec1-1b8a-492a-a8e9-13ff962d1fec
.lkqd.net/	1970-01-20 21:01:40	Name: lkqdidts Value: 1685764030
.lkqd.net/	1970-01-20 21:01:40	Name: sr59 Value: 1\|CAESELUgkN9w6lvBA8t-0CoQ6t0\|1685764030
.lkqd.net/	1970-01-20 21:01:40	Name: lkqdid Value: Q5Zv1te3otg
.casalemedia.com/	1970-01-20 14:25:40	Name: CMPS Value: 5195
.casalemedia.com/	1970-01-20 21:01:40	Name: CMID Value: ZHq3vReiBL7WDHSRuH4RYwAA
.casalemedia.com/	1970-01-20 14:25:40	Name: CMPRO Value: 5195
.media.net/	1970-01-20 21:01:40	Name: visitor-id Value: 3287656304262554000V10
.media.net/	1970-01-20 21:00:13	Name: data-bs Value: 2bc77ec1-1b8a-492a-a8e9-13ff962d1fec~~1
.media.net/	1970-01-20 12:36:13	Name: data-g Value: CAESEC9v7xdlIRJEF3dyI0xmWEk~~9
.criteo.com/	1970-01-20 21:37:40	Name: uid Value: 1429da15-ccc0-4ee3-b308-445f3f95edac
.openx.net/	1970-01-20 21:01:40	Name: i Value: 4af8ea66-cfea-0a82-30b5-6040ae01a5f8\|1685764031
.ads.pubmatic.com/	1970-01-20 12:17:30	Name: KCCH Value: YES
.adsrvr.org/	1970-01-20 21:03:06	Name: TDID Value: e3707cb1-3f6a-4e6f-9166-acd9967ce73c
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MrW0MDc2NLKwNBTiM9TNDPLM100LigrIDIsHAJN1AjAlAAAA
.rfihub.com/	1970-01-20 21:37:40	Name: rud Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MrW0MDc2NLKwNBTiM9TNDPLM100LigrIDIsHAJN1AjAlAAAA
.media.net/	1970-01-20 12:59:16	Name: data-c Value: 1429da15-ccc0-4ee3-b308-445f3f95edac~~1
.media.net/	1970-01-20 12:59:16	Name: data-c-ts Value: 1685764031
.pastelink.net/	1970-01-20 21:37:40	Name: cto_bundle Value: 20c45V9qYkNoZ05adEE4T0NNZUFCTURseld0aEEwOU13QXlZcEk4WTBpT09wOHFWSjh6ZmE2a2w2aDA4YSUyQjRsTzhlUUx2TkVHS2o0a3lyTkc2WW5VNHliMUdKaTl0RlBnUUJnZ0xGQ1BQYUslMkZEVHQxJTJCZTJwWlI5WlFQYU1jNjVLZ2Z2UHFUYVRmQlU3RXhGJTJGV0xDR1d0M2s0ZyUzRCUzRA
.media.net/	1970-01-20 21:00:13	Name: data-rk Value: 5133329525987312891~~9
.media.net/	1970-01-20 21:00:13	Name: data-o Value: 5178bca0-cd6d-0f95-092c-d6c678c904d9~~9
.w55c.net/	1970-01-20 21:46:18	Name: wfivefivec Value: EcXQKwG31Q5ier5
.media.net/	1970-01-20 12:36:13	Name: data-ttd Value: e3707cb1-3f6a-4e6f-9166-acd9967ce73c~~1
.pubmatic.com/	1970-01-20 21:01:40	Name: KADUSERCOOKIE Value: 6929E52C-09DD-4DB0-8D3D-B5F73033A0BC
.pubmatic.com/	1970-01-20 14:25:40	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 12:17:30	Name: pi Value: 159463:2
.pubmatic.com/	1970-01-20 14:25:40	Name: DPSync3 Value: 1686960000%3A241_235_201_245
.pubmatic.com/	1970-01-20 14:25:40	Name: SyncRTB3 Value: 1686960000%3A71_55_234_13_46_8_3_166_233_165_7_161_81_88_251_238_214_254_176_220_21_56_54_22%7C1686355200%3A223_15_2%7C1688342400%3A203%7C1686614400%3A63%7C1687046400%3A35
.w55c.net/	1970-01-20 12:59:16	Name: matchmedianet Value: 5
.go.sonobi.com/	1970-01-20 12:59:16	Name: __uis Value: 0938de77-c641-4fdb-962f-c7ea949e7edc
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8S Value: s87157\|ZHq3w
.4dex.io/	1970-01-20 13:42:28	Name: uids Value: eyJzeW5jcyI6eyJpbmRleGV4Y2hhbmdlIjoiMjAyMy0wNi0wM1QwMzo0NzoxMS43MzQzMTc2MTNaIiwicHVibWF0aWMiOiIyMDIzLTA2LTAzVDAzOjQ3OjExLjczNDMwNDMyWiIsInJ1Ymljb24iOiIyMDIzLTA2LTAzVDAzOjQ3OjExLjczNDMxMDk5M1oiLCJ5YWhvbyI6IjIwMjMtMDYtMDNUMDM6NDc6MTEuNzM0MzE0NTIzWiJ9LCJ1aWRzIjp7ImFkYWdpbyI6eyJ1aWQiOiJhNjU3YzExMS1hNDFlLTQyYjktODcwMS1kODRkOGQyZTIzODgiLCJleHBpcmVzIjoiMjAyMy0wOC0wMlQwMzo0NzowNy45MzgyMDIxNzhaIn19LCJiZGF5IjoiMjAyMy0wNi0wM1QwMzo0NzowNy45Mzc5OTc2MjVaIn0=
.quantserve.com/	1970-01-20 21:46:18	Name: mc Value: 647ab7bf-b7cee-a78c1-d5d97
.media.net/	1970-01-20 21:01:40	Name: data-pba Value: 6929E52C-09DD-4DB0-8D3D-B5F73033A0BC~~9
.media.net/	1970-01-20 12:56:23	Name: data-so Value: 0938de77-c641-4fdb-962f-c7ea949e7edc~~8
.onetag-sys.com/	1970-01-20 21:52:04	Name: OTP Value: c98XbXPyw0Uh7HhxsmKr3A3zevZ-JlCmvYSlZ822J9E
.rfihub.com/	1970-01-20 21:37:40	Name: eud Value: H4sIAAAAAAAA_9vEyGtoZmFqbmZiYGxoZmpxShyJb2lpAQDd5JIIIAAAAA
.turn.com/	1970-01-20 16:35:16	Name: uid Value: 8050394066574565614
.media.net/	1970-01-20 21:00:13	Name: data-xu Value: EcXQKwG31Q5ier5~~8
.media.net/	1970-01-20 16:35:16	Name: data-r Value: LIFGDKTP-25-DSTK~~1
.servenobid.com/	1970-01-20 12:26:08	Name: pid_312 Value: 9151607127440319276
.servenobid.com/	1970-01-20 12:26:08	Name: pid_324 Value: 5133329525987312891
.mfadsrvr.com/	1970-01-20 21:52:04	Name: c Value: 1685764032
.mfadsrvr.com/	1970-01-20 21:52:04	Name: tuuid_lu Value: 1685764032
.servenobid.com/	1970-01-20 12:26:08	Name: pid_318 Value: dnKiWkreB1GcRTEBU2MHNKRs2QEVxvNVa-kE6LP2hfg
.adsrvr.org/	1970-01-20 21:03:06	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwiQ--7t5_vxOxAFGAEgASgCMgsIxrDenv778TsQBTgBWgd2dzZpeXJuYAI.
.servenobid.com/	1970-01-20 12:26:08	Name: pid_332 Value: 0938de77-c641-4fdb-962f-c7ea949e7edc
.adfarm1.adition.com/	1970-01-20 14:25:40	Name: UserID1 Value: 7240301386218403990
.pubmatic.com/	1970-01-20 14:25:40	Name: KRTBCOOKIE_57 Value: 22776-9151607127440319276&KRTB&23339-9151607127440319276
.pubmatic.com/	1970-01-20 14:25:40	Name: KRTBCOOKIE_377 Value: 6810-e3707cb1-3f6a-4e6f-9166-acd9967ce73c&KRTB&22918-e3707cb1-3f6a-4e6f-9166-acd9967ce73c&KRTB&23031-e3707cb1-3f6a-4e6f-9166-acd9967ce73c
.pubmatic.com/	1970-01-20 12:59:16	Name: KRTBCOOKIE_22 Value: 14911-8050394066574565614&KRTB&23150-8050394066574565614
.pubmatic.com/	1970-01-20 14:25:40	Name: KRTBCOOKIE_27 Value: 16735-uid:8194647a-b7c0-4700-9e25-ab932002dcd3&KRTB&16736-uid:8194647a-b7c0-4700-9e25-ab932002dcd3&KRTB&23019-uid:8194647a-b7c0-4700-9e25-ab932002dcd3&KRTB&23114-uid:8194647a-b7c0-4700-9e25-ab932002dcd3
.media.net/	1970-01-20 21:01:40	Name: data-pbs Value: setstatuscode~~1
.amazon-adsystem.com/	1970-01-20 17:21:20	Name: ad-id Value: A1bVgjVpOkrVl0qmX7NgzbI
.amazon-adsystem.com/	1970-01-20 21:52:04	Name: ad-privacy Value: 0
.pubmatic.com/	1970-01-20 14:25:40	Name: KRTBCOOKIE_80 Value: 16514-CAESEPPLlleHwzcHnIlNIhvWhH8&KRTB&22987-CAESEPPLlleHwzcHnIlNIhvWhH8&KRTB&23025-CAESEPPLlleHwzcHnIlNIhvWhH8&KRTB&23386-CAESEPPLlleHwzcHnIlNIhvWhH8
.pubmatic.com/	1970-01-20 14:25:40	Name: KRTBCOOKIE_18 Value: 22947-5133329525987312891
.mathtag.com/	1970-01-20 21:41:59	Name: uuid Value: 7ecc647a-b7c0-4900-805a-c63e83b5dacd
.pubmatic.com/	1970-01-20 12:59:16	Name: KRTBCOOKIE_1101 Value: 23040-7240301386218403990&KRTB&23369-7240301386218403990
.pubmatic.com/	1970-01-20 12:59:16	Name: PugT Value: 1685764030
.audrte.com/	1970-01-20 12:37:40	Name: arcki2 Value: 31lJg4SYhhrTau9IZ6Kn41DeQ!20220908!1685764032378!ip#91.239.206.129
.audrte.com/	1970-01-20 12:37:40	Name: arcki2_pubmatic Value: 6929E52C-09DD-4DB0-8D3D-B5F73033A0BC!20220908!1685764032382
.rubiconproject.com/	1970-01-20 21:01:40	Name: audit Value: 1\|hLZGFuTafB0xi7mwPstLiO1ArEyWu9IOMRqpHMYqMqR7i8zUBlgIVICywZhaqLKPDcJZWBbPH93MboWaW1ii7VcR1aWtdTEq
.servenobid.com/	1970-01-20 12:26:08	Name: pid_353 Value: 3287656304262554000V10
.audrte.com/	1970-01-20 12:37:40	Name: arcki2_ddp2 Value: 31l3yllPYu8Tni6ESJ3ZyaHGw!20220908!1685764032616
.sitescout.com/	1970-01-20 21:01:40	Name: ssi Value: 6c31093b-415f-4c03-83bf-715972b83d01#1685764032693
.mfadsrvr.com/	1970-01-20 21:52:04	Name: tuuid Value: 55851cb9-2b78-41de-82c5-3741697a0521
.mfadsrvr.com/	1970-01-20 21:52:04	Name: ssh Value: !bidswitch,1685764032
.media.net/	1970-01-20 21:01:40	Name: data-mf Value: 26e3c68c-4921-46fd-851f-7715b86baa3c~~1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://id.rlcdn.com/711916.gif?ct=4&cv= Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://id.rlcdn.com/711916.gif?ct=4&cv= Message: Failed to load resource: the server responded with a status of 400 ()
security	warning	URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50 Message: Mixed Content: The page at 'https://onetag-sys.com/usync/?pubId=5adb88524e24e50' was loaded over HTTPS, but requested an insecure element 'http://sync.adkernel.com/user-sync?zone=175005&r=c98XbXPyw0Uh7HhxsmKr3A3zevZ-JlCmvYSlZ822J9E'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://id.rlcdn.com/711916.gif?ct=4&cv= Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ad.turn.com
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
adservice.google.ge
adx.g.doubleclick.net
ap.lijit.com
api.btloader.com
aws-fr-sync.bidswitch.net
b1sync.zemanta.com
beacon-fra2.rubiconproject.com
bh.contextweb.com
bidder.criteo.com
btloader.com
c1.adform.net
c21lg-d.media.net
cdn-copclient-w.media.net
cdn4.buysellads.net
cdnjs.cloudflare.com
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
contextual.media.net
coplg-w.media.net
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.iqzone.com
cs.lkqd.net
cs.media.net
csync.loopme.me
d5p.de17a.com
d76d6cdd8769bd7fcf9cb73f68deb2c2.safeframe.googlesyndication.com
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
ghent-aws-fr.bidswitch.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
gum.criteo.com
hb-api.omnitagjs.com
hblg.media.net
hbopenbid.pubmatic.com
hbx.media.net
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
ipac.ctnsnet.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mp.4dex.io
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pastelink.net
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
prg.smartadserver.com
public.servenobid.com
pubmatic-match.dotomi.com
qsearch-a.akamaihd.net
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
srv.buysellads.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.technoratimedia.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
u.4dex.io
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
warp.media.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
a.tribalfusion.com
aax-eu.amazon-adsystem.com
ads.betweendigital.com
ap.lijit.com
b1sync.zemanta.com
bh.contextweb.com
c1.adform.net
cm-supply-web.gammaplatform.com
cm.adgrx.com
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.iqzone.com
csync.loopme.me
d5p.de17a.com
dmp.adform.net
green.erne.co
ipac.ctnsnet.com
match.deepintent.com
match.prod.bidr.io
pixel-us-east.rubiconproject.com
pool.admedo.com
prebid.a-mo.net
pubmatic-match.dotomi.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.crwdcntrl.net
sync.ipredictive.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.technoratimedia.com
tg.socdm.com
token.rubiconproject.com
um.simpli.fi
ups.analytics.yahoo.com
usersync.gumgum.com
104.131.3.131
104.17.25.14
104.18.2.114
104.26.2.70
104.26.7.139
104.26.9.169
13.32.99.85
130.211.23.194
142.250.184.227
142.250.185.174
142.250.185.194
142.250.185.225
142.250.185.98
142.250.186.104
142.250.186.130
142.250.186.132
142.250.186.166
142.250.186.34
142.250.186.42
142.250.186.65
142.250.186.66
142.250.186.70
142.250.74.195
146.20.128.172
15.197.193.217
151.139.128.10
164.92.213.94
172.217.18.2
172.217.23.98
178.250.1.8
178.250.7.11
178.250.7.13
178.250.7.2
185.255.84.150
185.29.134.244
185.64.189.110
185.64.189.112
185.64.190.78
185.80.39.216
185.86.138.152
185.86.139.94
193.0.160.130
198.47.127.18
216.52.2.39
216.58.212.130
23.201.255.110
23.212.211.47
23.212.88.20
23.216.244.55
23.216.77.21
23.35.228.23
23.35.236.188
23.35.236.201
3.120.3.26
3.125.92.181
3.126.192.167
34.102.253.54
34.120.63.153
34.149.40.38
34.242.99.146
34.243.181.201
34.247.233.198
34.249.214.187
35.157.25.132
35.233.184.126
35.244.159.8
35.244.174.68
37.252.171.149
46.228.164.11
51.38.120.206
52.46.143.56
52.57.182.76
69.166.1.12
69.173.144.139
69.173.144.140
69.173.144.152
77.245.57.72
81.17.55.161
85.114.159.93
88.208.215.108
91.228.74.168
95.101.148.20
98.98.134.241
01408f8061623faa6d2c0f015cd23483c3aa363c095e152f613ed94c87a5803d
030640c513ebeda61a248534f3dd8589b12213cab09eb3d079f16083a7dc4546
0979842b768e8f240395935c0e9759ae77ba6aa9848e72b13934e53e59dbf7ec
0b6ec55549de7de68f78072abb5e89be3c66db048b22bc23b21c43aa8ba6fd9c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd511b3a03180e5fdcbf4f6ffd9b1c6875a082ac9bd517f79fb70406fd71554
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
1209e8df955092339aeba999cf8c3a80ba1903dee546f632bac2542e3a198fe1
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13100cd3879e5c1385581d7c88153e60cd7c3e4b0578fe2838daa56da689769b
151019919e1c3ef6d9d171f10dbbcdb7e65da11979c94e30175e7d9a56caf724
15f20e02ef301e62ed325d633f971c506dcf1be3458c2371b849b505bb8673dc
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
190d542d8e593c755fd16e67ca62583e183957829dfb69cc2e00c7bf67df237d
19d7bb29f100cf81601e827d2c47694eb4374461c541231a39567f000acc3781
1c9e4c65f9d921b1c0829958cc7b2f307a3e22ac7a23e8315b6db4c0954e1107
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d466a5af213f70080d85c1e4642ca34c2dd0e0cc7b87e6675ac50e2a74c5ae4
1fb7230ee1cb4c4a7c4ba1f7224f971d1141dd39672b690b509987c90c062dc0
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
28b20a6696a36e540bdbc0a6f989b7e93ab0c66d30cbe0af32d1d3d762adb2c6
2bc347dae3fdb67856a706683724d7f6631b3c59cda8e35665f85c9bb5ebf3ea
30f596abdb835aaf9cb8c1a7edfb0ce81faaa6f2a159a9963335953d9a9799c9
322ffddbb428f4ccb15062c8d4ff735e0b058618f1684c086770ff9453f2a0df
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
3573e1d8bb1f663a088437f90cc48936601f7ecb9524a1ce0f700f7ae45e5f4e
3a73b36061944ebbb33696553917d393280f796e212afcd09057b441c1168606
3b9bb0348aa0f3bad9097a27f7f09161a999cff9fdda200184a16650fea7ac46
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e9c4be475b39f87c974ec496eda84ebdc28d903bfe6e398860e953d61b7d653
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
45b5465229b3d2f0348a4cfcd69e52df10b6059122d41cff6f9854a30bf111cf
4688d4845f5c192052cce7d47bec364735c7b408b841d72096e02bc46c879100
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ed2c6d3ef6649f999073af402435bcd95124782769fc15e281fbb9363c9441
4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6
4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50a60e5e5f2e8f10a2f8685031ec9849ba8faff613139f3a402e89f25ccbbabc
529040ffb31edc3b458168066d513769520e983e2cc9ffb8d6c9ea0d98c57a11
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54bd2622fe309bd6559c1ef6ef8b23af2732d7bed7b9a719d7888ebdf3e992f8
55074348e774e542235c2295a27f17fc0480a95a5d5f671c645d810e2ef0f06e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57226adbc32c91a8cd4ec9ee08e4f155f3450e79256731c04f81709a58c4c1fc
593b722e4095ebaa09ec7b8db338e9c117d138004cf566c73b72732a3868391a
5c24a5ad3c2a3064d5575c221b0c84b321485b72dd669241c6c9523a13ebb5c7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6420465ffff2c0b8e84f01b8698179fea1ec3dbe6b96eeba4dd5a1e00c17b28f
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
683b147c774e235519c6d398fb8a26f766755df6c82761780c96dd1e11f2cd9a
68e12a98552e1d10d74c35c38a6324b2ffc6e1b552ca386894875ee9b60ea169
69a381cd93cfeb0c48bcb2ad2f0c89536f91693f38f3f231b7009e2a2e05bd7f
69cb4bfebd43911228905122f2bfef5151d517fe9927836bb2315574a19498be
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b3a9821ec1a4a4030cbbcb0096ede6904ef26cd2d797fa218e700583bf05d31
6d8fe878e5869b2d7c32abb99d5dead770cc8854ba81e7a9e3779d644212ac85
6e89f6ccc603e7c485791be3224ecb1e98b265796e2208ed247fd8adfe46b012
711c35af5f7b272178c789afc368d666a478bcff8123cb8e814242cc855be756
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
7382d7796188b8c863b4a5ee8f7e2efe570e9cdecbd8a2d8f6a949cb9c31c3e4
7715becf53af5ec08ec32c3766be0c834e03882718742e6f10c4c2fb7178a75c
78cbbc7d0adde704bf4055cd69c9e0babbe82c098095a14e2a134e107bf00d04
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7adfac299561b9d5ab03c88e9d582cf76bd31746a4c0564d7d0d428199c943df
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e36af7b80897b61ec68d3c4e222b6367a4fea0143dbca2c6884aa4623feb040
84b074e376918a479145a8c4893f03bf47bfd37d95feb79e7f9874bbb1322c50
8611390f1f6e2af766d906ed361f1a50f06cf4eaeb968435f5791d46576c3f82
8755c709d7487eb939f907d404d1f752a17587c92d61aa6ebdcaa42387699a34
87d9185e6420ea49cfdc302186098ee24927973c5371b2cb728596623fadec6c
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8af24d7350dbdc8eea22e4737deaa35a795b19b0560d7173113bec7e8a3effb7
8f1fe2c1d9514f38766cb7120bdedeaa9edf9fe96ddb5bf6e1ab9f14cabdb43e
90bb9a38c12c46bb7f9e0977218ebc65667c33895ebdc7af1014faf064ecfcd0
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9613f838798d1aed5da373796f9180a1531b4670d6762a7db38dde12ae032934
962d6dea088b031cd44d33f937adb5ba241a9435aa32a8be667d57482b8bbe1a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a107608e47fc591a2809a6230a1d16faaa8e2296a615e13fdbf7669dcdf9c9ca
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c
ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda
b10c5d75507b2058e34ce5170e4b07a0a27fc6a13021d678ccde552b30c76e2f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b24b19152e92ee2240cdf53444b33a1b8ec286e9a44072890c5490c9d8ddfa3d
b4f7380799ae6f0b52cdcd5f72dc70bf1ccd5d631e99aa156360ccd3fdcbbe49
b6576f8090223084669dfe00c4dd48db67a9745a34725fc5a16488e593dfb2e9
b8a04e09c35af2dbd3c709452d04a7eb17ff5f3552300703b2799ee2c9066c86
bd9266972f4458fcbaa9d5df1411763e6a604760e1b00ce7924285bfbcc44e96
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c24ccee9a35eef9e74411eac871935bdff6bcb895cce80b754b66d3e4292a3ce
c3b7f9cd42fba6931d9cb9acc435e69b7702384253c2d44b575f5dfbcc4f870b
c508d41fa81abac03815dcbd5dd40d3230e463c0a97b6eaad09ca3e8033244f0
c5f7b5460c36d5936a9c0890fbbff985686059cddb7b31d6b42d6d121cb8890c
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d30e2ba1e91b86317e66d641209200f039cb870cef4d8cee2f29cf0bfcaa572c
d35a5ce9acfbc3cc426c0cb20d50aa8a5e45c64aea1aa01d9384468c0d8a46db
d3ddd33ae3966c65f18a2fafa1745ff8091fcf835b2a04dcadb1ca71b76127a3
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e417e17ee4f36fa52cf13a91cbf4f3b65b0c896dd1e50c93315037a43e7011d8
e747d662e395b92feaec803e95f773f4d9d627df5fc556599f29fb4015bc494e
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e97356a6e1eb188d0f66c77637f081fbb7c337b5288827a7e6a36408cc26ccdd
eba2579372e73b41f91acb7b0e9c305594bdc1dec04ceb67197fd6c1ed8412aa
ec237517566b85a5797425cebe748d7248a7d8c698bdb113f9615946b7434a78
ed6cd01c384db70bedbe24986aa85b0745f994ad71b7e5712f8a60e1ff457d7f
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ffb6d0e1885823ebb03b07088deb27ed7ee1f676694f51b5e08730ff282a9130

pastelink.net Open in urlscan Pro 88.208.215.108 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

388 Requests

65 %HTTPS

0 %IPv6

84 Domains

133 Subdomains

69 IPs

8 Countries

3163 kBTransfer

6920 kBSize

91 Cookies

15 Outgoing links

Redirected requests

388 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pastelink.net Open in urlscan Pro
88.208.215.108 Public Scan

Screenshot
Live screenshot

Full Image

388
Requests

65 %
HTTPS

0 %
IPv6

84
Domains

133
Subdomains

69
IPs

8
Countries

3163 kB
Transfer

6920 kB
Size

91
Cookies

388 HTTP transactions
4 data transactions