pastelink.net Open in urlscan Pro
89.35.29.15  Public Scan

15 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

• https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=apac HTTP 301
• https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac

Request Chain 69

• https://pixel-apac.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=LGHIST1X-26-5OAV HTTP 302
• https://u.4dex.io/setuid?bidder=rubicon&uid=LGHIST1X-26-5OAV

Request Chain 70

• https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
• https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
• https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=hFQxtMXtRkWRXNCp967A-w&rk=usync-other HTTP 302
• https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=hFQxtMXtRkWRXNCp967A-w

Request Chain 71

• https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
• https://pr-bh.ybp.yahoo.com/sync/rubicon/S1Y41a9BrqQFUPkz0kPrYsn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-miJ_kp5E2oL7nClfJUOwwn6cgZjFJ11YTPAtiw--~A

Request Chain 72

• https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmY1ZTRjZTVhOTczMzRmZmRmYjM4MDRkZGJjOTU0ODQ0M2I4ZmU2Mg

Request Chain 73

• https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
• https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
• https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=E7pD_UccQoqvap4cicrD3A&rk=usync-na HTTP 302
• https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=E7pD_UccQoqvap4cicrD3A

Request Chain 74

• https://token.rubiconproject.com/token?pid=36584 HTTP 302
• https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGHIST1X-26-5OAV

Request Chain 75

• https://match.adsrvr.org/track/cmf/rubicon HTTP 302
• https://match.adsrvr.org/track/cmb/rubicon HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e7beaadd-0634-48b6-9804-d24a65ef629a&gdpr=0&gdpr_consent=&expires=30

Request Chain 76

• https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEK449vfEA4z1O5NFNa94jTg&google_cver=1

Request Chain 77

• https://token.rubiconproject.com/token?pid=25470 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEdISVNUMVgtMjYtNU9BVg== HTTP 302
• https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEORzDOAOi95Nxt3JgFIqBw8&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdISVNUMVgtMjYtNU9BVg==&google_push=

Request Chain 79

• https://ssum-sec.casalemedia.com/usermatchredir?s=194558&cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D&s=194558&C=1 HTTP 302
• https://u.4dex.io/setuid?bidder=indexexchange&uid=ZDox6i-qAQsoB3Rt38M78AAAE0kAAAIB

Request Chain 81

• https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b5e3643a-31eb-4d00-b9d3-13fbc1b2e0fd&gdpr=0&gdpr_consent=

Request Chain 84

• https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5972146395925590673&gdpr=0&gdpr_consent=

Request Chain 85

• https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=GjteZR8-CGYBOlQ3SjtAYU9tWGABPV41HW5f18dO

Request Chain 88

• https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=acf7dd4df56c4b98934757fe4421e1fd

Request Chain 94

• https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
• https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1681535467375 HTTP 302
• https://ad.turn.com/r/cs?pid=45&rndcb=4023876726 HTTP 302
• https://sync.1rx.io/usersync/turn/7940768862404597278?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
• https://sync.targeting.unrulymedia.com/csync/RX-d74c52a9-098a-418e-b2a1-0f6448ed88d9-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-d74c52a9-098a-418e-b2a1-0f6448ed88d9-004 HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d74c52a9-098a-418e-b2a1-0f6448ed88d9-004

Request Chain 96

• https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
• https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 101

• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_wmqWBUDQr-OMx5XLEvdwg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
• https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 103

• https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=FF09AA58-1503-42BF-8E33-1E572C4BDDC2 HTTP 302
• https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=FF09AA58-1503-42BF-8E33-1E572C4BDDC2 HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=4379b834-acfd-4464-9d8d-6c4321267203%252C%252C&gdpr=0&gdpr_consent= HTTP 302
• https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=e7beaadd-0634-48b6-9804-d24a65ef629a&ttd_puid=4379b834-acfd-4464-9d8d-6c4321267203%2C%2C

Request Chain 105

• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkYwOUFBNTgtMTUwMy00MkJGLThFMzMtMUU1NzJDNEJEREMy&gdpr=0&gdpr_consent= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 106

• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFV0CV9tqVC9ILlqj6R3vSY&google_cver=1

Request Chain 109

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e7beaadd-0634-48b6-9804-d24a65ef629a&gdpr=0&gdpr_consent=

Request Chain 111

• https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
• https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=e9b38147-c76d-4d7d-8ee0-c36d0a1195f1

Request Chain 112

• https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
• https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1672469776004660522

Request Chain 113

• https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7868711268366669342&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 114

• https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=FF09AA58-1503-42BF-8E33-1E572C4BDDC2&gdpr=0&gdpr_consent= HTTP 302
• https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=25b5a8ae7cff2042&is_secure=true&networkId=17100&version=1&nuid=FF09AA58-1503-42BF-8E33-1E572C4BDDC2&gdpr=0&gdpr_consent= HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALgkpS9a5izAM52TH9AAAAAAA&expiration=1681621867&nuid=FF09AA58-1503-42BF-8E33-1E572C4BDDC2&is_secure=true&gdpr_consent=&gdpr=0

Request Chain 118

• https://gum.criteo.com/sid/json?origin=publishertag&domain=pastelink.net&sn=ChromeSyncframe&so=0&topUrl=pastelink.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
• https://mug.criteo.com/sid?cpp=eiekfnwwek53MVNFTGdDUk9PTzFtWENrWi9CSHhCOG9pTTZmYi9NTmRpdExZU0p6TTJZaHEwTWxzSFlLalV0L0VNakQ4aUVhZVM2RitRYm9ybktGYjFuN1pxbFJwSTRHRG9GeGpSZG1xTEFDVXB1U29ZK00yM1FnQzJFdlNPSHlYeUp5RVY4WDRQSGh4ajhSQVBQejFyNSs5TFNtUWRlcUdGS0xRNGU3QWFlWGNDSDZKTEFrc2NRS1plcHpGT29wM3JzQUpFOEQ2eDY0ZldidnVvYWorb01NR3ArczJDb0Z5UlZnVkQyQTBJT250SXV5ZkJhd0hFSTAzdWlxSEVlUUVYUDY5Ukc1ODFDbkJuWE1CZXJCTUtaNjNDUT09fA&cppv=2

119 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request pl7clsuc Show response pastelink.net/	29 KB 8 KB	1592ms 235ms	Document text/html	89.35.29.15 BANDWIDTH-AS
General Check archive.org Show headers Download Go to Full URL https://pastelink.net/pl7clsuc Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB), Reverse DNS 15.29.35.89.baremetal.zare.com Software nginx / Resource Hash 8bbb69c3d356c792edb32be080b9f4b3794c41070901efd69fc95f90d4d3580b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-type text/html; charset=UTF-8 date Sat, 15 Apr 2023 05:11:02 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server nginx strict-transport-security max-age=31536000; includeSubDomains x-frame-options SAMEORIGIN
GET H2	200	css2 fonts.googleapis.com/	5 KB 874 B	21ms 7ms	Stylesheet text/css	2404:6800:4003:c02::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap Requested by Host: pastelink.net URL: https://pastelink.net/pl7clsuc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c02::5f , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b68a7f87308f4eb7e29a79f21e599796ad984353fe505b8a7a25f4ebc1ddee47 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 15 Apr 2023 05:11:02 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 15 Apr 2023 05:11:02 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 15 Apr 2023 05:11:02 GMT
GET H2	200	styles.css pastelink.net/assets/css/	121 KB 121 KB	172ms 166ms	Stylesheet text/css	89.35.29.15 BANDWIDTH-AS
General Check archive.org Show headers Download Go to Full URL https://pastelink.net/assets/css/styles.css?q=35 Requested by Host: pastelink.net URL: https://pastelink.net/pl7clsuc Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB), Reverse DNS 15.29.35.89.baremetal.zare.com Software nginx / Resource Hash db2363029b4f54378ff6662b39bc15138122f515494fc54048fd89a70485fe55 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/pl7clsuc User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 Apr 2023 05:11:02 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Fri, 06 Jan 2023 14:09:07 GMT server nginx etag "63b82b83-1e279" content-type text/css accept-ranges bytes content-length 123513
GET H2	200	jquery-3.6.0.min.js Show response code.jquery.com/	87 KB 30 KB	536ms 176ms	Script application/javascript	2001:4de0:ac18::1:a:2b STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.0.min.js Requested by Host: pastelink.net URL: https://pastelink.net/pl7clsuc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Request headers Referer https://pastelink.net/ Origin https://pastelink.net accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 Apr 2023 05:11:02 GMT content-encoding gzip last-modified Wed, 16 Feb 2022 10:50:39 GMT server nginx etag W/"620cd6ff-15d9d" vary Accept-Encoding x-hw 1681535462.dop209.la3.t,1681535462.cds002.la3.hn,1681535462.cds267.la3.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30875
GET H2	200	script.min.js Show response pastelink.net/assets/js/	41 KB 41 KB	167ms 166ms	Script application/javascript	89.35.29.15 BANDWIDTH-AS
General Check archive.org Show headers Download Go to Full URL https://pastelink.net/assets/js/script.min.js?q=35 Requested by Host: pastelink.net URL: https://pastelink.net/pl7clsuc Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB), Reverse DNS 15.29.35.89.baremetal.zare.com Software nginx / Resource Hash 190d542d8e593c755fd16e67ca62583e183957829dfb69cc2e00c7bf67df237d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/pl7clsuc User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 Apr 2023 05:11:02 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Thu, 17 Nov 2022 12:00:15 GMT server nginx etag "6376224f-a225" content-type application/javascript accept-ranges bytes content-length 41509
GET H2	200	js.cookie.min.js Show response cdnjs.cloudflare.com/ajax/libs/js-cookie/latest/	2 KB 1 KB	24ms 10ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/js-cookie/latest/js.cookie.min.js Requested by Host: pastelink.net URL: https://pastelink.net/pl7clsuc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 Apr 2023 05:11:02 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 124915 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 772 last-modified Mon, 04 May 2020 16:11:49 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec5-6d7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oVzd3m8yMhCZ0JtzC6qz9pd9yi6dEhr21En5Tha8EstzKG9aXklEIUoOQ2J%2BgO7Y4A6KHB0hkQPX0ZLS0DrDYBcT4NXTIj4Z02QC44%2BPyqJMGTBMNEuxkJSPpnJHPLZl5GQANNcjFMPKEfZm2nc2k8tN"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 7b81af7f6b3e3feb-SIN expires Thu, 04 Apr 2024 05:11:02 GMT
GET H2	200	css2 fonts.googleapis.com/	1 KB 849 B	18ms 6ms	Stylesheet text/css	2404:6800:4003:c02::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Sedgwick+Ave:wght@400&display=swap Requested by Host: pastelink.net URL: https://pastelink.net/pl7clsuc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c02::5f , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 672cc33988bccd9c3924b89d236b18f4e4a5a78d5b4253ecb89d4da8cd5673d7 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 15 Apr 2023 05:11:02 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 15 Apr 2023 05:11:02 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 15 Apr 2023 05:11:02 GMT
GET H2	200	api.js Show response www.google.com/recaptcha/	909 B 895 B	21ms 7ms	Script text/javascript	2404:6800:4003:c11::63 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?onload=captchaLoaded Requested by Host: pastelink.net URL: https://pastelink.net/pl7clsuc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c11::63 , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 22cbfacb817672ee585cad64df18ef6224f206e271b1f934f117337cf9d26ede Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 Apr 2023 05:11:02 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 575 x-xss-protection 1; mode=block expires Sat, 15 Apr 2023 05:11:02 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	188 KB 67 KB	26ms 16ms	Script application/javascript	2404:6800:4003:c05::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ Requested by Host: pastelink.net URL: https://pastelink.net/pl7clsuc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c05::61 , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a97e4f27dcc0337005304b0118a8d57e789ca7a5f0bb9e4599f53e9efa7cebeb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 Apr 2023 05:11:03 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 68067 x-xss-protection 0 last-modified Sat, 15 Apr 2023 03:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 15 Apr 2023 05:11:03 GMT
GET H2	200	pastelink.js Show response cdn4.buysellads.net/pub/	522 KB 146 KB	890ms 292ms	Script application/javascript	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://cdn4.buysellads.net/pub/pastelink.js?1681535400000 Requested by Host: pastelink.net URL: https://pastelink.net/pl7clsuc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software AmazonS3 / Resource Hash 289488fc9f0f6703b21feaf3a16808d6bab06243b4ae2a06669b18f116a32b7b Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 Apr 2023 05:11:03 GMT content-encoding gzip last-modified Sat, 15 Apr 2023 04:55:06 GMT server AmazonS3 x-amz-request-id 08N1KF7GX7JK6KZG etag "6b1b26071a470f7a3f465b2d21829d1d" x-amz-server-side-encryption AES256 x-hw 1681535463.cds019.hk1.hn,1681535463.cds028.hk1.sc,1681535463.cds028.hk1.p content-type application/javascript access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes x-amz-id-2 BOqHh6zXLYMPdthgUvD4PNVtjuikUTnm+L9r+uwc5maZ8hFCtSCIMeIMUVL9L8gIGMOPn8f0xJI=
GET H2	200	recaptcha__zh_cn.js Show response www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/	415 KB 166 KB	15ms 5ms	Script text/javascript	2404:6800:4003:c00::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__zh_cn.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?onload=captchaLoaded Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash edf6e3797e68ca65c02a261a4bbd3f53dcdcc054f601c388c9bbb2b77f4c596b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pastelink.net/ Origin https://pastelink.net accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 12 Apr 2023 15:43:01 GMT content-encoding gzip x-content-type-options nosniff age 221282 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 169022 x-xss-protection 0 last-modified Sun, 02 Apr 2023 18:01:18 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 11 Apr 2024 15:43:01 GMT
GET H2	200	debut_light.png pastelink.net/assets/images/	4 KB 4 KB	167ms 166ms	Image image/png	89.35.29.15 BANDWIDTH-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pastelink.net/assets/images/debut_light.png Requested by Host: pastelink.net URL: https://pastelink.net/assets/css/styles.css?q=35 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB), Reverse DNS 15.29.35.89.baremetal.zare.com Software nginx / Resource Hash c24ccee9a35eef9e74411eac871935bdff6bcb895cce80b754b66d3e4292a3ce Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/assets/css/styles.css?q=35 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 Apr 2023 05:11:03 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Thu, 13 Oct 2022 11:31:15 GMT server nginx etag "6347f703-10c8" content-type image/png accept-ranges bytes content-length 4296
GET H2	200	pastelink-logo.svg pastelink.net/assets/images/logo/	3 KB 3 KB	167ms 167ms	Image image/svg+xml	89.35.29.15 BANDWIDTH-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pastelink.net/assets/images/logo/pastelink-logo.svg Requested by Host: pastelink.net URL: https://pastelink.net/assets/css/styles.css?q=35 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB), Reverse DNS 15.29.35.89.baremetal.zare.com Software nginx / Resource Hash 01408f8061623faa6d2c0f015cd23483c3aa363c095e152f613ed94c87a5803d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/assets/css/styles.css?q=35 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 Apr 2023 05:11:03 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Thu, 13 Oct 2022 11:31:15 GMT server nginx etag "6347f703-d3d" content-type image/svg+xml accept-ranges bytes content-length 3389
GET DATA	200 OK	truncated /	16 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 13100cd3879e5c1385581d7c88153e60cd7c3e4b0578fe2838daa56da689769b Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H2	200	arrow-down-blue.svg pastelink.net/assets/images/	239 B 409 B	167ms 166ms	Image image/svg+xml	89.35.29.15 BANDWIDTH-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pastelink.net/assets/images/arrow-down-blue.svg Requested by Host: pastelink.net URL: https://pastelink.net/assets/css/styles.css?q=35 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB), Reverse DNS 15.29.35.89.baremetal.zare.com Software nginx / Resource Hash 50a60e5e5f2e8f10a2f8685031ec9849ba8faff613139f3a402e89f25ccbbabc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/assets/css/styles.css?q=35 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 Apr 2023 05:11:03 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Thu, 13 Oct 2022 11:31:15 GMT server nginx etag "6347f703-ef" content-type image/svg+xml accept-ranges bytes content-length 239
GET H2	200	moon.svg pastelink.net/assets/images/	2 KB 2 KB	167ms 166ms	Image image/svg+xml	89.35.29.15 BANDWIDTH-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pastelink.net/assets/images/moon.svg Requested by Host: pastelink.net URL: https://pastelink.net/assets/css/styles.css?q=35 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB), Reverse DNS 15.29.35.89.baremetal.zare.com Software nginx / Resource Hash ed6cd01c384db70bedbe24986aa85b0745f994ad71b7e5712f8a60e1ff457d7f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/assets/css/styles.css?q=35 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 Apr 2023 05:11:03 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Thu, 13 Oct 2022 11:31:15 GMT server nginx etag "6347f703-62e" content-type image/svg+xml accept-ranges bytes content-length 1582
GET H2	200	public-black.svg pastelink.net/assets/images/	578 B 749 B	168ms 167ms	Image image/svg+xml	89.35.29.15 BANDWIDTH-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pastelink.net/assets/images/public-black.svg Requested by Host: pastelink.net URL: https://pastelink.net/assets/css/styles.css?q=35 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB), Reverse DNS 15.29.35.89.baremetal.zare.com Software nginx / Resource Hash 57226adbc32c91a8cd4ec9ee08e4f155f3450e79256731c04f81709a58c4c1fc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/assets/css/styles.css?q=35 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 Apr 2023 05:11:03 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Thu, 13 Oct 2022 11:31:15 GMT server nginx etag "6347f703-242" content-type image/svg+xml accept-ranges bytes content-length 578
GET H2	200	social-spritesheet.png pastelink.net/assets/images/	28 KB 28 KB	168ms 167ms	Image image/png	89.35.29.15 BANDWIDTH-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pastelink.net/assets/images/social-spritesheet.png Requested by Host: pastelink.net URL: https://pastelink.net/assets/css/styles.css?q=35 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB), Reverse DNS 15.29.35.89.baremetal.zare.com Software nginx / Resource Hash 8af24d7350dbdc8eea22e4737deaa35a795b19b0560d7173113bec7e8a3effb7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/assets/css/styles.css?q=35 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 Apr 2023 05:11:03 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Thu, 13 Oct 2022 11:31:15 GMT server nginx etag "6347f703-70de" content-type image/png accept-ranges bytes content-length 28894
GET H2	200	logo-bg-90-tl.svg pastelink.net/assets/images/	2 KB 2 KB	169ms 166ms	Image image/svg+xml	89.35.29.15 BANDWIDTH-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pastelink.net/assets/images/logo-bg-90-tl.svg Requested by Host: pastelink.net URL: https://pastelink.net/assets/css/styles.css?q=35 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB), Reverse DNS 15.29.35.89.baremetal.zare.com Software nginx / Resource Hash 1c9e4c65f9d921b1c0829958cc7b2f307a3e22ac7a23e8315b6db4c0954e1107 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/assets/css/styles.css?q=35 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 Apr 2023 05:11:03 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Thu, 13 Oct 2022 11:31:15 GMT server nginx etag "6347f703-933" content-type image/svg+xml accept-ranges bytes content-length 2355
GET H2	200	pastelink-logo-contrast.svg pastelink.net/assets/images/logo/	4 KB 4 KB	169ms 167ms	Image image/svg+xml	89.35.29.15 BANDWIDTH-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pastelink.net/assets/images/logo/pastelink-logo-contrast.svg Requested by Host: pastelink.net URL: https://pastelink.net/assets/css/styles.css?q=35 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB), Reverse DNS 15.29.35.89.baremetal.zare.com Software nginx / Resource Hash 3a73b36061944ebbb33696553917d393280f796e212afcd09057b441c1168606 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/assets/css/styles.css?q=35 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 Apr 2023 05:11:03 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Thu, 13 Oct 2022 11:31:15 GMT server nginx etag "6347f703-e31" content-type image/svg+xml accept-ranges bytes content-length 3633
GET H2	200	logo-symbol-non-white-bg.svg pastelink.net/assets/images/	4 KB 5 KB	170ms 168ms	Image image/svg+xml	89.35.29.15 BANDWIDTH-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pastelink.net/assets/images/logo-symbol-non-white-bg.svg Requested by Host: pastelink.net URL: https://pastelink.net/assets/css/styles.css?q=35 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB), Reverse DNS 15.29.35.89.baremetal.zare.com Software nginx / Resource Hash 15f20e02ef301e62ed325d633f971c506dcf1be3458c2371b849b505bb8673dc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/assets/css/styles.css?q=35 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 Apr 2023 05:11:03 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Thu, 13 Oct 2022 11:31:15 GMT server nginx etag "6347f703-11c0" content-type image/svg+xml accept-ranges bytes content-length 4544
GET H2	200	pxiEyp8kv8JHgFVrJJfecg.woff2 fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	22ms 12ms	Font font/woff2	2404:6800:4003:c01::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c01::5e , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://pastelink.net accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 11 Apr 2023 13:17:53 GMT x-content-type-options nosniff age 316390 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7884 x-xss-protection 0 last-modified Wed, 27 Apr 2022 17:03:52 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 10 Apr 2024 13:17:53 GMT
GET H2	200	uK_04rKEYuguzAcSYRdWTJqMWWI0.woff2 fonts.gstatic.com/s/sedgwickave/v12/	34 KB 35 KB	15ms 5ms	Font font/woff2	2404:6800:4003:c01::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sedgwickave/v12/uK_04rKEYuguzAcSYRdWTJqMWWI0.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Sedgwick+Ave:wght@400&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c01::5e , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4e642ae6e4f991c0c8016abebcab0553ee0e320f9b625848d9d46e163282bb6d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://pastelink.net accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 Apr 2023 03:24:09 GMT x-content-type-options nosniff age 6414 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 34936 x-xss-protection 0 last-modified Wed, 27 Apr 2022 15:12:14 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 14 Apr 2024 03:24:09 GMT
GET H2	200	pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	24ms 14ms	Font font/woff2	2404:6800:4003:c01::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c01::5e , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://pastelink.net accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 12 Apr 2023 10:33:47 GMT x-content-type-options nosniff age 239836 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7748 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:21:30 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 11 Apr 2024 10:33:47 GMT
GET H2	200	pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	22ms 13ms	Font font/woff2	2404:6800:4003:c01::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c01::5e , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://pastelink.net accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 12 Apr 2023 00:20:33 GMT x-content-type-options nosniff age 276630 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7816 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:11:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 11 Apr 2024 00:20:33 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	13ms 3ms	Script text/javascript	2404:6800:4003:c00::64 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c00::64 , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sat, 15 Apr 2023 04:49:06 GMT last-modified Tue, 10 Jan 2023 21:29:14 GMT server Golfe2 age 1317 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20085 expires Sat, 15 Apr 2023 06:49:06 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	224 KB 78 KB	7ms 5ms	Script application/javascript	2404:6800:4003:c05::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c05::61 , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 03b209c3f0b12004520c9416578f1d5801b7498612a80eb64502149f6b26afb4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 Apr 2023 05:11:03 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 79824 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 15 Apr 2023 05:11:03 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	3 B 206 B	6ms 5ms	XHR text/plain	2404:6800:4003:c00::64 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j99&a=744438706&t=pageview&_s=1&dl=https%3A%2F%2Fpastelink.net%2Fpl7clsuc&ul=en-us&de=UTF-8&dt=The%20Secret%20of%20Mint%20That%20No%20One%20is%20Talking%20About%20-%20Pastelink.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=402221231&gjid=1543267264&cid=396795388.1681535463&tid=UA-55088947-2&_gid=1656294556.1681535463&_r=1&_slc=1&gtm=45He34c0n8155WHPWQ&z=1280207817 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c00::64 , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://pastelink.net/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 15 Apr 2023 05:11:03 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://pastelink.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	collect www.google-analytics.com/g/	0 17 B	5ms 4ms	Ping text/plain	2404:6800:4003:c00::64 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-S3DKHVPF03&gtm=45je34c0&_p=744438706&cid=396795388.1681535463&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1681535463&sct=1&seg=0&dl=https%3A%2F%2Fpastelink.net%2Fpl7clsuc&dt=The%20Secret%20of%20Mint%20That%20No%20One%20is%20Talking%20About%20-%20Pastelink.net&en=page_view&_fv=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4003:c00::64 , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sat, 15 Apr 2023 05:11:03 GMT server Golfe2 content-type text/plain access-control-allow-origin https://pastelink.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	tag Show response btloader.com/	22 KB 8 KB	30ms 14ms	Script application/javascript	2606:4700:20::ac43:4686 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://btloader.com/tag?o=5102648370397184&upapi=true Requested by Host: cdn4.buysellads.net URL: https://cdn4.buysellads.net/pub/pastelink.js?1681535400000 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8fcbb61246da00c6d78f4b14d82f5e5493196b27ca10934b314e191a926931d3 Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 Apr 2023 05:11:04 GMT via 1.1 google content-encoding br cf-cache-status HIT last-modified Sat, 15 Apr 2023 04:58:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 707 etag W/"73ae04dc8be40ad56312fef54c77c796" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2kUYsEH3hTiHHVSojNIjavcUH4IqfHRsgKxC%2Fc9AWrWHtK0zPVRfUmmwIUX0m1Tk6mG6SEyUCO8icaNnTiWwyglM6QFsGh43AhgE5q8RtSWO7PitG83FbhItg9g8%2BF7pMha26loyXjDwUw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300 cf-ray 7b81af8b0a644067-SIN
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	77 KB 26 KB	29ms 11ms	Script text/javascript	2404:6800:4003:c1a::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: cdn4.buysellads.net URL: https://cdn4.buysellads.net/pub/pastelink.js?1681535400000 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c1a::9c , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f75be1b32a45323b5e5ff9dc35287e7e3449d1c79d7033db0c53dc8a0a73c429 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 Apr 2023 05:11:04 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 25677 x-xss-protection 0 server cafe etag 596 / 19462 / 31073842 / config-hash: 11787412583201714567 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Sat, 15 Apr 2023 05:11:04 GMT
GET H2	200	acceptable.gif cdn4.buysellads.net/	43 B 303 B	284ms 283ms	Image image/gif	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://cdn4.buysellads.net/acceptable.gif?ch=1&rn=1.8201841711850004 Requested by Host: pastelink.net URL: https://pastelink.net/pl7clsuc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software AmazonS3 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 Apr 2023 05:11:04 GMT last-modified Fri, 19 Jul 2019 16:45:51 GMT server AmazonS3 x-amz-request-id 4EBW3PP6GTCEC68G etag "b4491705564909da7f9eaf749dbbfbb1" x-hw 1681535464.cds019.hk1.hn,1681535464.cds220.hk1.sc,1681535464.cds220.hk1.p content-type image/gif access-control-allow-origin * cache-control no-cache accept-ranges bytes content-length 43 x-amz-id-2 BsuGiXEyak2uIAaEJKNlpdsPGL+1nj2P9//MbwWdavBhneQxmgI8kEuEMkyz+XBvKjF7dI1PQE8=
GET H2	200	acceptable.gif cdn4.buysellads.net/	43 B 233 B	295ms 295ms	Image image/gif	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://cdn4.buysellads.net/acceptable.gif?ch=2&rn=1.8201841711850004 Requested by Host: pastelink.net URL: https://pastelink.net/pl7clsuc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software AmazonS3 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 Apr 2023 05:11:04 GMT last-modified Fri, 19 Jul 2019 16:45:51 GMT server AmazonS3 x-amz-request-id 4EBR5JS8BP7WD510 etag "b4491705564909da7f9eaf749dbbfbb1" x-hw 1681535464.cds019.hk1.hn,1681535464.cds203.hk1.sc,1681535464.cds203.hk1.p content-type image/gif access-control-allow-origin * cache-control no-cache accept-ranges bytes content-length 43 x-amz-id-2 /aOucDiRGeuIvQN/8dAQsWsAgKNmajthld827khKLrLDLPzllkAfu+Rcc0fnbNfiE8ieBStg0Vs=
GET H2	200	px.gif ad-delivery.net/	43 B 867 B	36ms 11ms	Image image/gif	2606:4700:20::ac43:4513 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ad-delivery.net/px.gif?ch=2 Requested by Host: pastelink.net URL: https://pastelink.net/pl7clsuc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 Apr 2023 05:11:04 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 985988 x-guploader-uploadid ADPycdsUaskKg6iG91uQdnVeAWViCNWC_toajNJR9sQ8yUeMNFV8e1KkUwNA0BvzZCcbXH87g7Rm2DLHtpzFV0WelhvJ3OZU0_hn x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 5 x-goog-stored-content-encoding identity content-length 43 last-modified Wed, 05 May 2021 19:25:32 GMT server cloudflare etag "ad4b0f606e0f8465bc4c4c170b37e1a3" vary Accept-Encoding x-goog-generation 1620242732037093 content-type image/gif access-control-allow-origin * x-goog-hash crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow== access-control-expose-headers * cache-control public, max-age=86400 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=06h1a0sKEwnvokqAYrq4UzdsrwAbtFrfpbh6VAi%2FORUUqP595zvUCeVHfRK%2BvivSbaXxZrsNCfxP%2BMj9JrOdk2SFhLkjqPx0SJTS3Ma08WL4L2DVLMf7J8C7K0pbQTje9e1gWc%2F38d80XbP6mw%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 43 accept-ranges bytes cf-ray 7b81af8b490744ba-SIN expires Mon, 03 Apr 2023 20:16:06 GMT
GET H2	200	favicon.ico ad.doubleclick.net/	1 KB 571 B	265ms 5ms	Image image/x-icon	74.125.24.149 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 Requested by Host: pastelink.net URL: https://pastelink.net/pl7clsuc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.24.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f149.1e100.net Software sffe / Resource Hash d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Apr 2023 13:22:42 GMT content-encoding gzip x-content-type-options nosniff age 56902 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 104 x-xss-protection 0 last-modified Tue, 08 May 2012 13:08:06 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/x-icon access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 15 Apr 2023 13:22:42 GMT
GET H2	200	px.gif ad-delivery.net/	43 B 343 B	36ms 12ms	Image image/gif	2606:4700:20::ac43:4513 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ad-delivery.net/px.gif?ch=1&e=0.7552395246838224 Requested by Host: pastelink.net URL: https://pastelink.net/pl7clsuc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 Apr 2023 05:11:04 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 985988 x-guploader-uploadid ADPycdsUaskKg6iG91uQdnVeAWViCNWC_toajNJR9sQ8yUeMNFV8e1KkUwNA0BvzZCcbXH87g7Rm2DLHtpzFV0WelhvJ3OZU0_hn x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 5 x-goog-stored-content-encoding identity content-length 43 last-modified Wed, 05 May 2021 19:25:32 GMT server cloudflare etag "ad4b0f606e0f8465bc4c4c170b37e1a3" vary Accept-Encoding x-goog-generation 1620242732037093 content-type image/gif access-control-allow-origin * x-goog-hash crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow== access-control-expose-headers * cache-control public, max-age=86400 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lXCBW9TfGsXTttixik%2BdBBksHinRaIRO%2B0mBjv4lzIs2WYL%2FA0g7O5jMMTeFQt%2FW%2BOqVfRuFtWKj%2BwAybmOoPBopHGogc8debl1cHNj8nfSiCcNN%2Fcf21vsqzkEI1LgZ8B4yIYqbeE3CL68UMA%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 43 accept-ranges bytes cf-ray 7b81af8b490944ba-SIN expires Mon, 03 Apr 2023 20:16:06 GMT
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/	401 KB 125 KB	18ms 5ms	Script text/javascript	2404:6800:4003:c06::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js?cb=31073842 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d126364c6e2a7b5e91d0003b90a0761c94a81c95702e1bc0ede7a2067a48f4df Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Apr 2023 18:42:29 GMT content-encoding br x-content-type-options nosniff age 37715 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 127166 x-xss-protection 0 server cafe etag 9041812995692956310 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Sat, 13 Apr 2024 18:42:29 GMT
GET H2	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	72 B 601 B	17ms 6ms	XHR application/json	2404:6800:4003:c06::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=pastelink.net Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9613f838798d1aed5da373796f9180a1531b4670d6762a7db38dde12ae032934 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 Apr 2023 05:11:04 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 59 x-xss-protection 0 expires Sat, 15 Apr 2023 05:11:04 GMT
GET H2	200	country Show response api.btloader.com/	16 B 203 B	1266ms 215ms	Fetch application/json	130.211.23.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://api.btloader.com/country Requested by Host: btloader.com URL: https://btloader.com/tag?o=5102648370397184&upapi=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 194.23.211.130.bc.googleusercontent.com Software / Resource Hash 63c0541f20459089af6a8e261d8e7a8c8aed76ae9de830ba4f37bcbe6df249e1 Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 Apr 2023 05:11:05 GMT via 1.1 google vary Origin content-type application/json access-control-allow-origin * cache-control private, max-age=300, stale-while-revalidate=600, stale-if-error=600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16
GET H2	204	pv Show response api.btloader.com/	0 66 B	1274ms 223ms	XHR text/plain	130.211.23.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://api.btloader.com/pv?tid=9tIzuergN9&w=5093624318001152&o=5102648370397184&cv=2.1.10-3-g4120aac&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fpastelink.net%2Fpl7clsuc&sid=dQwVmxTQt&upapi=true Requested by Host: btloader.com URL: https://btloader.com/tag?o=5102648370397184&upapi=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 194.23.211.130.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * date Sat, 15 Apr 2023 05:11:05 GMT cache-control no-cache, no-store, must-revalidate via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 vary Origin
GET H2	200	CWYD627N.json Show response srv.buysellads.com/ads/	930 B 666 B	950ms 232ms	Fetch application/json	143.198.18.110 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://srv.buysellads.com/ads/CWYD627N.json?forcebanner=493702&ignoretargeting=yes Requested by Host: cdn4.buysellads.net URL: https://cdn4.buysellads.net/pub/pastelink.js?1681535400000 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.198.18.110 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS srv-us-ny-27.buysellads.com Software //srv.buysellads.com / Resource Hash 32622083b36e3f1c11a15cff162763e897ada7b720aec072dabf67f8173a9019 Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * date Sat, 15 Apr 2023 05:11:05 GMT content-encoding gzip server //srv.buysellads.com content-length 553 vary Accept-Encoding content-type application/json; charset=utf-8
GET H/1.1	200 OK	localstore.js Show response script.4dex.io/	483 B 1020 B	28ms 10ms	Script application/javascript	2606:4700:20::ac43:4bf1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.4dex.io/localstore.js Requested by Host: cdn4.buysellads.net URL: https://cdn4.buysellads.net/pub/pastelink.js?1681535400000 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389 Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sat, 15 Apr 2023 05:11:04 GMT Content-Encoding br CF-Cache-Status HIT Last-Modified Wed, 23 Nov 2022 15:43:18 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Age 449041 ETag W/"922cffdd75f7192f75231d92684885aa" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ROkabfvCxkD5as%2FLIH%2FMQVqe2%2BH0gsBsDPb8dKBLAddUvZSGUi6ZVC7kpmXMHkMLJTxKx65EM8uTg9rATVSosZC1B0m3EaRYiThqAV5fSnNm3tqFNTSQENwrBiKhn64GE3evs104C4jT%2FVzz"}],"group":"cf-nel","max_age":604800} Cache-Control public, max-age=1800 Connection keep-alive CF-RAY 7b81af8e7bf48813-SIN
POST H2	200	prebid Show response mp.4dex.io/	999 B 1 KB	115ms 96ms	XHR application/json	2606:4700::6812:372 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mp.4dex.io/prebid Requested by Host: cdn4.buysellads.net URL: https://cdn4.buysellads.net/pub/pastelink.js?1681535400000 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 54a73670376ddbc5ac441bcda7dbe73ae4e7fa1b5e1c80f4adadbd92a4706e9f Request headers Referer https://pastelink.net/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers x-version 3.0.0-gcp-tyo date Sat, 15 Apr 2023 05:11:04 GMT x-err Shapings: no adunits with size and seat and mapping via 1.1 google cf-cache-status DYNAMIC content-encoding gzip x-warn Process Floors. 3 inventory rules not found for mediatype: banner and adUnitCode: bsa-zone_1675868039084-1_123456, Process Floors. 13 inventory rules not found for mediatype: banner and adUnitCode: bsa-zone_1675868173958-4_123456, Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: bsa-zone_1675868324828-7_123456, Process Seats Booster. unable to get the seat booster engine for organization: 1116 pragma no-cache server cloudflare vary Origin, Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://pastelink.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cf-ray 7b81af8e9d402f0a-SIN expires 0
POST H2	204	translator Show response hbopenbid.pubmatic.com/	0 114 B	156ms 112ms	XHR text/plain	103.231.98.193 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://hbopenbid.pubmatic.com/translator?source=prebid-client Requested by Host: cdn4.buysellads.net URL: https://cdn4.buysellads.net/pub/pastelink.js?1681535400000 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.231.98.193 , Japan, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://pastelink.net/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://pastelink.net date Sat, 15 Apr 2023 05:11:02 GMT cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true
GET H2	200	fastlane.json Show response fastlane.rubiconproject.com/a/api/	355 B 681 B	843ms 268ms	XHR application/json	2602:803:c006:158::65 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=2&alt_size_ids=1%2C55&rp_schain=1.0,1!buysellads.com,16898,1,,,&rf=https%3A%2F%2Fpastelink.net%2Fpl7clsuc&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_FixedFooter_ROS%23bsa-zone_1675868039084-1_123456&tk_flint=pbjs_lite_v7.10.0&x_source.tid=cc5ddebf-7234-49e5-9b2e-0ce2627b792b&l_pb_bid_id=1503e35f20365a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_FixedFooter_ROS%23bsa-zone_1675868039084-1_123456&slots=1&rand=0.6660446587245095 Requested by Host: cdn4.buysellads.net URL: https://cdn4.buysellads.net/pub/pastelink.js?1681535400000 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2602:803:c006:158::65 , Singapore, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.21.4 / Resource Hash 28b70bda9fb94c6740008a8bafde08023957e63509fdd428b668538f86d1399b Request headers Referer https://pastelink.net/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 15 Apr 2023 05:11:05 GMT server nginx/1.21.4 vary Accept-Encoding content-type application/json access-control-allow-origin https://pastelink.net p3p CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true content-length 355 expires Wed, 17 Sep 1975 21:32:10 GMT
GET H2	200	fastlane.json Show response fastlane.rubiconproject.com/a/api/	361 B 686 B	870ms 296ms	XHR application/json	2602:803:c006:158::65 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=15&alt_size_ids=2%2C1%2C16%2C232&rp_schain=1.0,1!buysellads.com,16898,1,,,&rf=https%3A%2F%2Fpastelink.net%2Fpl7clsuc&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_TopLeaderboard_ROS%23bsa-zone_1675868173958-4_123456&tk_flint=pbjs_lite_v7.10.0&x_source.tid=ff2175f7-b861-429e-be79-a895ce49e36c&l_pb_bid_id=164c06a845a3e55&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_TopLeaderboard_ROS%23bsa-zone_1675868173958-4_123456&slots=1&rand=0.9317020124142152 Requested by Host: cdn4.buysellads.net URL: https://cdn4.buysellads.net/pub/pastelink.js?1681535400000 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2602:803:c006:158::65 , Singapore, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.21.4 / Resource Hash e73012dbe29700d2f2198c318efe7fa4d9b9a07eb09fcf6a3357c968d0e3f1d2 Request headers Referer https://pastelink.net/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 15 Apr 2023 05:11:05 GMT server nginx/1.21.4 vary Accept-Encoding content-type application/json access-control-allow-origin https://pastelink.net p3p CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true content-length 361 expires Wed, 17 Sep 1975 21:32:10 GMT
GET H2	200	fastlane.json Show response fastlane.rubiconproject.com/a/api/	357 B 683 B	843ms 269ms	XHR application/json	2602:803:c006:158::65 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=15&alt_size_ids=9%2C8%2C10%2C16&rp_schain=1.0,1!buysellads.com,16898,1,,,&rf=https%3A%2F%2Fpastelink.net%2Fpl7clsuc&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_Sidebar_ROS%23bsa-zone_1675868324828-7_123456&tk_flint=pbjs_lite_v7.10.0&x_source.tid=58d02294-31bd-4eef-8ee3-5f7f6a227213&l_pb_bid_id=17d05d7b3f71577&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_Sidebar_ROS%23bsa-zone_1675868324828-7_123456&slots=1&rand=0.22793143911342062 Requested by Host: cdn4.buysellads.net URL: https://cdn4.buysellads.net/pub/pastelink.js?1681535400000 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2602:803:c006:158::65 , Singapore, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.21.4 / Resource Hash 4f98b5442d238752b806c6889eb3a15fa16d91126aef1cb7f64f44904e6fb50c Request headers Referer https://pastelink.net/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 15 Apr 2023 05:11:05 GMT server nginx/1.21.4 vary Accept-Encoding content-type application/json access-control-allow-origin https://pastelink.net p3p CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true content-length 357 expires Wed, 17 Sep 1975 21:32:10 GMT
GET H2	200	fastlane.json Show response fastlane.rubiconproject.com/a/api/	361 B 912 B	827ms 253ms	XHR application/json	2602:803:c006:158::65 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=15&alt_size_ids=10%2C16%2C53%2C67%2C101%2C102%2C221&rp_schain=1.0,1!buysellads.com,16898,1,,,&rf=https%3A%2F%2Fpastelink.net%2Fpl7clsuc&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_Interstitial_ROS%23bsa-zone_1675868453109-5_123456&tk_flint=pbjs_lite_v7.10.0&x_source.tid=a8a503e7-52c0-41cc-aef0-e73f385429a9&l_pb_bid_id=18761c33d48f5d6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_Interstitial_ROS%23bsa-zone_1675868453109-5_123456&slots=1&rand=0.22115098510494602 Requested by Host: cdn4.buysellads.net URL: https://cdn4.buysellads.net/pub/pastelink.js?1681535400000 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2602:803:c006:158::65 , Singapore, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.21.4 / Resource Hash f3edaa782adba8d1d8c9159dfddfe78d7a2e2ea2f4179534dd2f9f3ba8c7f4f4 Request headers Referer https://pastelink.net/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 15 Apr 2023 05:11:05 GMT server nginx/1.21.4 vary Accept-Encoding content-type application/json access-control-allow-origin https://pastelink.net p3p CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true content-length 361 expires Wed, 17 Sep 1975 21:32:10 GMT
POST H2	200	cdb Show response bidder.criteo.com/	18 B 311 B	95ms 83ms	XHR application/json	2406:2600:7:100::12 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.10.0&cb=98395359195&lsavail=1 Requested by Host: cdn4.buysellads.net URL: https://cdn4.buysellads.net/pub/pastelink.js?1681535400000 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Finatra / Resource Hash ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://pastelink.net/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Sat, 15 Apr 2023 05:11:03 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; server Finatra vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://pastelink.net access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * content-length 44
POST H2	200	prebid-request Show response onetag-sys.com/	15 B 361 B	270ms 4ms	XHR application/json	139.99.49.250 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/prebid-request Requested by Host: cdn4.buysellads.net URL: https://cdn4.buysellads.net/pub/pastelink.js?1681535400000 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 139.99.49.250 , Singapore, ASN16276 (OVH, FR), Reverse DNS ip250.ip-139-99-49.net Software / Resource Hash 663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://pastelink.net/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=15552000 content-encoding gzip content-type application/json access-control-allow-origin https://pastelink.net p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' cache-control no-transform, no-cache access-control-allow-credentials true access-control-allow-headers content-type, origin, referer, user-agent content-length 41
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	19 B 827 B	774ms 176ms	XHR application/json	104.254.151.68 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: cdn4.buysellads.net URL: https://cdn4.buysellads.net/pub/pastelink.js?1681535400000 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net Software nginx/1.21.3 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pastelink.net/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Sat, 15 Apr 2023 05:11:05 GMT AN-X-Request-Uuid c2000a91-4cf8-4679-b6c7-3eba9b683b0b Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type application/json; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://pastelink.net Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive X-Proxy-Origin 103.254.153.204; 103.254.153.204; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	200	prebid Show response prebid.media.net/rtb/	1 KB 1 KB	223ms 193ms	XHR application/json	34.107.148.139 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://prebid.media.net/rtb/prebid?cid=8CU18831I Requested by Host: cdn4.buysellads.net URL: https://cdn4.buysellads.net/pub/pastelink.js?1681535400000 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 139.148.107.34.bc.googleusercontent.com Software nginx / Resource Hash e22b18f684e2c5d88821bf1a2c8c8afbc11ead1879be23c1ffa526416c688802 Request headers Referer https://pastelink.net/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 15 Apr 2023 05:11:04 GMT content-encoding gzip via 1.1 google server nginx accept-ch Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model content-type application/json;charset=UTF-8 access-control-allow-origin https://pastelink.net cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true x-envoy-upstream-service-time 184 alt-svc clear expires Sat, 15 Apr 2023 05:11:04 GMT
POST H2	200	v1 Show response hb-api.omnitagjs.com/hb-api/prebid/	2 KB 1016 B	753ms 217ms	XHR application/json	54.218.93.122 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fpastelink.net%2Fpl7clsuc Requested by Host: cdn4.buysellads.net URL: https://cdn4.buysellads.net/pub/pastelink.js?1681535400000 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.218.93.122 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-218-93-122.us-west-2.compute.amazonaws.com Software / Resource Hash 0d66de884989af83b3094b4169f412f493aa045251435ffe0c1939ee485dfbfc Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://pastelink.net/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Sat, 15 Apr 2023 05:11:05 GMT via kong/2.8.3 content-encoding gzip x-content-type-options nosniff x-kong-proxy-latency 1 p3p CP="CAO PSA OUR" x-kong-upstream-latency 22 content-length 481 pragma no-cache access-control-max-age 3600 access-control-allow-methods OPTIONS, POST content-type application/json; charset=utf-8 access-control-allow-origin https://pastelink.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true vary Accept-Encoding access-control-allow-headers Accept-Encoding, Content-Type expires 0
POST H2	200	adreq Show response ads.servenobid.com/	765 B 680 B	880ms 461ms	XHR application/json	52.37.115.185 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ads.servenobid.com/adreq?cb=6270 Requested by Host: cdn4.buysellads.net URL: https://cdn4.buysellads.net/pub/pastelink.js?1681535400000 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.37.115.185 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-37-115-185.us-west-2.compute.amazonaws.com Software / Resource Hash bd3ab0a8a77f7fb4a5f243ed1c7270157737e1d1acc47e303227139a972bcaaf Request headers Referer https://pastelink.net/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Sat, 15 Apr 2023 05:11:05 GMT content-encoding gzip amp-access-control-allow-source-origin * vary accept-encoding content-type application/json access-control-allow-origin https://pastelink.net access-control-expose-headers AMP-Access-Control-Allow-Source-Origin cache-control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 access-control-allow-credentials true
GET H/1.1	200 OK	adagio.js Show response script.4dex.io/	74 KB 23 KB	33ms 13ms	Fetch application/javascript	2606:4700:20::ac43:4bf1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.4dex.io/adagio.js Requested by Host: script.4dex.io URL: https://script.4dex.io/localstore.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sat, 15 Apr 2023 05:11:04 GMT Content-Encoding br CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 1152027 Transfer-Encoding chunked Connection keep-alive Last-Modified Wed, 23 Nov 2022 15:43:17 GMT Server cloudflare ETag W/"c56b6332dacf72f135afcd153ae22448" Vary Origin, Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I0VpIt5WtL3fe8vkT4d48x2rg%2F%2FPtzaUCL5ZxPSH6Rsfry58xC8Po19QrGxeDmJYIhn3d3BxTg7QBql9ch021fZl7d%2BgyAoREgAWChEkFnQMqpwnw91eBDSS3u4XcAZqJu6EBsF1WgbCZ7E6"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers Cache-Control public, max-age=1800 CF-RAY 7b81af8ec8803fe5-SIN
GET H2	200	user_sync.html Show response ads.pubmatic.com/AdServer/js/ Frame 09B5	16 KB 6 KB	1277ms 4ms	Document text/html	104.65.228.208 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID) Requested by Host: pastelink.net URL: https://pastelink.net/pl7clsuc Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.65.228.208 , Singapore, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-65-228-208.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48 Request headers Referer https://pastelink.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers accept-ranges bytes cache-control max-age=132332 content-encoding gzip content-length 5554 content-type text/html date Sat, 15 Apr 2023 05:11:06 GMT expires Sun, 16 Apr 2023 17:56:38 GMT last-modified Fri, 16 Dec 2022 06:36:49 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" server Apache vary Accept-Encoding
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 456 B	17ms 6ms	Script application/javascript	2404:6800:4003:c05::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=pastelink.net Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js?cb=31073842 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 Apr 2023 05:11:05 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	4 KB 1 KB	231ms 231ms	XHR text/plain	2404:6800:4003:c06::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=228911651581322&correlator=1197488320371247&eid=31073825%2C31073832%2C31073837%2C31073842%2C31073866%2C44769661&output=ldjh&gdfp_req=1&vrg=202304120101&ptt=17&impl=fifs&iu_parts=22405481091%2CPastelink_S2S_FixedFooter_ROS%2CPastelink_S2S_TopLeaderboard_ROS%2CPastelink_S2S_Sidebar_ROS%2CPastelink_S2S_Interstitial_ROS%2CPastelink_S2S_TopAnchor_ROS&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=728x90%7C970x90%7C980x90%7C990x90%7C468x60%2C320x50%7C728x90%7C468x60%7C728x200%7C580x400%7C750x280%7C760x280%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C300x250%7C336x280%2C320x50%7C120x600%7C160x600%7C300x600%7C300x250%7C336x280%7C240x600%2C1x1%2C1x1&fluid=0%2Cheight%2Cheight%2C0%2C0&ifi=1&adks=840525636%2C3944560474%2C3798138915%2C1897443797%2C1230872867&sfv=1-0-40&ists=3&fas=0%2C0%2C0%2C8%2C2&prev_scp=optimize_ad_unit_id%3Dbsa-zone_1675868039084-1_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1675868173958-4_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1675868324828-7_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1675868453109-5_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1678879398722-5_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0&eri=1&cust_params=optimize_refreshed%3Dfalse%26optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Dtech%26optimize_env%3Dprod%26optimize_pub%3Dpastelink%26optimize_xp%3Da&sc=1&cookie_enabled=1&abxe=1&dt=1681535465636&lmt=1681535465&dlt=1681535462289&idt=1952&adxs=-12245933%2C310%2C1091%2C-9%2C-9&adys=-12245933%2C319%2C521%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C0%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpastelink.net%2Fpl7clsuc&frm=20&vis=1&psz=1600x-1%7C705x398%7C168x607%7C0x-1%7C0x-1&msz=0x-1%7C705x250%7C120x600%7C0x-1%7C0x-1&fws=644%2C4%2C4%2C2%2C2&ohw=1600%2C1600%2C1600%2C0%2C0&ga_vid=396795388.1681535463&ga_sid=1681535466&ga_hid=744438706&ga_fc=true Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js?cb=31073842 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash bcfb46a24a3c13748a4b8f82a79fc84b881ae3c3292bfab4183a39e11956353e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 Apr 2023 05:11:05 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2,-2,-2,-2,-2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 965 x-xss-protection 0 google-lineitem-id -2,-2,-2,-2,-2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2,-2,-2,-2,-2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://pastelink.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	15 KB 11 KB	25ms 13ms	XHR application/json	2404:6800:4003:c1a::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304120101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js?cb=31073842 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c1a::9b , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 55bd8eb36427b406bd05816d7519238e2da7448ed13f072b08470fc29cb5ff63 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 Apr 2023 05:11:05 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11210 x-xss-protection 0
GET H2	200	container.html Show response a16b5ddf606141bba79787de24991c7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D4C8	6 KB 3 KB	22ms 5ms	Document text/html	2404:6800:4003:c03::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://a16b5ddf606141bba79787de24991c7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js?cb=31073842 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pastelink.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sat, 15 Apr 2023 05:11:05 GMT expires Sun, 14 Apr 2024 05:11:05 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	pubads_impl_page_level_ads.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/	33 KB 12 KB	5ms 4ms	Script text/javascript	2404:6800:4003:c06::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl_page_level_ads.js?cb=31073842 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js?cb=31073842 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5eb4c77a785e1f4940593caddda5634078923c5dff348a9f434e69585c04250a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Apr 2023 18:50:57 GMT content-encoding br x-content-type-options nosniff age 37208 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12007 x-xss-protection 0 server cafe etag 8061825146712902626 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Sat, 13 Apr 2024 18:50:57 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	15ms 5ms	Script text/javascript	2404:6800:4003:c05::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js?cb=31073842 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c05::84 , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 Apr 2023 05:11:05 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sat, 15 Apr 2023 05:11:05 GMT
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame B904	13 KB 5 KB	6ms 4ms	Document text/html	2404:6800:4003:c05::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c05::84 , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pastelink.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers accept-ranges bytes age 277817 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Wed, 12 Apr 2023 00:00:48 GMT expires Thu, 11 Apr 2024 00:00:48 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame CD5D	783 B 916 B	8ms 7ms	Document text/html	2404:6800:4003:c11::63 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c11::63 , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 9a710c2ee59c3d9a2521a3f69a7fb253ad202a5f1b4992cdc34dc57ecab6d18f Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-OQOmPNwRakYpWuoGB-mnSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://pastelink.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-length 512 content-security-policy script-src 'report-sample' 'nonce-OQOmPNwRakYpWuoGB-mnSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sat, 15 Apr 2023 05:11:05 GMT expires Sat, 15 Apr 2023 05:11:05 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame CD5D	0 0	63ms 54ms	Image text/html	2404:6800:4003:c1a::9b GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304120101&jk=228911651581322&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4003:c1a::9b , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3	200	MezC-G1ZF-1GZ9yqq0o7IScgI3uEZvBcP5CgXoWKMDE.js Show response pagead2.googlesyndication.com/bg/ Frame B904	36 KB 14 KB	12ms 5ms	Script text/javascript	2404:6800:4003:c1a::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/MezC-G1ZF-1GZ9yqq0o7IScgI3uEZvBcP5CgXoWKMDE.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4003:c1a::9b , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 31ecc2f86d5917ed4667dcaaab4a3b212720237b8466f05c3f90a05e858a3031 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 13 Apr 2023 20:38:11 GMT content-encoding br x-content-type-options nosniff age 117174 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14288 x-xss-protection 0 last-modified Tue, 11 Apr 2023 10:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 12 Apr 2024 20:38:11 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame B904	0 10 B	4ms 3ms	Image text/plain	2404:6800:4003:c05::84 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?VuUrjw Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4003:c05::84 , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language zh-SG,zh;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 Apr 2023 05:11:05 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	usync.html Show response eus.rubiconproject.com/ Frame FE38 Redirect Chain https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=apac https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac	281 B 410 B	18ms 4ms	Document text/html	104.69.39.62 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac Requested by Host: pastelink.net URL: https://pastelink.net/pl7clsuc Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.69.39.62 , Singapore, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-69-39-62.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Referer https://pastelink.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers accept-ranges bytes content-encoding gzip content-length 233 content-type text/html; charset=UTF-8 date Sat, 15 Apr 2023 05:11:06 GMT etag "403b9-119-5ec73a0a33d00" last-modified Wed, 02 Nov 2022 02:30:44 GMT server Apache/2.2.15 (CentOS) vary Accept-Encoding Redirect headers access-control-allow-credentials true access-control-allow-origin * content-length 0 date Sat, 15 Apr 2023 05:11:06 GMT location https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac server AkamaiGHost
GET H2	200	PugMaster Show response image6.pubmatic.com/AdServer/ Frame 09B5	5 KB 6 KB	1180ms 3ms	Script text/html	103.231.98.196
General Check archive.org Show headers Download Go to Full URL https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=26627029&p=159110&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID) Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.231.98.196 -, , ASN (), Reverse DNS Software / Resource Hash a790cd35d4c77161f5b43f6faee75b94abf0061c2ae0edf277dbf092464706a0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-type text/html; charset=UTF-8 date Sat, 15 Apr 2023 05:11:07 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H2	200	usync.js Show response eus.rubiconproject.com/ Frame FE38	34 KB 10 KB	5ms 4ms	Script text/html	104.69.39.62 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.69.39.62 , Singapore, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-69-39-62.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash 208a51e150f72d5301241a7c18097aa348a24536424542569774153c5a44bdbb Request headers accept-language zh-SG,zh;q=0.9 Referer https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 Apr 2023 05:11:06 GMT content-encoding gzip last-modified Fri, 14 Apr 2023 19:04:05 GMT server Apache/2.2.15 (CentOS) x-powered-by PHP/5.3.3 vary Accept-Encoding content-type text/html; charset=UTF-8 p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" cache-control max-age=49966 content-length 10019 expires Sat, 15 Apr 2023 19:03:52 GMT
GET H2	200	setuid u.4dex.io/ Frame FE38 Redirect Chain https://pixel-apac.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=LGHIST1X-26-5OAV https://u.4dex.io/setuid?bidder=rubicon&uid=LGHIST1X-26-5OAV	0 637 B	94ms 78ms	Image text/plain	34.149.40.38 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://u.4dex.io/setuid?bidder=rubicon&uid=LGHIST1X-26-5OAV Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac Protocol H2 Server 34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 38.40.149.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language zh-SG,zh;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sat, 15 Apr 2023 05:11:06 GMT via 1.1 google vary Origin, Accept-Encoding cache-control no-cache, no-store, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires 0 Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Content-Type text/html Location https://u.4dex.io/setuid?bidder=rubicon&uid=LGHIST1X-26-5OAV Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost d335433bbbe0efeac67146df47932f6f Expires 0
GET H/1.1	200 OK	ecm3 aax-eu.amazon-adsystem.com/s/ Frame FE38 Redirect Chain https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=hFQxtMXtRkWRXNCp967A-w&rk=usync-other https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=hFQxtMXtRkWRXNCp967A-w	43 B 479 B	196ms 196ms	Image image/gif	67.220.224.150
General Check archive.org Show headers Download Go to Show image Full URL https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=hFQxtMXtRkWRXNCp967A-w Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac Protocol HTTP/1.1 Server 67.220.224.150 -, , ASN (), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language zh-SG,zh;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Sat, 15 Apr 2023 05:11:07 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid TG18DMDFPQSY8RD66NMK Vary Content-Type,Accept-Encoding,User-Agent Content-Type image/gif Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Location https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=hFQxtMXtRkWRXNCp967A-w Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost dedf7fc216a5bbc739a54325e875a79f P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame FE38 Redirect Chain https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 https://pr-bh.ybp.yahoo.com/sync/rubicon/S1Y41a9BrqQFUPkz0kPrYsn5EUdSAgOZEtemQ7w0kco?csrc= https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-miJ_kp5E2oL7nClfJUOwwn6cgZjFJ11YTPAtiw--~A	42 B 703 B	1080ms 6ms	Image image/gif	69.173.158.64 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-miJ_kp5E2oL7nClfJUOwwn6cgZjFJ11YTPAtiw--~A Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac Protocol HTTP/1.1 Server 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language zh-SG,zh;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 42 X-RPHost 38ddff6a66d3988dfd0c6ea3be81c5f1 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers date Sat, 15 Apr 2023 05:11:06 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin server ATS content-security-policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options DENY location https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-miJ_kp5E2oL7nClfJUOwwn6cgZjFJ11YTPAtiw--~A content-length 0
GET H2	200	pixel cm.g.doubleclick.net/ Frame FE38 Redirect Chain https://token.rubiconproject.com/token?pid=2249&pt=n https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmY1ZTRjZTVhOTczMzRmZmRmYjM4MDRkZGJjOTU0ODQ0M2I4ZmU2Mg	170 B 409 B	1038ms 7ms	Image image/png	142.251.12.156
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmY1ZTRjZTVhOTczMzRmZmRmYjM4MDRkZGJjOTU0ODQ0M2I4ZmU2Mg Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac Protocol H2 Server 142.251.12.156 -, , ASN (), Reverse DNS Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sat, 15 Apr 2023 05:11:07 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmY1ZTRjZTVhOTczMzRmZmRmYjM4MDRkZGJjOTU0ODQ0M2I4ZmU2Mg Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 94869a3d6d62a785bc2a9351b08a70bb P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H/1.1	200 OK	ecm3 s.amazon-adsystem.com/ Frame FE38 Redirect Chain https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=E7pD_UccQoqvap4cicrD3A&rk=usync-na https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=E7pD_UccQoqvap4cicrD3A	43 B 479 B	233ms 233ms	Image image/gif	209.54.182.161
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=E7pD_UccQoqvap4cicrD3A Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac Protocol HTTP/1.1 Server 209.54.182.161 -, , ASN (), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language zh-SG,zh;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Sat, 15 Apr 2023 05:11:07 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid T5AEBM62P9CFPPFSM61W Vary Content-Type,Accept-Encoding,User-Agent Content-Type image/gif Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Location https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=E7pD_UccQoqvap4cicrD3A Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost d335433bbbe0efeac67146df47932f6f P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	setuid px.ads.linkedin.com/ Frame FE38 Redirect Chain https://token.rubiconproject.com/token?pid=36584 https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGHIST1X-26-5OAV	0 515 B	184ms 170ms	Image text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGHIST1X-26-5OAV Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac Protocol H2 Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language zh-SG,zh;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 Apr 2023 05:11:06 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 1A7D03B0234B43C297FBF3D38BB6FC25 Ref B: SIN30EDGE0712 Ref C: 2023-04-15T05:11:06Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lor1 x-li-proto http/2 content-length 0 x-li-uuid AAX5WPwmfxBxZ/s+VmsuxA== Redirect headers Location https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGHIST1X-26-5OAV Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 550b0c1400f70e56269f7c1848fb3166 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame FE38 Redirect Chain https://match.adsrvr.org/track/cmf/rubicon https://match.adsrvr.org/track/cmb/rubicon? https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e7beaadd-0634-48b6-9804-d24a65ef629a&gdpr=0&gdpr_consent=&expires=30	42 B 703 B	853ms 5ms	Image image/gif	69.173.158.64 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e7beaadd-0634-48b6-9804-d24a65ef629a&gdpr=0&gdpr_consent=&expires=30 Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac Protocol HTTP/1.1 Server 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language zh-SG,zh;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 42 X-RPHost 0d2bd05215470efb17ae41aff76c3f98 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Sat, 15 Apr 2023 05:11:06 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e7beaadd-0634-48b6-9804-d24a65ef629a&gdpr=0&gdpr_consent=&expires=30 content-type text/html cache-control private,no-cache, must-revalidate content-length 289
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame FE38 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEK449vfEA4z1O5NFNa94jTg&google_cver=1	42 B 703 B	56ms 12ms	Image image/gif	69.173.158.64 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEK449vfEA4z1O5NFNa94jTg&google_cver=1 Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac Protocol HTTP/1.1 Server 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language zh-SG,zh;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 42 X-RPHost 4b9b5fe4fdc8ed94e0f7cdc225df187a P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Sat, 15 Apr 2023 05:11:07 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEK449vfEA4z1O5NFNa94jTg&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 326 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame FE38 Redirect Chain https://token.rubiconproject.com/token?pid=25470 https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEdISVNUMVgtMjYtNU9BVg== https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEORzDOAOi95Nxt3JgFIqBw8&google_cver=1 https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdISVNUMVgtMjYtNU9BVg==&google_push=	170 B 232 B	8ms 8ms	Image image/png	142.251.12.156
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdISVNUMVgtMjYtNU9BVg==&google_push= Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac Protocol H2 Server 142.251.12.156 -, , ASN (), Reverse DNS Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sat, 15 Apr 2023 05:11:07 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Content-Type text/html Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdISVNUMVgtMjYtNU9BVg==&google_push= Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 4b9b5fe4fdc8ed94e0f7cdc225df187a Expires 0
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	48ms 48ms	Image text/html	2404:6800:4003:c1a::9b GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304120101&jk=228911651581322&bg=!hIelh9PNAAZA7GLoYOw7ADkAdvg8WtEKkss4gYzUHPeBhmAnmi9GztgoKX2DPRKKD-kOzwU5qa2zITRYnrOVa-z7dwEvoAfXPOUCAAAAWVIAAAACaAEHCgCbMZetbNLM5HTAYau6T8zyodwTuSYr2kTMbXljSd7R1jdd-hXbZndqmOxVl2nxpbM22UfxjHteWm2XiPllc4wntuBKsCvx78o1u0BOJCIyiyYD1ENE0ULZDEVB3fvl3RaMWO_y03f9c9PL-KoExGYSBV8BzvXLfxKcwc-LswHxkZEUEz-awbmUB4pV20AP2moDBrxct3Kli8sLtSqZAqHME4xC1VTbe_xUVfKEz0CMCqj9qepbRG0KTwGK9pAa21Pp3caFLsSfgSgg8tgGc1wqmqTyHiS3OeWn8W-MJ7Gyy2SGvbFcVrOR7cTZKdfaTs4MEGpvQ3MKd3R_xBya-RfUuHaapbAlCZ8l_CX_kjTvu4qhBpnjTnD4uM87Yd1MV-ucz8hG_0NGoUSUT8sOpVbNv1Rs4oesAX7k277yoJzG7z-A3ldPlaoDFcAQKkpVCzAugsa3U-agZG6rlTwmkxs1wDKE0qFfBTyemBp43aCq29OnXz2wnb58WdJwhyiaC7Eg1D2c8Hf_oCeAOcZ8exlIqZBx8c2lYyNwanalyGvQS5MP8qMHGWxxG1uUZ2SOSh4yOAdb2r5XSKyYpUWq9jFAnGOPWfP96h-As6JFNv7DiM9jPhcmgjWcYZBv7a9lhmQYLBFziR24FjgpU2jhRZoqLu5hXAwolCBiKJDfjg-Bc6oS1rKATYJ7UwtUlZy8OHIsxcuIEUrjjKv5Lb5tm9wS8K27hN_WhvL8ytLkVyI05XcELdVUuFmn9Kly-Z0ro6HBZA-fA0tLJeBdHbZMmUm9pZUjmo_htYwJJYzXGLBmQ55llGo_HiV9v4bAYCE04p5j6Al0dHxylFfgbgXV-hYCAS0JQ746WClQzV5FlbGCM8DibvWyfwktNvp7FS6XDwqEwwHQYTPxFGRhXCpVG_Ziw1EsIZAbDvdqCWaobxziOsxBXMDW8BOHZgvkqZLxp6XGNI_9cfQi4R5vPnUDk1dPRA2CyrKd9snF4HrStO_ITvsXYcGFWbd-kKzx-sdXYaUJnT2oPjjffMCRU6nAKEqx2TUTCO2FTBVwn_T8Yahjcu8pUBBXJqVTZBetiA8TRMU3LYV5-nAVYFowiwbuZzus Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4003:c1a::9b , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	setuid u.4dex.io/ Redirect Chain https://ssum-sec.casalemedia.com/usermatchredir?s=194558&cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D&s=194558&C=1 https://u.4dex.io/setuid?bidder=indexexchange&uid=ZDox6i-qAQsoB3Rt38M78AAAE0kAAAIB	0 633 B	80ms 79ms	Image text/plain	34.149.40.38 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://u.4dex.io/setuid?bidder=indexexchange&uid=ZDox6i-qAQsoB3Rt38M78AAAE0kAAAIB Protocol H2 Server 34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 38.40.149.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sat, 15 Apr 2023 05:11:07 GMT via 1.1 google vary Origin, Accept-Encoding cache-control no-cache, no-store, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires 0 Redirect headers Pragma no-cache Date Sat, 15 Apr 2023 05:11:06 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://u.4dex.io/setuid?bidder=indexexchange&uid=ZDox6i-qAQsoB3Rt38M78AAAE0kAAAIB Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=499 Content-Length 0 Expires 0
GET H2	200	publishertag.prebid.123.js Show response static.criteo.net/js/ld/	87 KB 28 KB	257ms 88ms	Script text/javascript	2406:2600:7:100::1
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.123.js Requested by Host: cdn4.buysellads.net URL: https://cdn4.buysellads.net/pub/pastelink.js?1681535400000 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2406:2600:7:100::1 -, , ASN (), Reverse DNS Software nginx / Resource Hash 3af1a442285e2530e69db134638ec9305ab0abf88e5ef5248bb9b8f1903a8bd4 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 Apr 2023 05:11:07 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Thu, 06 Apr 2023 09:31:17 GMT server nginx etag W/"642e9165-15b5c" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Sun, 16 Apr 2023 05:11:07 GMT
GET H2	200	Pug Show response simage2.pubmatic.com/AdServer/ Frame 4236 Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%... https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b5e3643a-31eb-4d00-b9d3-13fbc1b2e0fd&gdpr=0&gdpr_consent=	42 B 325 B	15ms 5ms	Document image/gif	67.199.150.86
General Check archive.org Show headers Download Go to Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b5e3643a-31eb-4d00-b9d3-13fbc1b2e0fd&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID) Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 67.199.150.86 -, , ASN (), Reverse DNS Software nginx / Resource Hash 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002 Request headers Referer https://ads.pubmatic.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers cache-control no-store, no-cache, private content-length 42 content-type image/gif; charset=utf-8 date Sat, 15 Apr 2023 05:11:07 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" server nginx Redirect headers Access-Control-Allow-Origin * Cache-Control no-cache Connection keep-alive Content-Length 0 Content-Type image/gif Date Sat, 15 Apr 2023 05:11:07 GMT Expires Sat, 15 Apr 2023 05:11:06 GMT Keep-Alive timeout=360 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Server MT3 796 58fb543 master hkg-pixel-x6 config_version:"unknown" location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b5e3643a-31eb-4d00-b9d3-13fbc1b2e0fd&gdpr=0&gdpr_consent=
GET		b9pj45k4 sync-tm.everesttech.net/upi/pid/ Frame D257	0 0
GET		send cm.ambientdsp.com/cm/ Frame E3C1	0 0
GET H2	200	Pug Show response simage2.pubmatic.com/AdServer/ Frame 8297 Redirect Chain https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5972146395925590673&gdpr=0&gdpr_consent=	42 B 298 B	5ms 4ms	Document image/gif	67.199.150.86
General Check archive.org Show headers Download Go to Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5972146395925590673&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID) Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 67.199.150.86 -, , ASN (), Reverse DNS Software nginx / Resource Hash 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002 Request headers Referer https://ads.pubmatic.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers cache-control no-store, no-cache, private content-length 42 content-type image/gif; charset=utf-8 date Sat, 15 Apr 2023 05:11:06 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" server nginx Redirect headers AN-X-Request-Uuid a6fad4d9-3fee-418a-a5dc-861dc94ffdf5 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Access-Control-Allow-Credentials true Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Connection keep-alive Content-Length 0 Content-Type text/html; charset=utf-8 Date Sat, 15 Apr 2023 05:11:07 GMT Expires Sat, 15 Nov 2008 16:00:00 GMT Location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5972146395925590673&gdpr=0&gdpr_consent= P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Pragma no-cache Server nginx/1.21.3 X-Proxy-Origin 103.254.153.204; 103.254.153.204; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com X-XSS-Protection 0
GET H2	200	Pug Show response image2.pubmatic.com/AdServer/ Frame 3DB3 Redirect Chain https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=GjteZR8-CGYBOlQ3SjtAYU9tWGABPV41HW5f18dO	42 B 569 B	9ms 3ms	Document image/gif	207.65.33.82
General Check archive.org Show headers Download Go to Full URL https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=GjteZR8-CGYBOlQ3SjtAYU9tWGABPV41HW5f18dO Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID) Protocol H2 Security TLS 1.3, , AES_128_GCM Server 207.65.33.82 -, , ASN (), Reverse DNS Software nginx / Resource Hash 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002 Request headers Referer https://ads.pubmatic.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers cache-control no-store, no-cache, private content-length 42 content-type image/gif; charset=utf-8 date Sat, 15 Apr 2023 05:11:07 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" server nginx Redirect headers access-control-allow-credentials true access-control-allow-origin * cache-control private, no-cache, no-store, proxy-revalidate content-length 0 date Sat, 15 Apr 2023 05:11:07 GMT expires Fri, 04 Aug 1978 12:00:00 GMT location https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=GjteZR8-CGYBOlQ3SjtAYU9tWGABPV41HW5f18dO p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" pragma no-cache strict-transport-security max-age=86400
GET		usersync.aspx dis.criteo.com/dis/ Frame CBAD	0 0
GET		sync sync.srv.stackadapt.com/ Frame 1A7E	0 0
GET H2	200	Pug Show response simage2.pubmatic.com/AdServer/ Frame 8CCA Redirect Chain https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=acf7dd4df56c4b98934757fe4421e1fd	42 B 305 B	170ms 6ms	Document image/gif	67.199.150.86
General Check archive.org Show headers Download Go to Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=acf7dd4df56c4b98934757fe4421e1fd Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID) Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 67.199.150.86 -, , ASN (), Reverse DNS Software nginx / Resource Hash 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002 Request headers Referer https://ads.pubmatic.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers cache-control no-store, no-cache, private content-length 42 content-type image/gif; charset=utf-8 date Sat, 15 Apr 2023 05:11:07 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" server nginx Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-length 0 content-type text/html;charset=UTF-8 date Sat, 15 Apr 2023 05:11:19 GMT expires Fri, 01 Jan 1990 00:00:00 GMT location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=acf7dd4df56c4b98934757fe4421e1fd p3p CP="NOI DSP COR NID CUR OUR NOR" pragma no-cache server Apache-Coyote/1.1 status 302 via 1.1 google x-xss-protection 1; mode=block
GET H2	200	cm Show response ipac.ctnsnet.com/int/ Frame 6C03	43 B 360 B	85ms 46ms	Document image/gif	35.186.193.173
General Check archive.org Show headers Download Go to Full URL https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id] Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID) Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.186.193.173 -, , ASN (), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a Request headers Referer https://ads.pubmatic.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-length 43 content-type image/gif date Sat, 15 Apr 2023 05:10:32 GMT expires Fri, 01 Jan 1990 00:00:00 GMT p3p CP="NOI DSP COR NID CUR OUR NOR" pragma no-cache server Apache-Coyote/1.1 via 1.1 google
GET		usersyncsupply cm-supply-web.gammaplatform.com/adx/ Frame AAAD	0 0
GET		pubmatic gocm.c.appier.net/ Frame BBF8	0 0
GET		send sync-dsp.ad-m.asia/dsp/api/sync/ Frame 2899	0 0
GET H/1.1	200 OK	pxd Show response dps.jp.cinarra.com/ Frame EC6B	95 B 220 B	541ms 70ms	Document image/png	18.182.102.48
General Check archive.org Show headers Download Go to Full URL https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=FF09AA58-1503-42BF-8E33-1E572C4BDDC2 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID) Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.182.102.48 -, , ASN (), Reverse DNS Software / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Request headers Referer https://ads.pubmatic.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers Connection keep-alive Content-Length 95 Content-Type image/png Date Sat, 15 Apr 2023 05:11:07 GMT
GET H2	200	Pug Show response simage2.pubmatic.com/AdServer/ Frame 81B2 Redirect Chain https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1681535467375 https://ad.turn.com/r/cs?pid=45&rndcb=4023876726 https://sync.1rx.io/usersync/turn/7940768862404597278?dspret=1&gdpr=&gdpr_consent=&us_privacy= https://sync.targeting.unrulymedia.com/csync/RX-d74c52a9-098a-418e-b2a1-0f6448ed88d9-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%... https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d74c52a9-098a-418e-b2a1-0f6448ed88d9-004	42 B 254 B	4ms 4ms	Document image/gif	67.199.150.86
General Check archive.org Show headers Download Go to Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d74c52a9-098a-418e-b2a1-0f6448ed88d9-004 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID) Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 67.199.150.86 -, , ASN (), Reverse DNS Software nginx / Resource Hash 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002 Request headers Referer https://ads.pubmatic.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers cache-control no-store, no-cache, private content-length 42 content-type image/gif; charset=utf-8 date Sat, 15 Apr 2023 05:11:07 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" server nginx Redirect headers content-type text/html date Sat, 15 Apr 2023 05:11:07 GMT etag RXd74c52a9098a418eb2a10f6448ed88d9004 location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d74c52a9-098a-418e-b2a1-0f6448ed88d9-004 p3p CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
GET H2	200	bridge Show response cm.adgrx.com/ Frame 3C8E	0 230 B	158ms 4ms	Document text/plain	3.1.14.27
General Check archive.org Show headers Download Go to Full URL https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID) Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.1.14.27 -, , ASN (), Reverse DNS Software Cowboy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ads.pubmatic.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, proxy-revalidate content-length 0 date Sat, 15 Apr 2023 05:11:07 GMT expires Thu, 23 Sep 2004 17:42:04 GMT p3p CP="NOI OTC OTP OUR NOR" pragma no-cache server Cowboy x-realserver-nx aws-apsoutheast1c-delivery-3
GET H2	200	i.match Show response s.tribalfusion.com/z/ Frame EB2F Redirect Chain https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI... https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...	43 B 412 B	206ms 191ms	Document image/gif	2606:4700::6812:19ad
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID) Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19ad -, , ASN (), Reverse DNS Software cloudflare / Resource Hash 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0 Request headers Referer https://ads.pubmatic.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-cache private cf-cache-status DYNAMIC cf-ray 7b81afa06da491ba-SIN content-length 43 content-type image/gif; charset=utf-8 date Sat, 15 Apr 2023 05:11:07 GMT expires Thu, 01 Jan 1970 00:00:00 GMT p3p CP="NOI DEVo TAIa OUR BUS" pragma no-cache server cloudflare x-function 302 Redirect headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-cache private cf-cache-status DYNAMIC cf-ray 7b81af9f1c9091ba-SIN content-type text/html date Sat, 15 Apr 2023 05:11:07 GMT expires Thu, 01 Jan 1970 00:00:00 GMT location https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} p3p CP="NOI DEVo TAIa OUR BUS" pragma no-cache server cloudflare x-function 206 x-reuse-index 777
GET		/ csync.loopme.me/ Frame C9C4	0 0
GET		cookiesync core.iprom.net/ Frame DBD1	0 0
GET		141 match.deepintent.com/usersync/ Frame BE4E	0 0
GET H2	200	setuid Show response u.4dex.io/ Frame CA02	0 741 B	80ms 79ms	Document text/plain	34.149.40.38 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)FF09AA58-1503-42BF-8E33-1E572C4BDDC2 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID) Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 38.40.149.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ads.pubmatic.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, must-revalidate content-length 0 date Sat, 15 Apr 2023 05:11:07 GMT expires 0 pragma no-cache vary Origin Accept-Encoding via 1.1 google
GET H2	200	user_sync.html ads.pubmatic.com/AdServer/js/ Frame 09B5 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_wmqWBUDQr-OMx5XLEvdwg%3D%3D&gdpr=0&gdpr_consent= https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=	16 KB 16 KB	7ms 6ms	Image text/html	104.65.228.208 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID) Protocol H2 Server 104.65.228.208 , Singapore, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-65-228-208.deploy.static.akamaitechnologies.com Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language zh-SG,zh;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 Apr 2023 05:11:07 GMT content-encoding gzip last-modified Fri, 16 Dec 2022 06:36:49 GMT server Apache vary Accept-Encoding content-type text/html p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" cache-control max-age=132331 accept-ranges bytes content-length 5554 expires Sun, 16 Apr 2023 17:56:38 GMT Redirect headers pragma no-cache date Sat, 15 Apr 2023 05:11:07 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent= p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 301 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		qmap sync.crwdcntrl.net/ Frame 09B5	0 0
GET H2	200	receive pixel.tapad.com/idsync/ex/ Frame 09B5 Redirect Chain https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=FF09AA58-1503-42BF-8E33-1E572C4BDDC2 https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=FF09AA58-1503-42BF-8E33-1E572C4BDDC2 https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=4379b834-acfd-4464-9d8d-6c4321267203%252C%252C&gdpr=0&gdpr_consent= https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=e7beaadd-0634-48b6-9804-d24a65ef629a&ttd_puid=4379b834-acfd-4464-9d8d-6c4321267203%2C%2C	95 B 441 B	59ms 59ms	Image image/png	34.111.113.62
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=e7beaadd-0634-48b6-9804-d24a65ef629a&ttd_puid=4379b834-acfd-4464-9d8d-6c4321267203%2C%2C Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID) Protocol H2 Server 34.111.113.62 -, , ASN (), Reverse DNS Software / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language zh-SG,zh;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 Apr 2023 05:11:07 GMT strict-transport-security max-age=31536000 via 1.1 google accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 content-type image/png access-control-allow-origin * p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 95 Redirect headers pragma no-cache date Sat, 15 Apr 2023 05:11:07 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=e7beaadd-0634-48b6-9804-d24a65ef629a&ttd_puid=4379b834-acfd-4464-9d8d-6c4321267203%2C%2C content-type text/html cache-control private,no-cache, must-revalidate content-length 359
GET		info uipglob.semasio.net/pubmatic/1/ Frame 09B5	0 0
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame 09B5 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkYwOUFBNTgtMTUwMy00MkJGLThFMzMtMUU1NzJDNEJEREMy&gdpr=0&gdpr_consent= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=	42 B 95 B	19ms 4ms	Image image/gif	207.65.33.82
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID) Protocol H2 Server 207.65.33.82 -, , ASN (), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language zh-SG,zh;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-type image/gif; charset=utf-8 date Sat, 15 Apr 2023 05:11:07 GMT cache-control no-store, no-cache, private server nginx content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Sat, 15 Apr 2023 05:11:07 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame 09B5 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFV0CV9tqVC9ILlqj6R3vSY&google_cver=1	42 B 301 B	18ms 4ms	Image image/gif	207.65.33.82
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFV0CV9tqVC9ILlqj6R3vSY&google_cver=1 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID) Protocol H2 Server 207.65.33.82 -, , ASN (), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language zh-SG,zh;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-type image/gif; charset=utf-8 date Sat, 15 Apr 2023 05:11:07 GMT cache-control no-store, no-cache, private server nginx content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Sat, 15 Apr 2023 05:11:07 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFV0CV9tqVC9ILlqj6R3vSY&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 379 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pubmatic um.simpli.fi/ Frame 09B5	43 B 611 B	44ms 4ms	Image image/gif	34.124.209.251
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID) Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.124.209.251 -, , ASN (), Reverse DNS Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language zh-SG,zh;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 Apr 2023 05:11:07 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff last-modified Mon, 28 Sep 1970 06:00:00 GMT access-control-allow-methods GET, POST, OPTIONS content-type image/gif access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 43 expires Fri, 14 Apr 2023 05:11:07 GMT
GET H2	200	FF09AA58-1503-42BF-8E33-1E572C4BDDC2 pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 09B5	43 B 602 B	20ms 9ms	Image image/gif	2406:da18:929:5a00:fb7d:9678:2a11:d888 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pr-bh.ybp.yahoo.com/sync/pubmatic/FF09AA58-1503-42BF-8E33-1E572C4BDDC2?gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID) Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2406:da18:929:5a00:fb7d:9678:2a11:d888 , Singapore, ASN16509 (AMAZON-02, US), Reverse DNS Software ATS / Resource Hash 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438 Security Headers Name Value Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language zh-SG,zh;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 Apr 2023 05:11:07 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin server ATS content-security-policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options DENY content-type image/gif content-length 43
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame 09B5 Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e7beaadd-0634-48b6-9804-d24a65ef629a&gdpr=0&gdpr_consent=	42 B 278 B	236ms 5ms	Image image/gif	67.199.150.86
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e7beaadd-0634-48b6-9804-d24a65ef629a&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID) Protocol H2 Server 67.199.150.86 -, , ASN (), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language zh-SG,zh;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-type image/gif; charset=utf-8 date Sat, 15 Apr 2023 05:11:07 GMT cache-control no-store, no-cache, private server nginx content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Sat, 15 Apr 2023 05:11:07 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e7beaadd-0634-48b6-9804-d24a65ef629a&gdpr=0&gdpr_consent= content-type text/html cache-control private,no-cache, must-revalidate content-length 355
GET		sync ups.analytics.yahoo.com/ups/58292/ Frame 09B5	0 0
GET		sync pool.admedo.com/ Frame 09B5 Redirect Chain https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=e9b38147-c76d-4d7d-8ee0-c36d0a1195f1	0 0
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame 09B5 Redirect Chain https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO... https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%... https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1672469776004660522	42 B 242 B	4ms 4ms	Image image/gif	67.199.150.86
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1672469776004660522 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID) Protocol H2 Server 67.199.150.86 -, , ASN (), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language zh-SG,zh;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-type image/gif; charset=utf-8 date Sat, 15 Apr 2023 05:11:06 GMT cache-control no-store, no-cache, private server nginx content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Sat, 15 Apr 2023 05:11:07 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1672469776004660522 access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame 09B5 Redirect Chain https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7868711268366669342&gdpr=0&gdpr_consent=&us_privacy=	1 B 195 B	6ms 4ms	Image text/html	67.199.150.86
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7868711268366669342&gdpr=0&gdpr_consent=&us_privacy= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID) Protocol H2 Server 67.199.150.86 -, , ASN (), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language zh-SG,zh;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-type text/html; charset=utf-8 date Sat, 15 Apr 2023 05:11:07 GMT cache-control no-store, no-cache, private server nginx content-length 1 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7868711268366669342&gdpr=0&gdpr_consent=&us_privacy= pragma no-cache date Sat, 15 Apr 2023 05:11:06 GMT cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 content-length 0 p3p policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame 09B5 Redirect Chain https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=FF09AA58-1503-42BF-8E33-1E572C4BDDC2&gdpr=0&gdpr_consent= https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=25b5a8ae7cff2042&is_secure=true&networkId=17100&version=1&nuid=FF09AA58-1503-42BF-8E33-1E572C4BDDC2&gdpr=0&gdpr_consent= https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALgkpS9a5izAM52TH9AAAAAAA&expiration=1681621867&nuid=FF09AA58-1503-42BF-8E33-1E572C4BDDC2&...	42 B 492 B	215ms 4ms	Image image/gif	67.199.150.86
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALgkpS9a5izAM52TH9AAAAAAA&expiration=1681621867&nuid=FF09AA58-1503-42BF-8E33-1E572C4BDDC2&is_secure=true&gdpr_consent=&gdpr=0 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID) Protocol H2 Server 67.199.150.86 -, , ASN (), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language zh-SG,zh;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-type image/gif; charset=utf-8 date Sat, 15 Apr 2023 05:11:07 GMT cache-control no-store, no-cache, private server nginx content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Sat, 15 Apr 2023 05:11:07 GMT server nginx p3p policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP" location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALgkpS9a5izAM52TH9AAAAAAA&expiration=1681621867&nuid=FF09AA58-1503-42BF-8E33-1E572C4BDDC2&is_secure=true&gdpr_consent=&gdpr=0 cache-control no-cache, private, max-age=0, no-store content-length 0 expires 0
GET		apn ads.playground.xyz/usersync/ Frame 09B5	0 0
GET H2	200	syncframe Show response gum.criteo.com/ Frame 4599	15 KB 6 KB	242ms 85ms	Document text/html	2406:2600:7:100::9
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pastelink.net Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2406:2600:7:100::9 -, , ASN (), Reverse DNS Software Kestrel / Resource Hash 117ef3d1ce1e9b17d0c9106d6c753959d0dc1703a290646cd7d2d96edd47e838 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://pastelink.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers cache-control private, max-age=3600 content-encoding gzip content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sat, 15 Apr 2023 05:11:07 GMT server Kestrel server-processing-duration-in-ticks 880387 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	publishertag.prebid.123.js Show response static.criteo.net/js/ld/	87 KB 28 KB	14ms 6ms	XHR text/javascript	2406:2600:7:100::1
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.123.js Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2406:2600:7:100::1 -, , ASN (), Reverse DNS Software nginx / Resource Hash 3af1a442285e2530e69db134638ec9305ab0abf88e5ef5248bb9b8f1903a8bd4 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language zh-SG,zh;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 Apr 2023 05:11:07 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Thu, 06 Apr 2023 09:31:17 GMT server nginx etag W/"642e9165-15b5c" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Sun, 16 Apr 2023 05:11:07 GMT
GET		sid mug.criteo.com/ Frame 4599 Redirect Chain https://gum.criteo.com/sid/json?origin=publishertag&domain=pastelink.net&sn=ChromeSyncframe&so=0&topUrl=pastelink.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 https://mug.criteo.com/sid?cpp=eiekfnwwek53MVNFTGdDUk9PTzFtWENrWi9CSHhCOG9pTTZmYi9NTmRpdExZU0p6TTJZaHEwTWxzSFlLalV0L0VNakQ4aUVhZVM2RitRYm9ybktGYjFuN1pxbFJwSTRHRG9GeGpSZG1xTEFDVXB1U29ZK00yM1FnQzJFdl...	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

sync-tm.everesttech.net

URL

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=

Domain

cm.ambientdsp.com

URL

https://cm.ambientdsp.com/cm/send?vc=pmj

Domain

dis.criteo.com

URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Domain

sync.srv.stackadapt.com

URL

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=

Domain

cm-supply-web.gammaplatform.com

URL

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel

Domain

gocm.c.appier.net

URL

https://gocm.c.appier.net/pubmatic

Domain

sync-dsp.ad-m.asia

URL

https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D

Domain

csync.loopme.me

URL

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}

Domain

core.iprom.net

URL

https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=

Domain

match.deepintent.com

URL

https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=

Domain

sync.crwdcntrl.net

URL

https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=FF09AA58-1503-42BF-8E33-1E572C4BDDC2&gdpr=0&gdpr_consent=

Domain

uipglob.semasio.net

URL

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=FF09AA58-1503-42BF-8E33-1E572C4BDDC2&sInitiator=external&gdpr=0&gdpr_consent=

Domain

ups.analytics.yahoo.com

URL

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=FF09AA58-1503-42BF-8E33-1E572C4BDDC2&redir=true&gdpr=0&gdpr_consent=

Domain

pool.admedo.com

URL

https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=e9b38147-c76d-4d7d-8ee0-c36d0a1195f1

Domain

ads.playground.xyz

URL

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID

Domain

mug.criteo.com

URL

https://mug.criteo.com/sid?cpp=eiekfnwwek53MVNFTGdDUk9PTzFtWENrWi9CSHhCOG9pTTZmYi9NTmRpdExZU0p6TTJZaHEwTWxzSFlLalV0L0VNakQ4aUVhZVM2RitRYm9ybktGYjFuN1pxbFJwSTRHRG9GeGpSZG1xTEFDVXB1U29ZK00yM1FnQzJFdlNPSHlYeUp5RVY4WDRQSGh4ajhSQVBQejFyNSs5TFNtUWRlcUdGS0xRNGU3QWFlWGNDSDZKTEFrc2NRS1plcHpGT29wM3JzQUpFOEQ2eDY0ZldidnVvYWorb01NR3ArczJDb0Z5UlZnVkQyQTBJT250SXV5ZkJhd0hFSTAzdWlxSEVlUUVYUDY5Ukc1ODFDbkJuWE1CZXJCTUtaNjNDUT09fA&cppv=2