urlscan.io logo urlscan.io
SecurityTrails logo

pastebin.com Open in urlscan Pro
2606:4700:10::ac43:22aa  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://crypto.refund.gift/
Effective URL: https://pastebin.com/aR3KSyku
Submission: On August 30 via api from US — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 85 IPs in 12 countries across 81 domains to perform 288 HTTP transactions. The main IP is 2606:4700:10::ac43:22aa, located in United States and belongs to CLOUDFLARENET, US. The main domain is pastebin.com. The Cisco Umbrella rank of the primary domain is 61915.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 17th 2023. Valid for: a year.
This is the only time pastebin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 95.215.19.22 39287 (ABSTRACT)
19 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
7 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
3 52.222.136.109 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
8 46.228.174.115 56396 (AMOBEE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
6 103.132.192.30 138552 (RTBHOUSE-...)
1 23.218.209.56 16625 (AKAMAI-AS)
3 69.166.1.64 27630 (AS-XFERNET)
14 2606:4700:10:... 13335 (CLOUDFLAR...)
5 185.86.138.122 201081 (SMARTADSE...)
4 13 185.89.210.180 29990 (ASN-APPNEX)
6 18.65.37.219 16509 (AMAZON-02)
32 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
1 2600:9000:210... 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
4 141.95.33.111 16276 (OVH)
3 3.71.149.231 16509 (AMAZON-02)
1 4 2a02:2638:d::d 44788 (ASN-CRITE...)
13 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 178.250.1.11 44788 (ASN-CRITE...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 3 2a00:1450:400... 15169 (GOOGLE)
1 2620:1ec:bdf::45 8075 (MICROSOFT...)
1 3 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 184.30.16.183 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 146.75.118.132 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
2 184.30.17.67 16625 (AKAMAI-AS)
1 184.30.25.193 16625 (AKAMAI-AS)
2 70.42.32.255 13789 (INTERNAP-...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 151.101.193.108 54113 (FASTLY)
1 23.192.153.172 16625 (AKAMAI-AS)
1 77.245.57.72 36057 (WEBAIR-IN...)
11 12 142.250.186.162 15169 (GOOGLE)
7 69.166.1.67 27630 (AS-XFERNET)
1 1 52.54.83.136 14618 (AMAZON-AES)
1 2001:678:cb4:... 56396 (AMOBEE)
2 2 3.120.67.215 16509 (AMAZON-02)
1 1 3.139.248.229 16509 (AMAZON-02)
1 2 34.254.142.64 16509 (AMAZON-02)
2 2 193.0.160.130 54312 (ROCKETFUEL)
5 8 3.127.240.172 16509 (AMAZON-02)
1 4 52.95.126.160 16509 (AMAZON-02)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 34.98.64.218 396982 (GOOGLE-CL...)
1 159.89.246.130 14061 (DIGITALOC...)
5 15.197.193.217 16509 (AMAZON-02)
3 9 76.223.111.18 16509 (AMAZON-02)
1 2 208.93.169.131 46244 (WEBMD-IDC...)
1 141.95.98.64 16276 (OVH)
1 216.52.2.16 32475 (SINGLEHOP...)
2 2 188.42.34.65 7979 (SERVERS-COM)
1 1 3.215.105.116 14618 (AMAZON-AES)
1 2600:9000:25e... 16509 (AMAZON-02)
1 3.78.17.163 16509 (AMAZON-02)
2 9 185.80.39.216 27381 (CASALE-MEDIA)
2 184.30.16.195 16625 (AKAMAI-AS)
1 51.75.86.98 16276 (OVH)
1 1 46.228.174.117 56396 (AMOBEE)
1 44.194.237.52 14618 (AMAZON-AES)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 35.210.239.72 19527 (GOOGLE-2)
2 2a05:d018:d29... 16509 (AMAZON-02)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2 178.250.7.11 44788 (ASN-CRITE...)
2 198.47.127.19 3257 (GTT-BACKB...)
1 2 52.46.143.56 16509 (AMAZON-02)
1 1 34.95.81.168 396982 (GOOGLE-CL...)
2 2 52.31.195.171 16509 (AMAZON-02)
1 1 141.226.228.48 200478 (TABOOLA-AS)
2 2 2620:116:800d... 16509 (AMAZON-02)
7 185.64.190.80 62713 (AS-PUBMATIC)
4 198.47.127.205 3257 (GTT-BACKB...)
1 2 34.252.126.23 16509 (AMAZON-02)
1 2 34.111.129.221 396982 (GOOGLE-CL...)
3 4 44.209.220.96 14618 (AMAZON-AES)
3 4 37.157.6.232 198622 (ADFORM)
1 35.204.158.49 396982 (GOOGLE-CL...)
1 198.47.127.20 ()
1 1 85.114.159.118 ()
1 1 54.160.104.91 ()
1 2 151.101.130.49 ()
1 1 82.145.213.8 ()
1 2606:4700:10:... ()
1 2 77.243.51.122 ()
2 2 15.235.15.221 ()
1 2a02:fa8:8806... ()
1 1 2001:678:cb4:... ()
1 1 188.166.17.21 ()
288 85
1    95.215.19.22 (Finland)

ASN39287 (ABSTRACT, FI)
crypto.refund.gift
19    2606:4700:10::ac43:22aa (United States)

ASN13335 (CLOUDFLARENET, US)
pastebin.com
1    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    2606:4700:10::ac43:15e3 (United States)

ASN13335 (CLOUDFLARENET, US)
services.vlitag.com
dsp.vlitag.com
assets.vlitag.com
1    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
13    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    52.222.136.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-136-109.ams50.r.cloudfront.net
c.amazon-adsystem.com
3    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
8    46.228.174.115 (United Kingdom)

ASN56396 (AMOBEE, GB)
targeting.unrulymedia.com
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
6    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
1    23.218.209.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-56.deploy.static.akamaitechnologies.com
a.teads.tv
3    69.166.1.64 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
14    2606:4700:10::6816:2460 (United States)

ASN13335 (CLOUDFLARENET, US)
useast.quantumdex.io
sync.quantumdex.io
5    185.86.138.122 (France)

ASN201081 (SMARTADSERVER, FR)
prg-apac.smartadserver.com
13    185.89.210.180 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
ams3-ib.adnxs.com
6    18.65.37.219 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-37-219.ams1.r.cloudfront.net
aax.amazon-adsystem.com
32    2606:4700:3030::6815:5286 (United States)

ASN13335 (CLOUDFLARENET, US)
px.vliplatform.com
static.vliplatform.com
1    2606:4700::6812:1691 (United States)

ASN13335 (CLOUDFLARENET, US)
cadmus.script.ac
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2600:9000:2104:e00:10:dd8:5e40:93a1 (United States)

ASN16509 (AMAZON-02, US)
connectid.analytics.yahoo.com
6    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
5    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
4    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
id5-sync.com
3    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
4    2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
13    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
10    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    2606:4700:20::681a:fa7 (United States)

ASN13335 (CLOUDFLARENET, US)
adsystem.pocpoc.io
2    2606:4700:20::681a:ea7 (United States)

ASN13335 (CLOUDFLARENET, US)
px.pocpoc.io
3    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
adsdk.microsoft.com
3    2a02:26f0:3500:1b::1724:a39e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.bing.com
1    184.30.16.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-183.deploy.static.akamaitechnologies.com
cdn.adnxs.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4009:827::2003 (London, United Kingdom)

ASN15169 (GOOGLE, US)
csi.gstatic.com
2    146.75.118.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
odb.outbrain.com
2    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    184.30.17.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-67.deploy.static.akamaitechnologies.com
widgets.outbrain.com
1    184.30.25.193 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-25-193.deploy.static.akamaitechnologies.com
images.outbrainimg.com
2    70.42.32.255 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
log.outbrainimg.com
mcdp-nydc1.outbrain.com
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
id.a-mx.com
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    23.192.153.172 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-153-172.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
12    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
7    69.166.1.67 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    52.54.83.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-83-136.compute-1.amazonaws.com
nep.advangelists.com
1    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
2    3.120.67.215 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-67-215.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
1    3.139.248.229 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-139-248-229.us-east-2.compute.amazonaws.com
x.videobyte.com
2    34.254.142.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-142-64.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
8    3.127.240.172 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-240-172.eu-central-1.compute.amazonaws.com
x.bidswitch.net
4    52.95.126.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
1    159.89.246.130 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
e.serverbid.com
5    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
9    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
1    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
lb.eu-1-id5-sync.com
1    216.52.2.16 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
2    188.42.34.65 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    3.215.105.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-105-116.compute-1.amazonaws.com
ssp.disqus.com
1    2600:9000:25e8:ba00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    3.78.17.163 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-78-17-163.eu-central-1.compute.amazonaws.com
match.sharethrough.com
9    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
2    184.30.16.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-195.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
1    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
1    44.194.237.52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-237-52.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    35.210.239.72 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 72.239.210.35.bc.googleusercontent.com
u.ipw.metadsp.co.uk
2    2a05:d018:d29:3605:f821:c088:dfda:b5f7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
2    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    34.95.81.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
2    52.31.195.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-195-171.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
2    2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
7    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
4    198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image2.pubmatic.com
2    34.252.126.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-126-23.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
4    44.209.220.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-220-96.compute-1.amazonaws.com
a.audrte.com
4    37.157.6.232 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
1    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
1    198.47.127.20 (None, )

ASN- ()
simage4.pubmatic.com
1    85.114.159.118 (None, )

ASN- ()
dsp.adfarm1.adition.com
1    54.160.104.91 (None, )

ASN- ()
sync.srv.stackadapt.com
2    151.101.130.49 (None, )

ASN- ()
sync-tm.everesttech.net
1    82.145.213.8 (None, )

ASN- ()
t.adx.opera.com
1    2606:4700:10::6816:1957 (None, )

ASN- ()
mwzeom.zeotap.com
2    77.243.51.122 (None, )

ASN- ()
uipglob.semasio.net
2    15.235.15.221 (None, )

ASN- ()
pixel.onaudience.com
1    2a02:fa8:8806:20::2010 (None, )

ASN- ()
pubmatic-match.dotomi.com
1    2001:678:cb4:bbbb::11 (None, )

ASN- ()
ad.turn.com
1    188.166.17.21 (None, )

ASN- ()
match.adsby.bidtheatre.com
Apex Domain
Subdomains		 Transfer
32 vliplatform.com
px.vliplatform.com — Cisco Umbrella Rank: 29187
static.vliplatform.com — Cisco Umbrella Rank: 134373
21 KB
27 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
cm.g.doubleclick.net — Cisco Umbrella Rank: 237
277 KB
24 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107
bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 150
111 KB
19 pastebin.com
pastebin.com — Cisco Umbrella Rank: 61915
248 KB
16 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 513
image6.pubmatic.com — Cisco Umbrella Rank: 752
simage2.pubmatic.com — Cisco Umbrella Rank: 794
image2.pubmatic.com — Cisco Umbrella Rank: 895
simage4.pubmatic.com
30 KB
15 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 239
cdn.adnxs.com — Cisco Umbrella Rank: 1635
ams3-ib.adnxs.com — Cisco Umbrella Rank: 7587
acdn.adnxs.com — Cisco Umbrella Rank: 578
55 KB
15 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 327
aax.amazon-adsystem.com — Cisco Umbrella Rank: 404
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1076
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
70 KB
14 quantumdex.io
useast.quantumdex.io — Cisco Umbrella Rank: 17132
sync.quantumdex.io — Cisco Umbrella Rank: 2704
3 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 405
219 KB
10 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 2042
sync.go.sonobi.com — Cisco Umbrella Rank: 929
8 KB
9 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 475
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590
8 KB
9 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 388
4 KB
8 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 342
2 KB
8 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 19218
creativecdn.com — Cisco Umbrella Rank: 570
2 KB
8 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 787
637 B
7 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 426
mug.criteo.com — Cisco Umbrella Rank: 2631
dis.criteo.com — Cisco Umbrella Rank: 596
8 KB
7 vlitag.com
services.vlitag.com — Cisco Umbrella Rank: 34154
dsp.vlitag.com — Cisco Umbrella Rank: 51422
assets.vlitag.com — Cisco Umbrella Rank: 42935
368 KB
6 yahoo.com
connectid.analytics.yahoo.com — Cisco Umbrella Rank: 8647
ups.analytics.yahoo.com — Cisco Umbrella Rank: 326
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 451
9 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 348
1 KB
5 outbrain.com
odb.outbrain.com — Cisco Umbrella Rank: 2535
widgets.outbrain.com — Cisco Umbrella Rank: 1569
mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 6014
20 KB
5 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 755
id5-sync.com — Cisco Umbrella Rank: 400
29 KB
5 smartadserver.com
prg-apac.smartadserver.com — Cisco Umbrella Rank: 11114
2 KB
4 adform.net
dmp.adform.net — Cisco Umbrella Rank: 3237
c1.adform.net — Cisco Umbrella Rank: 591
3 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2537
3 KB
4 bing.com
www.bing.com — Cisco Umbrella Rank: 75
c.bing.com — Cisco Umbrella Rank: 236
7 KB
4 pocpoc.io
adsystem.pocpoc.io — Cisco Umbrella Rank: 50804
px.pocpoc.io — Cisco Umbrella Rank: 53038
2 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 320
12 KB
2 onaudience.com
pixel.onaudience.com
972 B
2 semasio.net
uipglob.semasio.net
1 KB
2 everesttech.net
sync-tm.everesttech.net
794 B
2 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 25640
497 B
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 795
484 B
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 756
1 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 564
1 KB
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1532
1 KB
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 551
1 KB
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 812
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 223
2 KB
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1061
1 KB
2 turn.com
d.turn.com — Cisco Umbrella Rank: 1356
ad.turn.com
518 B
2 outbrainimg.com
images.outbrainimg.com — Cisco Umbrella Rank: 2271
log.outbrainimg.com — Cisco Umbrella Rank: 2666
18 KB
2 gstatic.com
fonts.gstatic.com
csi.gstatic.com
34 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 214
114 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 41
2 KB
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1471
26 KB
1 bidtheatre.com
match.adsby.bidtheatre.com
555 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 zeotap.com
mwzeom.zeotap.com
439 B
1 opera.com
t.adx.opera.com
553 B
1 stackadapt.com
sync.srv.stackadapt.com
1 KB
1 adition.com
dsp.adfarm1.adition.com
524 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 791
612 B
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 998
178 B
1 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 22387
244 B
1 metadsp.co.uk
u.ipw.metadsp.co.uk — Cisco Umbrella Rank: 4628
239 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 365
651 B
1 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2190
368 B
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 561
194 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 736
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 558
35 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 753
242 B
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1334
283 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 659
277 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 936
399 B
1 serverbid.com
e.serverbid.com — Cisco Umbrella Rank: 2938
280 B
1 openx.net
us-u.openx.net — Cisco Umbrella Rank: 478
304 B
1 videobyte.com
x.videobyte.com — Cisco Umbrella Rank: 3880
231 B
1 advangelists.com
nep.advangelists.com — Cisco Umbrella Rank: 2811
184 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1651
160 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 631
451 B
1 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 1809
545 B
1 microsoft.com
adsdk.microsoft.com — Cisco Umbrella Rank: 4491
34 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 603
13 KB
1 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 1754
437 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1457
378 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
251 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
82 KB
1 refund.gift
crypto.refund.gift
67 B
0 bnmla.com Failed
match.bnmla.com Failed
0 smrtb.com Failed
ssl-market-east.smrtb.com Failed
288 81
Domain Requested by
31 px.vliplatform.com
19 pastebin.com pastebin.com
13 tpc.googlesyndication.com securepubads.g.doubleclick.net
pastebin.com
bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
tpc.googlesyndication.com
13 securepubads.g.doubleclick.net services.vlitag.com
securepubads.g.doubleclick.net
bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
12 cm.g.doubleclick.net 11 redirects eb2.3lift.com
10 cdn.ampproject.org bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
10 ib.adnxs.com 4 redirects assets.vlitag.com
acdn.adnxs.com
9 eb2.3lift.com 3 redirects sync.quantumdex.io
eb2.3lift.com
8 x.bidswitch.net 5 redirects eb2.3lift.com
8 sync.quantumdex.io assets.vlitag.com
sync.quantumdex.io
ssum-sec.casalemedia.com
ads.pubmatic.com
8 targeting.unrulymedia.com assets.vlitag.com
7 simage2.pubmatic.com ads.pubmatic.com
7 sync.go.sonobi.com
6 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
6 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 aax.amazon-adsystem.com c.amazon-adsystem.com
6 useast.quantumdex.io assets.vlitag.com
6 prebid-asia.creativecdn.com assets.vlitag.com
5 match.adsrvr.org eb2.3lift.com
ssum-sec.casalemedia.com
ads.pubmatic.com
5 bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 prg-apac.smartadserver.com assets.vlitag.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 image2.pubmatic.com ads.pubmatic.com
4 aax-eu.amazon-adsystem.com 1 redirects ads.pubmatic.com
4 gum.criteo.com 1 redirects static.criteo.net
assets.vlitag.com
4 id5-sync.com cdn.id5-sync.com
assets.vlitag.com
sync.quantumdex.io
4 services.vlitag.com pastebin.com
services.vlitag.com
3 c1.adform.net 2 redirects ads.pubmatic.com
3 ssum-sec.casalemedia.com 1 redirects sync.quantumdex.io
ssum-sec.casalemedia.com
3 ams3-ib.adnxs.com bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
cdn.adnxs.com
3 www.bing.com 1 redirects bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
3 www.google.com 2 redirects tpc.googlesyndication.com
3 ups.analytics.yahoo.com connectid.analytics.yahoo.com
ads.pubmatic.com
3 apex.go.sonobi.com assets.vlitag.com
3 cdn.jsdelivr.net assets.vlitag.com
securepubads.g.doubleclick.net
pastebin.com
3 c.amazon-adsystem.com services.vlitag.com
c.amazon-adsystem.com
2 pixel.onaudience.com 2 redirects
2 uipglob.semasio.net 1 redirects
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 cr.frontend.weborama.fr 1 redirects ads.pubmatic.com
2 sync.crwdcntrl.net 1 redirects ads.pubmatic.com
2 cms.quantserve.com 2 redirects
2 match.prod.bidr.io 2 redirects ads.pubmatic.com
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 image6.pubmatic.com ads.pubmatic.com
2 dis.criteo.com 2 redirects
2 pr-bh.ybp.yahoo.com eb2.3lift.com
ads.pubmatic.com
2 ads.pubmatic.com sync.quantumdex.io
ads.pubmatic.com
2 ads.betweendigital.com 2 redirects
2 bh.contextweb.com 1 redirects
2 creativecdn.com 2 redirects
2 p.rfihub.com 2 redirects
2 dpm.demdex.net 1 redirects
2 rtb.mfadsrvr.com 2 redirects
2 widgets.outbrain.com pastebin.com
2 googleads.g.doubleclick.net bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
2 odb.outbrain.com static.vliplatform.com
2 px.pocpoc.io
2 adsystem.pocpoc.io dsp.vlitag.com
2 www.googletagservices.com pastebin.com
bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
2 fonts.googleapis.com bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
2 script.4dex.io assets.vlitag.com
script.4dex.io
2 assets.vlitag.com services.vlitag.com
1 match.adsby.bidtheatre.com 1 redirects
1 ad.turn.com 1 redirects
1 pubmatic-match.dotomi.com
1 mwzeom.zeotap.com
1 t.adx.opera.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 simage4.pubmatic.com ads.pubmatic.com
1 um.simpli.fi ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 sync.taboola.com 1 redirects
1 euexchangesync.digitaleast.mobi 1 redirects
1 c.bing.com eb2.3lift.com
1 u.ipw.metadsp.co.uk 1 redirects
1 px.ads.linkedin.com eb2.3lift.com
1 cs-server-s2s.yellowblue.io sync.quantumdex.io
1 sync.1rx.io 1 redirects
1 onetag-sys.com sync.quantumdex.io
1 match.sharethrough.com sync.quantumdex.io
1 s.ad.smaato.net sync.quantumdex.io
1 ssp.disqus.com 1 redirects
1 ap.lijit.com sync.quantumdex.io
1 lb.eu-1-id5-sync.com assets.vlitag.com
1 e.serverbid.com
1 us-u.openx.net
1 x.videobyte.com 1 redirects
1 d.turn.com
1 nep.advangelists.com 1 redirects
1 sync.adkernel.com
1 tags.bluekai.com
1 acdn.adnxs.com assets.vlitag.com
1 id.a-mx.com assets.vlitag.com
1 mcdp-nydc1.outbrain.com
1 log.outbrainimg.com
1 images.outbrainimg.com pastebin.com
1 csi.gstatic.com securepubads.g.doubleclick.net
1 static.vliplatform.com dsp.vlitag.com
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.adnxs.com bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
1 adsdk.microsoft.com bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
1 mug.criteo.com
1 connectid.analytics.yahoo.com securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 cadmus.script.ac script.4dex.io
1 a.teads.tv assets.vlitag.com
1 dsp.vlitag.com services.vlitag.com
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com pastebin.com
1 crypto.refund.gift 1 redirects
0 match.bnmla.com Failed
0 ssl-market-east.smrtb.com Failed
288 115

This site contains links to these domains. Also see Links.

Domain
facebook.com
twitter.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-17 -
2024-05-16		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
vlitag.com
GTS CA 1P5		 2023-07-31 -
2023-10-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-10 -
2024-05-10		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
teads.tv
R3		 2023-06-26 -
2023-09-24		 3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
script.ac
E1		 2023-07-05 -
2023-10-03		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
connectid.analytics.yahoo.com
GlobalSign ECC OV SSL CA 2018		 2023-08-15 -
2024-02-08		 6 months crt.sh
*.id5-sync.com
R3		 2023-08-22 -
2023-11-20		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
pocpoc.io
GTS CA 1P5		 2023-07-24 -
2023-10-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
adsdk.microsoft.com
Microsoft Azure TLS Issuing CA 05		 2023-04-07 -
2024-04-01		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.outbrain.com
R3		 2023-07-25 -
2023-10-23		 3 months crt.sh
r.bing.com
Microsoft RSA TLS CA 01		 2022-11-15 -
2023-11-15		 a year crt.sh
*.outbrainimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-02 -
2024-03-02		 a year crt.sh
a-mx.com
E1		 2023-08-27 -
2023-11-25		 3 months crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.turn.com
RapidSSL TLS RSA CA G1		 2023-03-22 -
2024-03-31		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.consumableaudio.com
R3		 2023-08-15 -
2023-11-13		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-08-22 -
2023-11-20		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
s.ad.smaato.net
Amazon RSA 2048 M01		 2023-07-23 -
2024-08-20		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-06-02 -
2023-12-02		 6 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 05		 2023-07-26 -
2024-01-22		 6 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh

This page contains 33 frames:

Primary Page: https://pastebin.com/aR3KSyku
Frame ID: 002550C5AB1068BEAA2E973E19A8A09B
Requests: 156 HTTP requests in this frame

Frame: https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9FB7A9D225639DB3C8E572327D7B276A
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=pastebin.com
Frame ID: 802091DBF7F4A1C13FE0EBBFA5F43BB5
Requests: 2 HTTP requests in this frame

Frame: https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 65632063F88E82DEB893A90A4BDFB5BE
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Frame ID: DDD154E2CC4BCD6EDBA21538C8206AC7
Requests: 5 HTTP requests in this frame

Frame: https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C2C7EE584DB2C3264E73D9AB4F2865E6
Requests: 15 HTTP requests in this frame

Frame: https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D642A58FCC3FBCE9749A5E03EDACB899
Requests: 1 HTTP requests in this frame

Frame: https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BEBE7607A7E87CB8EDE41AE2983F8C34
Requests: 14 HTTP requests in this frame

Frame: https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 39F5854D52EBC58EC169909909DD7D35
Requests: 13 HTTP requests in this frame

Frame: https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 727DC6D985241F9C01CB1C57F2254C33
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0038E2F62CB7DBA2745876BA4EBA9DE7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 77ECB0F4C6F316AD38D4F9436242C4CE
Requests: 2 HTTP requests in this frame

Frame: https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.svg
Frame ID: 59E62E5998116B2517AB40F9959F2AE3
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 978C868DC3E7C3C741C65D675186BB94
Requests: 3 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: DD7F9161EDCE1DB8659A159E80CD010A
Requests: 8 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: C6C6334A0CFD95842B8AAF92D0FF2CCB
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: A51678F7803E819035BB8E2D757F5628
Requests: 22 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Frame ID: B590A6E9DD78BE296869FF84BDA79468
Requests: 11 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 1B4AAC6948501331983BD40E04CAD2AE
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Frame ID: FAF200EDB188CBC24F89260D3ACF35F6
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Frame ID: 3CFAD07D76C090000EFD5A10FB9636E8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 97F6F10C676946BC66A1AA68EA1FED30
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=FCBC7E92-1BAA-4636-BFFD-6B27971BE08F&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 876BAA99222450E0A8BAD4FA8177673E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=DK77zVn7qpMX-PqZDK2zmgr5q80XrazNC_8p977w
Frame ID: 5D91474930220614AF5A5EC4CE617430
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=FCBC7E92-1BAA-4636-BFFD-6B27971BE08F
Frame ID: 2BAD9243BB7C4763F6A4C67FB48B4654
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=FCBC7E92-1BAA-4636-BFFD-6B27971BE08F&gdpr=0&gdpr_consent=
Frame ID: 53DE305107BCC73C01F6A22484C214AC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=424240527290892259&gdpr=0&gdpr_consent=
Frame ID: B8847A5ED2BA864BC9845AA5B2E7F402
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7273254346710579352&gdpr=0&gdpr_consent=
Frame ID: 06949213D1A19F195A409D6ED94B8AFB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=fIJozsKJUHtfNylUxC2Yl7nMAbY&gdpr=0&gdpr_consent=
Frame ID: 0B6DCF9E82A2187FB6A5CB9C14EBAC5F
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZO-KSwAAAeVJGwA4
Frame ID: 5561D9F95BF7CE0CE260E4A8D4888528
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUad89c3b983ec46c4b8914f44f87a4c0a
Frame ID: 5D0109AE0D7F503A337A558EB5236ED1
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=7762118876420507108&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAHdvk7J35UAACUX7sfYQQ&pid=558502&do=add&gdpr=0
Frame ID: 57753293D84E0192D03DEE19B69EA9E6
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=FCBC7E92-1BAA-4636-BFFD-6B27971BE08F
Frame ID: 9B0311A79860D4C6F713460F5660DBEA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Interpol cryptocurrency safety deposit addresses. - Pastebin.com

Page URL History Show full URLs

  1. https://crypto.refund.gift/ HTTP 302
    https://pastebin.com/aR3KSyku Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

288
Requests

84 %
HTTPS

36 %
IPv6

81
Domains

115
Subdomains

85
IPs

12
Countries

1837 kB
Transfer

5430 kB
Size

91
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://crypto.refund.gift/ HTTP 302
    https://pastebin.com/aR3KSyku Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 140
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=pastebin.com&sn=ChromeSyncframe&so=0&topUrl=pastebin.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=xiL5N3x4TTY2MGFNY1Q0R1RpdXV2Wks2VklMQW51L1U2TWkwOGk1aVRmMGhjWFJMK0pzM21GM1M1T2k3VXM1T0dvM2hWUGNkRXJ1aEFjcUhCQVh2Q3BYMnFmd3QvUDh2MkU4MS84MjFsT1FXTWVSNjE4eGFtV0dKbW9sUDNWbHdzdTByU2dBVFBoWENaYlRrTHVlMjZ3blBYUHBTcy9IaGh4K0F0MmY2MWNZa0E2dTdXY3lIN3o2QmNVUXNJYW9odHdtbjJiRjRpd2NIbiswZVI2UnYrSTh1aTg3b3YycFpBSFUxU1hOODBDNVpiZWdLbEE2KzRjT0tNT0xFeW03aGplK0trK29oSW5PVENmRnd0a005ZzRUcm1aZz09fA&cppv=2
Request Chain 147
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=624281d0-17a3-406d-8bbe-80a80e9d2900&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=d639f089-3685-4ae9-8b0a-f2939fa00912&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D33e2f0d9b9e54d91a4d4710f5974bbfe%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=pbageby&aid=6311346564048782338 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=33e2f0d9b9e54d91a4d4710f5974bbfe&SNR=1&GV=2&med=10
Request Chain 175
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 176
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 205
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=ZGExZDc2YjItMThhMS00YzUxLTlkMjMtNTNiYjIyODAyMGU1 HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEMeRWCRkERveJcGp_0O5qxw&google_cver=1
Request Chain 206
  • https://nep.advangelists.com/xp/user-sync?acctid=255&redirect=https://sync.go.sonobi.com/us.gif?nw=av&nuid=$UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=av
Request Chain 209
  • https://rtb.mfadsrvr.com/sync?ssp=sonobi&ssp_user_id=${userid} HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sonobi&ssp_user_id=${userid} HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=f0b1844a9b&nuid=700a05bc-23d8-42c1-98b5-8b83adc400eb
Request Chain 210
  • https://x.videobyte.com/setuid?bidder=sonobi&uid=da1d76b2-18a1-4c51-9d23-53bb228020e5&cb=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dvb%26nuid%3D%24UID HTTP 301
  • https://sync.go.sonobi.com/us.gif?nw=vb&nuid=cf8c59de-a379-40d2-a293-c5d9a5bc15b6
Request Chain 211
  • https://dpm.demdex.net/ibs:dpid=87880&dpuuid=da1d76b2-18a1-4c51-9d23-53bb228020e5 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=da1d76b2-18a1-4c51-9d23-53bb228020e5
Request Chain 212
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5140084926952608988
Request Chain 213
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=424240527290892259
Request Chain 214
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=d23b3493-e95c-4684-8c90-5dfa11688cf5&google_hm=ZDIzYjM0OTMtZTk1Yy00Njg0LThjOTAtNWRmYTExNjg4Y2Y1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDn2P2y_OYZRGBe6MZ8ZY4I&google_cver=1&ssp=sonobi&bsw_param=d23b3493-e95c-4684-8c90-5dfa11688cf5
Request Chain 216
  • https://creativecdn.com/cm-notify?pi=sonobi HTTP 302
  • https://creativecdn.com/cm-notify?pi=sonobi&tc=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=IZAB1KhSu9MmI8Mf5yra&pi=sonobi&tc=1
Request Chain 222
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=da1d76b2-18a1-4c51-9d23-53bb228020e5&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=bkJvZE9FLVdSbVRnbG9IbS1ZMFplUQ&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEKoPPM7H_SoDlIIUiZHA2bY&google_cver=1
Request Chain 225
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1&rts=3476257367284379616 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=b7fe8a0a-186c-52f3-b9b7-907fdd585a37
Request Chain 226
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-cea27d48-e082-3e52-91da-12c4fe24bb16
Request Chain 227
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=424240527290892259
Request Chain 231
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Request Chain 233
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID HTTP 302
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Request Chain 235
  • https://sync.1rx.io/usersync2/rmphb?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Request Chain 240
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDMzNzcyOTUzMDczMjAxNzkyNDk1OA%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 241
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEP2FtfflOPBAS3l9hjK9Zl4&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 242
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDMzNzcyOTUzMDczMjAxNzkyNDk1OA%3D%3D
Request Chain 244
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=4337729530732017924958&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=4337729530732017924958&gdpr=0&gdpr_consent= HTTP 302
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&bsw_user_id=${BSW_USER_UD}&bsw_param=26581def-b290-4fba-a25b-93979ddde889&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=triplelift&bsw_param=26581def-b290-4fba-a25b-93979ddde889
Request Chain 247
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b HTTP 302
  • https://eb2.3lift.com/xuid?mid=2711&xuid=b2855a24-9742-468b-b635-9a8abac993bc&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 248
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=424240527290892259&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 250
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZO_KSLGSBrnJCrP3qXO8RQAAFDEAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZO_KSLGSBrnJCrP3qXO8RQAAFDEAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 251
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZO_KSLGSBrnJCrP3qXO8RQAAFDEAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHi1iOokUd8buoAL4oMjXBA&google_cver=1
Request Chain 252
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZO-KSLGSBrnJCrP3qXO8RQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIDO4MrjqYPBWQt8buyYFrk&google_cver=1
Request Chain 254
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
Request Chain 255
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHdvk7J35UAACUX7sfYQQ&expiration=1694646088
Request Chain 256
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZO-KSLGSBrnJCrP3qXO8RQAA%265169&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=8b5de979-58cf-49a3-b1c5-11305f147971-tuctbe94fc8
Request Chain 257
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=su6g2ue78YSpuPCMsu7ojLS89omp7_OPvezTlj8r
Request Chain 259
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 260
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=FCBC7E92-1BAA-4636-BFFD-6B27971BE08F&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=FCBC7E92-1BAA-4636-BFFD-6B27971BE08F&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 261
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=DK77zVn7qpMX-PqZDK2zmgr5q80XrazNC_8p977w
Request Chain 263
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_Lx-khuqRja__Wsnlxvgjw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 265
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=416317473
Request Chain 266
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=FCBC7E92-1BAA-4636-BFFD-6B27971BE08F HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=aWdla2c5NHQtenZTd2lQUGdpemlLTFNZUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=8656571498206142987&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 267
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkNCQzdFOTItMUJBQS00NjM2LUJGRkQtNkIyNzk3MUJFMDhG&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 268
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEH8VRbqsYTXAnvti_3Yxmoo&google_cver=1
Request Chain 271
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8656571498206142987
Request Chain 278
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=424240527290892259&gdpr=0&gdpr_consent=
Request Chain 279
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7273254346710579352&gdpr=0&gdpr_consent=
Request Chain 280
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=fIJozsKJUHtfNylUxC2Yl7nMAbY&gdpr=0&gdpr_consent=
Request Chain 281
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZO-KSwAAAeVJGwA4
Request Chain 282
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUad89c3b983ec46c4b8914f44f87a4c0a
Request Chain 283
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFIZHZrN0ozNVVBQUNVWDdzZllRUQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAHdvk7J35UAACUX7sfYQQ&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=7762118876420507108&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAHdvk7J35UAACUX7sfYQQ&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D7762118876420507108%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=7762118876420507108&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAHdvk7J35UAACUX7sfYQQ&pid=558502&do=add&gdpr=0
Request Chain 286
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=FCBC7E92-1BAA-4636-BFFD-6B27971BE08F&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=FCBC7E92-1BAA-4636-BFFD-6B27971BE08F&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 287
  • https://pixel.onaudience.com/?partner=214&mapped=FCBC7E92-1BAA-4636-BFFD-6B27971BE08F&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=d5079c8d1e37a0bd/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Request Chain 288
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5140084926952608988&expires=30&ssp=pubmatic
Request Chain 290
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4457718765592940340&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 291
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:9368e341-7280-482d-80a4-39648b4fe900&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

288 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request aR3KSyku
pastebin.com/
Redirect Chain
  • https://crypto.refund.gift/
  • https://pastebin.com/aR3KSyku
21 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pastebin.com/aR3KSyku
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:22aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83663508e7a30ec49d105e45cd74305f82fbcf2e11c4be1d67093e0fa010498c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1;mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7ff0a7c26b87d97f-HEL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 23:01:23 GMT
server
cloudflare
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1;mode=block

Redirect headers

content-length
0
date
Wed, 30 Aug 2023 23:01:22 GMT
location
https://pastebin.com/aR3KSyku
js
www.googletagmanager.com/gtag/ 		236 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-S72LBY47R8
Requested by
Host: pastebin.com
URL: https://pastebin.com/aR3KSyku
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
705d4c9f7c4f6624847b955adacc53eabf960fc8b1d0d1a9659973df8eea9250
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83526
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 30 Aug 2023 23:01:23 GMT
bootstrap.min.css
pastebin.com/assets/c80611c4/css/ 		119 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastebin.com/assets/c80611c4/css/bootstrap.min.css
Requested by
Host: pastebin.com
URL: https://pastebin.com/aR3KSyku
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:22aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/aR3KSyku
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 13 Feb 2019 15:55:38 GMT
server
cloudflare
age
1424
etag
W/"5c643dfa-1da71"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
cf-ray
7ff0a7c3cd4cd97f-HEL
bootstrap-tagsinput.css
pastebin.com/assets/72fc434d/dist/ 		1 KB
511 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastebin.com/assets/72fc434d/dist/bootstrap-tagsinput.css
Requested by
Host: pastebin.com
URL: https://pastebin.com/aR3KSyku
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:22aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ff466857c3492bc9b5c0bfeaef7797f107581a0c387ff6e1ac3314e2b084a40

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/aR3KSyku
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 27 Jul 2014 12:27:42 GMT
server
cloudflare
age
1424
etag
W/"53d4f03e-431"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
cf-ray
7ff0a7c3cd4fd97f-HEL
vendors.bundle.css
pastebin.com/themes/pastebin/css/ 		1010 B
572 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastebin.com/themes/pastebin/css/vendors.bundle.css?30d6ece6979ee0cf5531
Requested by
Host: pastebin.com
URL: https://pastebin.com/aR3KSyku
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:22aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d790d8d644d85ba75095d8bce6dc947331745cf9fe0187d7b564505ffd41e53

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/aR3KSyku
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Jul 2023 08:38:48 GMT
server
cloudflare
age
252
etag
W/"64a67d98-3f2"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
cf-ray
7ff0a7c3cd50d97f-HEL
app.bundle.css
pastebin.com/themes/pastebin/css/ 		132 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastebin.com/themes/pastebin/css/app.bundle.css?30d6ece6979ee0cf5531
Requested by
Host: pastebin.com
URL: https://pastebin.com/aR3KSyku
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:22aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e602bf5cbc6b2715d4cb4d1d17414b038387f971de019e2791d55e8bf23059e

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/aR3KSyku
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Jul 2023 08:38:48 GMT
server
cloudflare
age
6603
etag
W/"64a67d98-210f9"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
cf-ray
7ff0a7c3cd51d97f-HEL
/
services.vlitag.com/adv1/ 		577 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/adv1/?q=adf050ece17b957604b4bbfc1829059f
Requested by
Host: pastebin.com
URL: https://pastebin.com/aR3KSyku
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dbd608af559af404e04c35ac75d74c4a1af00e368f44fc3ac5d49cc6c5b3ab1

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:23 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
873
cf-polished
origSize=590566
etag
W/"adf050ece17b957604b4bbfc1829059f 2023-08-29T10:39:46 v1 default"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900, stale-while-revalidate=3600
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7ff0a7c4bfa9df68-HEL
alt-svc
h3=":443"; ma=86400
text.css
pastebin.com/themes/pastebin/css/geshi/light/ 		706 B
424 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastebin.com/themes/pastebin/css/geshi/light/text.css?694707f98000ed24d865
Requested by
Host: pastebin.com
URL: https://pastebin.com/aR3KSyku
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:22aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f494312dd58dd6d0a14eaa75c5a8b438827f919577f62a9d86f9048c91af7f6

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/aR3KSyku
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Jul 2023 08:38:48 GMT
server
cloudflare
age
5509
etag
W/"64a67d98-2c2"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
cf-ray
7ff0a7c3cd52d97f-HEL
guest.png
pastebin.com/themes/pastebin/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastebin.com/themes/pastebin/img/guest.png
Requested by
Host: pastebin.com
URL: https://pastebin.com/aR3KSyku
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:22aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a0173182211c356718cc39291f5753a21fefe7422665f2bcd2a2798e02e846b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/aR3KSyku
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:23 GMT
cf-cache-status
HIT
last-modified
Thu, 06 Jul 2023 08:38:48 GMT
server
cloudflare
age
102
etag
"64a67d98-480"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ff0a7c42dddd97f-HEL
content-length
1152
hello.webp
pastebin.com/themes/pastebin/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastebin.com/themes/pastebin/img/hello.webp
Requested by
Host: pastebin.com
URL: https://pastebin.com/aR3KSyku
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:22aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e1bf559a0ff2b782db1ed3d774b6bf1379c4cfef4fbca73cf0d046da0b27c18

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/aR3KSyku
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:23 GMT
cf-cache-status
HIT
last-modified
Thu, 06 Jul 2023 08:38:48 GMT
server
cloudflare
age
4870
etag
"64a67d98-a06"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ff0a7c42dded97f-HEL
content-length
2566
jquery.min.js
pastebin.com/assets/9ce1885/ 		87 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastebin.com/assets/9ce1885/jquery.min.js
Requested by
Host: pastebin.com
URL: https://pastebin.com/aR3KSyku
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:22aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/aR3KSyku
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 04 May 2020 22:50:46 GMT
server
cloudflare
age
1424
etag
W/"5eb09c46-15d84"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
7ff0a7c41dbad97f-HEL
yii.js
pastebin.com/assets/f04f76b8/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastebin.com/assets/f04f76b8/yii.js
Requested by
Host: pastebin.com
URL: https://pastebin.com/aR3KSyku
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:22aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67bed69f23af460ec3341aefcdf793955c250fbf879589de4b93d17b8ec4ae54

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/aR3KSyku
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 07 Jul 2020 21:45:32 GMT
server
cloudflare
age
1025
etag
W/"5f04ecfc-51c6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
7ff0a7c42dd6d97f-HEL
bootstrap-tagsinput.js
pastebin.com/assets/72fc434d/dist/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastebin.com/assets/72fc434d/dist/bootstrap-tagsinput.js
Requested by
Host: pastebin.com
URL: https://pastebin.com/aR3KSyku
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:22aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07a31fb51092b5be28b0d96e4b8a6a39c6cfe0dcd6ece71604fdc1feb505d074

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/aR3KSyku
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 27 Jul 2014 12:27:42 GMT
server
cloudflare
age
5739
etag
W/"53d4f03e-4ae1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
7ff0a7c42dd9d97f-HEL
vendors.bundle.js
pastebin.com/themes/pastebin/js/ 		212 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastebin.com/themes/pastebin/js/vendors.bundle.js?30d6ece6979ee0cf5531
Requested by
Host: pastebin.com
URL: https://pastebin.com/aR3KSyku
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:22aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89f6780a679f814dde634d3c40c0cf83ff72c1d92f679e9264f2badf04e504a3

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/aR3KSyku
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Jul 2023 08:38:48 GMT
server
cloudflare
age
3808
etag
W/"64a67d98-35083"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
7ff0a7c42ddbd97f-HEL
app.bundle.js
pastebin.com/themes/pastebin/js/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastebin.com/themes/pastebin/js/app.bundle.js?30d6ece6979ee0cf5531
Requested by
Host: pastebin.com
URL: https://pastebin.com/aR3KSyku
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:22aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
441f4b2c8ce22e54955155f09aca309ceb06fbb62e9fcbc77ae5a3f92cd543c3

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/aR3KSyku
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Jul 2023 08:38:48 GMT
server
cloudflare
age
5612
etag
W/"64a67d98-9325"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
7ff0a7c42ddcd97f-HEL
pastebin_logo_side_outline_support_ukraine.webp
pastebin.com/themes/pastebin/img/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastebin.com/themes/pastebin/img/pastebin_logo_side_outline_support_ukraine.webp
Requested by
Host: pastebin.com
URL: https://pastebin.com/themes/pastebin/css/app.bundle.css?30d6ece6979ee0cf5531
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:22aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8774dde16f1ae45a9125b8689f96cf18a14207ae1d31ba4e584a2ce95f94e041

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/themes/pastebin/css/app.bundle.css?30d6ece6979ee0cf5531
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:23 GMT
cf-cache-status
HIT
last-modified
Thu, 06 Jul 2023 08:38:48 GMT
server
cloudflare
age
7064
etag
"64a67d98-25aa"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ff0a7c42de5d97f-HEL
content-length
9642
spritesheet.webp
pastebin.com/themes/pastebin/sprite/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastebin.com/themes/pastebin/sprite/spritesheet.webp
Requested by
Host: pastebin.com
URL: https://pastebin.com/themes/pastebin/css/app.bundle.css?30d6ece6979ee0cf5531
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:22aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7aee5871211604e24ffbaf5cc5d2c3f3e737be1362e829cd75250aef1e939a5

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/themes/pastebin/css/app.bundle.css?30d6ece6979ee0cf5531
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:23 GMT
cf-cache-status
HIT
last-modified
Thu, 06 Jul 2023 08:38:48 GMT
server
cloudflare
age
6603
etag
"64a67d98-b7d8"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ff0a7c42de7d97f-HEL
content-length
47064
info.png
pastebin.com/themes/pastebin/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastebin.com/themes/pastebin/img/info.png
Requested by
Host: pastebin.com
URL: https://pastebin.com/themes/pastebin/css/app.bundle.css?30d6ece6979ee0cf5531
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:22aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
703d23efcb49183ab7f2795739f547fcd42c3d73e77f47b6c614892bb6666cea

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/themes/pastebin/css/app.bundle.css?30d6ece6979ee0cf5531
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:23 GMT
cf-cache-status
HIT
last-modified
Thu, 06 Jul 2023 08:38:48 GMT
server
cloudflare
age
6603
etag
"64a67d98-68c"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ff0a7c42debd97f-HEL
content-length
1676
linebg.png
pastebin.com/themes/pastebin/img/ 		375 B
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastebin.com/themes/pastebin/img/linebg.png
Requested by
Host: pastebin.com
URL: https://pastebin.com/themes/pastebin/css/app.bundle.css?30d6ece6979ee0cf5531
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:22aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d45d1b49b5918ea0ffa0b3d119995b96b558147f618f0ea1897906252be7bcb4

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/themes/pastebin/css/app.bundle.css?30d6ece6979ee0cf5531
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:23 GMT
cf-cache-status
HIT
last-modified
Thu, 06 Jul 2023 08:38:48 GMT
server
cloudflare
age
2729
etag
"64a67d98-177"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ff0a7c45e3bd97f-HEL
content-length
375
close_promo.png
pastebin.com/themes/pastebin/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastebin.com/themes/pastebin/img/close_promo.png
Requested by
Host: pastebin.com
URL: https://pastebin.com/themes/pastebin/css/app.bundle.css?30d6ece6979ee0cf5531
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:22aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e2c5ee3e670df454c774cd417f12f4ca3083db68091f9184fb29efd2af4877b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/themes/pastebin/css/app.bundle.css?30d6ece6979ee0cf5531
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:23 GMT
cf-cache-status
HIT
last-modified
Thu, 06 Jul 2023 08:38:48 GMT
server
cloudflare
age
3808
etag
"64a67d98-594"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ff0a7c45e3fd97f-HEL
content-length
1428
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
adf050ece17b957604b4bbfc1829059f.json
services.vlitag.com/cli/ 		42 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/cli/adf050ece17b957604b4bbfc1829059f.json?hn=https://pastebin.com
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=adf050ece17b957604b4bbfc1829059f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c06abb80cbaf1071aecf372afa599f62f2fb0447efe6a74a1d5a18ce90d21f06

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:23 GMT
cf-cache-status
BYPASS
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastebin.com
cache-control
private, no-cache, no-store, must-revalidate
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7ff0a7c6ead1d967-HEL
content-length
42
alt-svc
h3=":443"; ma=86400
expires
Fri, 01 Jan 1990 00:00:00 GMT
check-last-posts
pastebin.com/site/ 		2 B
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pastebin.com/site/check-last-posts?k=0&d=0
Requested by
Host: pastebin.com
URL: https://pastebin.com/assets/9ce1885/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:22aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1;mode=block

Request headers

Accept
*/*
Referer
https://pastebin.com/aR3KSyku
X-CSRF-Token
cWFmsEIrtjUQdDklCtxljnMHXdTkDmLRROVekdYE_oALMT_TLU-OcFgQZk1NiVDDFXIap4w6AZYAtRPI4FzL0g==
X-Requested-With
XMLHttpRequest
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
DENY
content-type
application/json; charset=UTF-8
cf-ray
7ff0a7c6b9a9d97f-HEL
x-xss-protection
1;mode=block
collect
www.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-S72LBY47R8&gtm=45je38s0&_p=1223903291&cid=521790050.1693436484&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693436483&sct=1&seg=0&dl=https%3A%2F%2Fpastebin.com%2FaR3KSyku&dt=Interpol%20cryptocurrency%20safety%20deposit%20addresses.%20-%20Pastebin.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S72LBY47R8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastebin.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vl.json
services.vlitag.com/vld/1693383545/ 		13 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/vld/1693383545/vl.json?page_url=https%3A%2F%2Fpastebin.com%2FaR3KSyku
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=adf050ece17b957604b4bbfc1829059f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:23 GMT
cf-cache-status
HIT
last-modified
Wed, 30 Aug 2023 10:50:52 GMT
server
cloudflare
age
43831
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastebin.com
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7ff0a7c81e434c8d-HEL
content-length
13
alt-svc
h3=":443"; ma=86400
adf050ece17b957604b4bbfc1829059f.json
services.vlitag.com/obj/1693383545/ 		44 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/obj/1693383545/adf050ece17b957604b4bbfc1829059f.json?cc=FI&hn=https://pastebin.com
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=adf050ece17b957604b4bbfc1829059f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18eae1725625fae05d69d9ec843ea6bcdbb7ceef86d4cb26bd117d1dfeed0cce

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 30 Aug 2023 08:19:18 GMT
server
cloudflare
age
52925
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastebin.com
cache-control
public, immutable, max-age=31536000
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7ff0a7c81e454c8d-HEL
alt-svc
h3=":443"; ma=86400
adtag.js
dsp.vlitag.com/js/v1/ 		101 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dsp.vlitag.com/js/v1/adtag.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=adf050ece17b957604b4bbfc1829059f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0445a6eeac22daf4096fb8c0d53b36a26a9e78b2a0295b0f4305aedaa40808d

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:23 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
49
cf-polished
origSize=103836
etag
W/"2023-08-29T05:32:38"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=300, stale-while-revalidate=3600
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7ff0a7c86c9edf68-HEL
alt-svc
h3=":443"; ma=86400
prebid-7.48.0.js
assets.vlitag.com/prebid/default/ 		561 KB
172 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=adf050ece17b957604b4bbfc1829059f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95dbbacaaa6b78654b2b74da75fa16e9986ff82fe674aea184b07e643295c871

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:23 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 08 May 2023 07:36:47 GMT
server
cloudflare
age
1090776
cf-polished
origSize=575587
etag
W/"6458a68f-8c863"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
7ff0a7c87caadf68-HEL
alt-svc
h3=":443"; ma=86400
expires
Fri, 18 Aug 2023 08:31:47 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		101 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=adf050ece17b957604b4bbfc1829059f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5714fa5a5c32c8021aa597e7469488a8d0f726fff911b73504a777187d2dc66f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29497
x-xss-protection
0
server
cafe
etag
346 / 19599 / 31077496 / config-hash: 84481720011948115
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 23:01:24 GMT
sf_host.min.js
assets.vlitag.com/plugins/safeframe/src/js/ 		38 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=adf050ece17b957604b4bbfc1829059f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 01 Nov 2019 05:04:50 GMT
server
cloudflare
age
1090775
etag
W/"5dbbbcf2-9806"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
7ff0a7c87ca8df68-HEL
alt-svc
h3=":443"; ma=86400
expires
Fri, 18 Aug 2023 08:31:47 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		248 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=adf050ece17b957604b4bbfc1829059f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.136.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-136-109.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9e08da8f03bfc136e84f23144e1d9c6837ebed60f4c61b6c8cafc8215f77585

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 22:10:26 GMT
content-encoding
gzip
via
1.1 06a27d66e25d02ebcfb014b9d194016a.cloudfront.net (CloudFront), 1.1 ac979e099d122e39d3a8fac95688a69a.cloudfront.net (CloudFront)
last-modified
Thu, 24 Aug 2023 18:15:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, AMS50-C1
age
3059
x-amz-server-side-encryption
AES256
etag
W/"bfd42dc650471371e7b049251fcaca58"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
EXPTZh-y4cNWDgZoSZ_-ROBeQ4ifFhC7CdoVsfEFS94ZKL9G6IeXnw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.136.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-136-109.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 dbd13e5e9621f4e45e6a452ed9862bf0.cloudfront.net (CloudFront)
date
Wed, 30 Aug 2023 08:31:32 GMT
x-amz-cf-pop
AMS50-C1
age
52242
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
hjHo5HbcAJRHMxH9M3CoLb_7Nbv2iEMI2367m8GJ8LjyDhqGPERU6A==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308280101/ 		402 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308280101/pubads_impl.js?cb=31077496
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c81f14e2bb3209ad75981c1843043f0a465d4c090f2313d0aa5398a7767ca9ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 22:51:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
570
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129468
x-xss-protection
0
server
cafe
etag
3806458570195517322
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 29 Aug 2024 22:51:54 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fpastebin.com&pubid=9cf0c4f1-7630-476b-9141-f4472e005192
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.136.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-136-109.ams50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:42:30 GMT
via
1.1 ac979e099d122e39d3a8fac95688a69a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS50-C1
age
11934
x-cache
Hit from cloudfront
access-control-allow-origin
https://pastebin.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
jINck5B0neYjewzTdQlsFdk8roVAgLEb7FWjZ6uVf-iMLFjuNa4EsQ==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230831
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f8b342822ef1fa6a4a38d2d7921508eba2f06150762e3536a9949d8d7cf7b3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pastebin.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Aug 2023 23:01:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
25235
x-jsd-version
1.0.1798
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-jnb7027-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"639-rr6+Inso7vLfgcaPzGHI9pMLd00"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=91mXuSs9lKsBhHv2jNMRRGn81fHZMjyXQblitlOIH35FiMQ3YegwJ7k2WjtNhkC9%2FkqBJH237liCusWynQPjgVqoS9wCO%2BIyToHo6RzNVEVvb7mZMxOVOUFlfdZXA9%2BueL%2FmrIwEyYDVjYWSsa4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7ff0a7cc29a63767-HEL
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pastebin.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pastebin.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 30 Aug 2023 23:01:24 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pastebin.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pastebin.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 30 Aug 2023 23:01:24 GMT
localstore.js
script.4dex.io/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19037f548c23b16f66ac2e1cede1fe5bdc253589a37bd985334ca3adedd110dc

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 23:01:24 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Fri, 11 Aug 2023 11:58:31 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1681329
ETag
W/"7a2ddf8932b862ed5d75aa7b27e3f8c1"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QlHp5IBfCkvTC1ZaC4ihjtC2ADwABsfveft6QjrK2KdRSqxZYRlrFtqXTVRk2WBGK%2BO7vwDvQQAnfGcPbQ3HeevNWmAlRD%2Bm5UwmbaLV3hw5ip5EpChB5n3gErCEAa%2BspzWtccLLB8qU03Hq"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7ff0a7cced074e1b-HEL
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastebin.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastebin.com
date
Wed, 30 Aug 2023 23:01:24 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bid-request
a.teads.tv/hb/ 		16 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.209.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-209-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://pastebin.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:24 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://pastebin.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 30 Aug 2023 23:01:24 GMT
unruly_prebid
targeting.unrulymedia.com/ 		0
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastebin.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://pastebin.com
pragma
no-cache
date
Wed, 30 Aug 2023 23:01:24 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastebin.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://pastebin.com
pragma
no-cache
date
Wed, 30 Aug 2023 23:01:24 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2294e26e50a02a8%22%3A%22ab125220a3333b88e772%7C410x231%7Cf%3D0.01%2Cc%3Dv%2C%22%2C%2210f9f200fff8fbd%22%3A%22f92c2d3e59016342889a%7C640x480%7Cf%3D0.01%2Cc%3Dv%2C%22%2C%2211663e5fa3d5c3%22%3A%22d398e3afd25fd75bf33c%7C320x480%2C336x280%2C300x250%7Cf%3D0.01%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fpastebin.com%2FaR3KSyku&s=bf9e3e2a-f84e-4400-9ae2-af50a7dcd00c&pv=bab23176-4fab-4a1d-9b05-b135ac564b37&vp=desktop&lib_name=prebid&lib_v=7.48.0&us=0&iqid=%7B%22pcid%22%3A%2211a22b84-3959-4d23-af44-e49a8b6bafd1%22%2C%22pcidDate%22%3A1693436484475%7D&fpd=%7B%22site%22%3A%7B%22domain%22%3A%22pastebin.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22pastebin.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fpastebin.com%2FaR3KSyku%22%2C%22name%22%3A%22pastebin.com%22%2C%22ref%22%3A%22%22%2C%22privacypolicy%22%3A0%2C%22mobile%22%3A0%7D%2C%22user%22%3A%7B%22gender%22%3A%22O%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.140%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pubpower.io%22%2C%22sid%22%3A%22888%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pastebin.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22pwatevib_xon210.3430483887%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22stype%22%3A%22ppuid%22%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220d14102b-9a50-422c-82ce-9993c0cb38ab%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.64 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
d12843580d3c46c9238c6fcb5ebeade90efc3b794562c14398dd544997e0bbef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pastebin.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:24 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-124
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://pastebin.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
1230
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
pbjs
useast.quantumdex.io/auction/ 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastebin.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastebin.com
date
Wed, 30 Aug 2023 23:01:24 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7ff0a7cceec94c7f-HEL
access-control-allow-methods
POST, GET
v1
prg-apac.smartadserver.com/prebid/ 		171 B
554 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://pastebin.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:24 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pastebin.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg-apac.smartadserver.com/prebid/ 		0
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastebin.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:24 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pastebin.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg-apac.smartadserver.com/prebid/ 		171 B
554 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://pastebin.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:23 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pastebin.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		379 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
5e2289a18eea3d5f113620a2de810b5cabda17664e82c4a27f39be7c038bd479
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pastebin.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:24 GMT
an-x-request-uuid
99ec64e1-7105-4918-9c90-fb3ee1120f0a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastebin.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.204.1.182; 185.204.1.182; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
379
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpastebin.com%2FaR3KSyku&pid=7kXSaKAEK3phP&cb=0&ws=1600x1200&v=23.821.1806&t=1000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A1%2C%22id%22%3A%22Interdog_Media_RON_Instream%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%2C%7B%22sd%22%3A%22vi_1282598651_banner%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A98651%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C888%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.37.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-37-219.ams1.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:24 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 cf45fdeb5348a5648604f5f9e4f2b8a8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS1-P1
x-amz-rid
QBW06MRSK0N5HB9WRCTV
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://pastebin.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
wTgy9kOEmzoJQKPrZ_INJe0AqNvrORFlJ-hKHHeuvrvq5bT_2IoE9g==
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRmNaMUZTRzdNMrTYMyeT-rrYe-PZTB-wKMM-MPtMqPTaBaUMRlmNBBUbPMARdzNwqfftkRqxeNco_TYMYZaMUZT_wqfftkRwkjNAR_yszuNyqsltRkjmNBYAbPMA,BBUbYMA,BAAbYZARwlNkzwigxlt,ztqrl,lgfgwo,jxqfzxdrtb,ldqkzqrltkctk,gyzdtroqRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:24 GMT
cf-cache-status
MISS
last-modified
Wed, 30 Aug 2023 23:01:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F9aRDGIP4cV%2FNoxg7e4RRVH1tFclqMgCGSHXgvYXfOl4TvTDR%2BDkAwoBehk4gHPLcTW1R0kn2L5K%2FzFj7y9PHcH%2FD2wSPfhHMySexmLCLt8iTO9caUaL6TbNmS9avJ%2Bg5uAUCdZrRREXZU285zyQlg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7ff0a7cd2f094c87-HEL
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRmNaMUZTRzdNZrMrrYTw-YBAA-PAaK-aawq-qBtewBKyUTYqRlmNPTAbYBTRdzNcortg%20gxzlzktqdRqxeNco_TYMYZaMUZT_gxzlzktqdRwkjNAR_yszuNyqsltRkjmNPTAbYBTRwlNxfkxsn,lgfgwo,ldqkzqrltkctk,gyzdtroqRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:24 GMT
cf-cache-status
MISS
last-modified
Wed, 30 Aug 2023 23:01:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BuwtO%2B5EOg80m%2BlN3sx0YvKJabGp5KlwKhO2GJqQnS1P6SaOl4EoBPM%2FjD7hidLxkyFaH29amuA7MqNdDNsqpihvPDeh6aA6jl6EiVhZGx8tjH35QZFSVQiikM5WwICeB0DyLEIy%2BZr1aVLtHhbBKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7ff0a7cd2f0b4c87-HEL
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRmNaMUZTRzdNyeBBeBKM-KaAt-PMYw-aUBt-UatryKZBtZaARlmNUPAbPMARdzNcortg%20oflzktqdRqxeNco_TYMYZaMUZT_oflzktqdRwkjNAR_yszuNyqsltRkjmNUPAbPMARwlNxfkxsn,lgfgwo,ldqkzqrltkctk,gyzdtroqRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:24 GMT
cf-cache-status
MISS
last-modified
Wed, 30 Aug 2023 23:01:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pMK3MqIeV27EqO2H1ZK3b30zEIjhKwbFh%2BR5h60UtqTdZw5paPXofDjMnd0vwYIS%2FO%2Fjen%2Fo0FMWnlNjmmGazzy2%2FE4WG%2FDFnNnYaGskkRhwOxqc9TM%2Bl%2B4NGzivbyf4YtMiyrqunO6VXbRPA7zfDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7ff0a7cd2f0c4c87-HEL
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNMYtZZAZB-eAPr-PUAU-aMPy-YqBMTyyArUtARdzNcortg%20oflzktqdRlmNUPAbPMARwlNqdqmgfRkjmNUPAbPMARrdzNqdqmgfRwkjNTRmNaMUZTRleNplR_yszuNyqslt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:24 GMT
cf-cache-status
MISS
last-modified
Wed, 30 Aug 2023 23:01:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kOmdIBHkSIwIp%2Be5jqRqClh75MBaz%2BojPFvtIjAVZN2Xrfkql5zw1cL1IDvCgEecUzT%2FCtMHcC1phUFcF8s0qWT1R6TbRnsYqxX7mg54q7Wg08WQPi9PWnAvAXgDsfWw4a%2F%2B9fkmaQ%2Fg8nD0MWTkLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7ff0a7cd2f0d4c87-HEL
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
529 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNrYYUMAKY-MMYq-PPYq-qAqa-AaAUyAAyMUywRdzNwqfftkRlmNBBUbPMARwlNqdqmgfRkjmNBBUbYMA,BAAbYZARrdzNqdqmgfRwkjNTRmNaMUZTRleNplR_yszuNyqslt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:24 GMT
cf-cache-status
MISS
last-modified
Wed, 30 Aug 2023 23:01:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FiffNvIdRoG1H9BcOGB%2B1wbzPFR%2F2O8Uku71L2idxDxg0aTc5JlrNb%2B%2FxE7%2BGS0EeyOzDz9vdBkfFHY2tddz58UNTXxz3r4xAsFdYqOsPO92580xa1KKlkrDC4Rnh%2FsdWTMIZAVtwlFqalG4mQuMEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7ff0a7cd2f0e4c87-HEL
content-length
0
alt-svc
h3=":443"; ma=86400
pbjs
useast.quantumdex.io/auction/ 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastebin.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastebin.com
date
Wed, 30 Aug 2023 23:01:24 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7ff0a7cceecb4c7f-HEL
access-control-allow-methods
POST, GET
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastebin.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastebin.com
date
Wed, 30 Aug 2023 23:01:24 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpastebin.com%2FaR3KSyku&pid=7kXSaKAEK3phP&cb=1&ws=1600x1200&v=23.821.1806&t=1000&slots=%5B%7B%22sd%22%3A%22vi_1282550013_7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A50013%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%2C%7B%22sd%22%3A%22vi_1282550013_8%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A50013%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C888%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.37.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-37-219.ams1.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:24 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 cf45fdeb5348a5648604f5f9e4f2b8a8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS1-P1
x-amz-rid
YAP68MHMSGD834JRM48V
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://pastebin.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
T48MAawAWUmWT7ztWAbDwGzs0hcdazfzh8Ut3IeszR8uWXjrSvXxWg==
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRmNZAATBRzdNTqZZarwe-qeyM-PTMB-wtAU-YrMwZPBteAtyRlmNaKAbaARdzNwqfftkRqxeNco_TYMYZZAATB_KRwkjNAR_yszuNyqsltRkjmNaKAbaARwlNjxqfzxdrtb,kzwigxltRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:24 GMT
cf-cache-status
MISS
last-modified
Wed, 30 Aug 2023 23:01:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kDE45CgRzcZfsiRS3k5O6gU5ptI3TFnsBaPZ%2BzVGs68xMU%2FRoOksVnxy9cnyWJcIm27ak5RsNh7du0ULMTq7BVmZaDQme6AIIzgmbcaTyKiInlF19dpyei7gnGidMBxNk62vlNnuDGeR%2BYivBoLz%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7ff0a7cd2f114c87-HEL
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRmNZAATBRzdNKMTeePrZ-rrqK-PKeA-MwBr-qyrZKZUPtABTRlmNKYMbaARdzNwqfftkRqxeNco_TYMYZZAATB_MRwkjNAR_yszuNyqsltRkjmNKYMbaARwlNjxqfzxdrtb,kzwigxltRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:24 GMT
cf-cache-status
MISS
last-modified
Wed, 30 Aug 2023 23:01:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wj96S49812wdcDaMo4kPR6oD7D5E3Ugg%2FkysOodp29RKT3I92JJkt%2BAQC2zBum%2BCgv10%2BdWQtvYHT5ybVZaEG%2Be5bIVvMBLVs48tOt3y6HnsP6PCpPjXHBxRzzOE6z%2FqNvkLL9gGa21VMqPgCT3BBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7ff0a7cd4f3e4c87-HEL
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNAAYKtMPU-KtUY-PUMa-MyTP-yPerKTTZwKKARdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNTRmNZAATBRleNplR_yszuNyqslt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:24 GMT
cf-cache-status
MISS
last-modified
Wed, 30 Aug 2023 23:01:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5jmu2XaBieZA3CHQHm%2FKNXSPRUUq2Jbmm4h2pQ2qm5e8iOxU8loTvfbcwJ93wYLKXW1OSrZNTAEjGAAdOMCf%2BYJ1ExtvXVJAwi%2FT6O3OmoBXG%2FhFnYSfwHxDenr7S6yZorG8jp%2BLzEMXvXhaf4dzOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7ff0a7cd4f404c87-HEL
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNartAerTw-Ytqy-PttZ-qPMa-YywePBqUtZMaRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNTRmNZAATBRleNplR_yszuNyqslt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:24 GMT
cf-cache-status
MISS
last-modified
Wed, 30 Aug 2023 23:01:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c33Rj8oQW3uP2B7V9SE69DLRqRhraniE36EWpy%2BdKpSyICsuP6YTpPhOWva15lp2GYvKQG7mMhIP7AunEOuVUbX4M9Mx8OBuuOMq5Vh5gjdHyho7nAJ6xu7KfgRAAcx6P%2FypQZmR1%2BvS%2FLaIY6wW5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7ff0a7cd4f4b4c87-HEL
content-length
0
alt-svc
h3=":443"; ma=86400
pbjs
useast.quantumdex.io/auction/ 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastebin.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastebin.com
date
Wed, 30 Aug 2023 23:01:24 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7ff0a7cceecc4c7f-HEL
access-control-allow-methods
POST, GET
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastebin.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastebin.com
date
Wed, 30 Aug 2023 23:01:24 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ 		144 B
959 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
7cc2ea3e7a0c3454ef0a765a4b78df2281ecd2a5bc5b6ba8a10b1f4191878a0e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pastebin.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:24 GMT
an-x-request-uuid
9bd15820-f0c9-4949-9394-8ade78bb1b87
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastebin.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.204.1.182; 185.204.1.182; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
144
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpastebin.com%2FaR3KSyku&pid=7kXSaKAEK3phP&cb=2&ws=1600x1200&v=23.821.1806&t=1000&slots=%5B%7B%22sd%22%3A%22vi_1282577474_1%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A77474%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C888%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.37.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-37-219.ams1.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:24 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 cf45fdeb5348a5648604f5f9e4f2b8a8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS1-P1
x-amz-rid
9KXV4W5HP1ZQMWKHJVHR
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://pastebin.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
uqcUEoUxwRxqZ9330AJV4ct9N__-079Kxg7WuvxhwnTkZC_HG3sJ7A==
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRmNKKPKPRzdNYZyPBaUw-yAeM-PteP-wBwK-eyMPwUKawwrMRlmNaKAbaARdzNwqfftkRqxeNco_TYMYZKKPKP_TRwkjNAR_yszuNyqsltRkjmNaKAbaA,KYMbaA,PUMbUARwlNjxqfzxdrtb,kzwigxlt,gyzdtroqRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:24 GMT
cf-cache-status
MISS
last-modified
Wed, 30 Aug 2023 23:01:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hP2eG6WSsCwU0uo6IZ4BqGfTDcoDK%2FzrlOTnN4eAGbJXr3DH%2BGIumN%2FOz18d9KvQ0Zf8xW645cmLXq6a4NATR7aphmIFc%2FJdajyVUuWktA3fFH0K8cu1xg6mDM07vEjVHAz9LHKhWzom1PSTCnJG7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7ff0a7cd4f4c4c87-HEL
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNtByKreTY-eTqt-PeKw-wara-BTMYTTKMwMYYRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaA,KYMbaA,PUMbUARrdzNqdqmgfRwkjNTRmNKKPKPRleNplR_yszuNyqslt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:24 GMT
cf-cache-status
MISS
last-modified
Wed, 30 Aug 2023 23:01:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YplwExdUdKUXV24EsVpeZPW7Ha3PEXQBVDBpKLFBAtEYtRBjxRwtx7SVOpqPvlvC7hFdS99JO4a8OURXSEhyrynuvwN%2BzaVc6PkRzhHjBfPFPRrUPe%2Beju%2BR%2Frbkfq9sw5K231hql1OUpaKW0%2B06Aw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7ff0a7cd4f4e4c87-HEL
content-length
0
alt-svc
h3=":443"; ma=86400
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastebin.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastebin.com
date
Wed, 30 Aug 2023 23:01:24 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
pbjs
useast.quantumdex.io/auction/ 		0
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastebin.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastebin.com
date
Wed, 30 Aug 2023 23:01:24 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7ff0a7cceecd4c7f-HEL
access-control-allow-methods
POST, GET
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpastebin.com%2FaR3KSyku&pid=7kXSaKAEK3phP&cb=3&ws=1600x1200&v=23.821.1806&t=1000&slots=%5B%7B%22sd%22%3A%22vi_1282550010_1%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A50010%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C888%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.37.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-37-219.ams1.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:24 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 cf45fdeb5348a5648604f5f9e4f2b8a8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS1-P1
x-amz-rid
57GD07GQ6QR5GMW4SG0M
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://pastebin.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
7VeYWibd0F4uNhynPLzt58hVSPN9UZwfiNlbA3RLqyqVm3xNNddcyg==
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRmNZAATARzdNMYUAZTqq-TwMT-PeTY-wZKB-UawYZyyeKqKqRlmNaKAbYZARdzNwqfftkRqxeNco_TYMYZZAATA_TRwkjNAR_yszuNyqsltRkjmNaKAbYZA,aKAbaA,aKAbUU,aUAbaA,aZAbaA,aBAbTMA,KZAbTAA,KYMbaA,PUMbUARwlNkzwigxlt,jxqfzxdrtbRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:24 GMT
cf-cache-status
MISS
last-modified
Wed, 30 Aug 2023 23:01:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jFF3H4ot0T3IKPxNhQdu585iHgtNj%2BqIE4wJkjjDeZ2FdFrHRCC%2F9FlH1ovz2iZiif6EK2eN3C9XXE89zYKkcdHOqvqCds1ell3nipb33BGvXfsrUdU2xjAHVLkZX9RMavS1bYFSJRLMy82zW3ggMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7ff0a7cd4f4f4c87-HEL
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRmNZAATARzdNaetarPKZ-aKBt-PYUK-wwPq-ZTMUwUtZABAaRlmNPPZbYZARdzNcortg%20gxzlzktqdRqxeNco_TYMYZZAATA_T_gxzlzktqdRwkjNAR_yszuNyqsltRkjmNPPZbYZARwlNjxqfzxdrtbRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:24 GMT
cf-cache-status
MISS
last-modified
Wed, 30 Aug 2023 23:01:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PhlN%2B907tTQTFcTLEN7iZJL5l5Xbo2hB%2BMXkw6ADFqjC1Lk%2B%2F6kA79sxsWsQLAP02v9bntepKdws7zI62Fq1d3D0ZOh87tjdgqGe8Sm%2FjK4L%2BZzUdwcXXdbXToJV%2B3TkF36A8GIT8UOrRlq9i%2F9ixQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7ff0a7cd4f504c87-HEL
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNMTZBqYtw-tAty-PTtZ-MPqZ-AtAqrMKBweteRdzNwqfftkRlmNaKAbYZARwlNqdqmgfRkjmNaKAbYZA,aKAbaA,KYMbaA,PUMbUARrdzNqdqmgfRwkjNTRmNZAATARleNplR_yszuNyqslt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:24 GMT
cf-cache-status
MISS
last-modified
Wed, 30 Aug 2023 23:01:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qG7QtNjLkmiULioN%2BBwy6Y%2BCQU%2FqnN64pAYXhWfYmT9KR7J1Xex2FyZgV9Ufy0elsK%2FziRmu00AdJQdUX1Mlw%2FLma6xJ8Fe8gtJDdJeVRVNsb6bYRwN%2FYcSWJiJJQ6TuIkfcIOmUZ6YY7ysXxRjk2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7ff0a7cd4f524c87-HEL
content-length
0
alt-svc
h3=":443"; ma=86400
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpastebin.com%2FaR3KSyku&pid=7kXSaKAEK3phP&cb=4&ws=1600x1200&v=23.821.1806&t=1000&slots=%5B%7B%22sd%22%3A%22vi_1282578983_1%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%2C%22250x250%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A78983%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C888%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.37.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-37-219.ams1.r.cloudfront.net
Software
Server /
Resource Hash
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:24 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 cf45fdeb5348a5648604f5f9e4f2b8a8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS1-P1
x-amz-rid
DFF4652KCGFJGSD1RWYE
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://pastebin.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
v_waA2uoq0PMlD4TKKmiT4mwMxXllC0N2COpCoyJmHYM7p8lWVQ3OA==
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNqrqwyUeM-KyPU-PePK-qYKA-qTaAAMKwrZPtRdzNwqfftkRlmNBAAbUAARwlNqdqmgfRkjmNBAAbUAA,BAAbYZA,YZAbYZA,TUAbUAA,TYAbUAARrdzNqdqmgfRwkjNARmNKMaMBRleNplR_yszuNyqslt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:24 GMT
cf-cache-status
MISS
last-modified
Wed, 30 Aug 2023 23:01:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lnL9kqp8zhm6zTETY8%2FFVsB0G904GvCZNMog3IkW8ZJobMeCbZipl1sCqvgXNMdm0%2BSFl53Lqs%2BW0XDAKrqytDAjr448DKla2pMDGEJ3ncNYM7Zyn9tb%2FSmRxjSijlm6T6loPUNkG6K3x7UPdgI6EA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7ff0a7cd4f544c87-HEL
content-length
0
alt-svc
h3=":443"; ma=86400
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
456 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpastebin.com%2FaR3KSyku&pid=7kXSaKAEK3phP&cb=5&ws=1600x1200&v=23.821.1806&t=1000&slots=%5B%7B%22sd%22%3A%22vi_1282567605_1%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A67605%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C888%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.37.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-37-219.ams1.r.cloudfront.net
Software
Server /
Resource Hash
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:24 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 cf45fdeb5348a5648604f5f9e4f2b8a8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS1-P1
x-amz-rid
4PXR1BC1174BGE31Q7EY
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://pastebin.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
LDFsl1KHeWtxLeVDA05lxnCDvHe731kLjLcNoFifQLeyqeSjq120QQ==
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNqeZaMwaZ-YtUq-PKya-MZet-raTZBAZryqAKRdzNwqfftkRlmNaKAbYZARwlNqdqmgfRkjmNaKAbYZA,aKAbaA,KYMbaA,PUMbUARrdzNqdqmgfRwkjNARmNUKUAZRleNplR_yszuNyqslt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:24 GMT
cf-cache-status
MISS
last-modified
Wed, 30 Aug 2023 23:01:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8c%2BGmVCk2HOxmfnQ29hM3imoCTkwTRkN%2FHMjFBkA9VcCdu9pOH1q%2FYYgDNnNH8SA0yTZ27lZ6wNMChfOmKGjeZXSnCZFFXr5IjZrMlpbb2ECA0YLqKWBme7cqpqA3CJuBr526uCbFEXEYPga2%2B1atg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7ff0a7cd4f554c87-HEL
content-length
0
alt-svc
h3=":443"; ma=86400
script.js
cadmus.script.ac/dahhc4ozyvjm6/ 		3 B
437 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:24 GMT
last-modified
Mon, 01 Jan 2018 00:00:00 GMT
server
cloudflare
age
0
etag
W/"601055f6a0c6408859f97b5f0a84bdb88441a80e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=259200,stale-while-revalidate=86400,stale-if-error=259200
cf-ray
7ff0a7cdecc5d916-HEL
content-length
3
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
773ef390c0650fce7fe2832f5427c428f943a630c21f166a316384937006720f

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 23:01:24 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1681323
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Fri, 11 Aug 2023 11:58:31 GMT
Server
cloudflare
ETag
W/"9d36e722f929b1726cf2a9cba00af489"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8FmR1Ybfu1p66S5yWfZ4X%2BBj85%2B6%2B9YSDiAUGcRS0Iet8p4P5tim6QCFffdKqfqjIIiN4tEYOFWp9vwLjwc7ruf7nOKws234tUDlx%2BdEeE6ClMSIz4VDQ83KSBk9CK7rugHSTZPwMMGZfMNG"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7ff0a7cddb3e4c79-HEL
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pastebin.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pastebin.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 30 Aug 2023 23:01:25 GMT
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastebin.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastebin.com
date
Wed, 30 Aug 2023 23:01:25 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
trinity.json
apex.go.sonobi.com/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2242695016cca82f2%22%3A%2266dc993edc2988c2a046%7C300x168%7Cf%3D0.01%2Cc%3Dv%2C%22%7D&ref=https%3A%2F%2Fpastebin.com%2FaR3KSyku&s=e52c743d-6738-4b11-8a5d-23b1693cc1f6&pv=bab23176-4fab-4a1d-9b05-b135ac564b37&vp=desktop&lib_name=prebid&lib_v=7.48.0&us=0&iqid=%7B%22pcid%22%3A%2211a22b84-3959-4d23-af44-e49a8b6bafd1%22%2C%22pcidDate%22%3A1693436484475%7D&fpd=%7B%22site%22%3A%7B%22domain%22%3A%22pastebin.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22pastebin.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fpastebin.com%2FaR3KSyku%22%2C%22name%22%3A%22pastebin.com%22%2C%22ref%22%3A%22%22%2C%22privacypolicy%22%3A0%2C%22mobile%22%3A0%7D%2C%22user%22%3A%7B%22gender%22%3A%22O%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.140%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pubpower.io%22%2C%22sid%22%3A%22888%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pastebin.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22pwatevib_xon210.3430483887%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22stype%22%3A%22ppuid%22%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220d14102b-9a50-422c-82ce-9993c0cb38ab%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.64 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
0c5838b2fb18c10eeacf99b5ad4dd7e7f582e30fffb85b60396fd57ded32c099
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pastebin.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:25 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-124
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://pastebin.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
1079
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		261 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
1dbdedbe9f4296e295c5293ffe154fd7a1d66b1a6df7362c57b4e25fe0e32683
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pastebin.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:25 GMT
an-x-request-uuid
a6e9d5ca-130e-4520-b5b6-09f103d4478d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastebin.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.204.1.182; 185.204.1.182; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
261
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastebin.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://pastebin.com
pragma
no-cache
date
Wed, 30 Aug 2023 23:01:25 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
v1
prg-apac.smartadserver.com/prebid/ 		171 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://pastebin.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:24 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pastebin.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
pbjs
useast.quantumdex.io/auction/ 		0
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastebin.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastebin.com
date
Wed, 30 Aug 2023 23:01:25 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7ff0a7d05a894c7f-HEL
access-control-allow-methods
POST, GET
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRmNKMaMBRzdNZtrUAtTZ-PBBP-PrTA-MBaZ-qyPyeMtUKaBPRlmNBAAbUAARdzNwqfftkRqxeNco_TYMYZKMaMB_TRwkjNTR_yszuNyqsltRkjmNBAAbUAA,BAAbYZA,YZAbYZA,YAAbYAA,TMAbTZA,TUAbUAA,TYAbUAARwlNkzwigxlt,gyzdtroq,jxqfzxdrtbRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:25 GMT
cf-cache-status
MISS
last-modified
Wed, 30 Aug 2023 23:01:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YPub2%2F2IkDnq4vcxTsxLO%2FPRuh8l%2BliwS1H91qIEGDmEEH4rxFcEQGEyXVAPXrJhtMYLkLy4Kd7tG9HEHsDpNC1g0bjpSFbFhB6xDss64SDhxXw%2FD2eZZNtL4I7jC8OaqZQ86td%2Fap3Ro1l3OS3KUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7ff0a7d06afd4c87-HEL
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRmNKMaMBRzdNUaZwUZTa-ZtBt-PrPe-MtqT-ewBaUUZTKYrqRlmNBAAbTUMRdzNcortg%20gxzlzktqdRqxeNco_TYMYZKMaMB_T_gxzlzktqdRwkjNAR_yszuNyqsltRkjmNBAAbTUMRwlNlgfgwo,gyzdtroq,xfkxsn,ldqkzqrltkctk,jxqfzxdrtbRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:25 GMT
cf-cache-status
MISS
last-modified
Wed, 30 Aug 2023 23:01:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2h9k0iPf00Kvo72Zym%2FTmwJIrmR4yt5iFp4lBymKzwJl5180v1Z2LDVFtySoK0bnsL6qvB8d4gjlk2E67CfHQeNTrr7Ol%2B3sGqGSLE2RnmgjS8ZLoDo%2BX2unq%2BZRcfSR8cOCVFLd1nuD0%2BX%2BW%2BIhKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7ff0a7d06afe4c87-HEL
content-length
0
alt-svc
h3=":443"; ma=86400
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308280101/pubads_impl.js?cb=31077496
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
23667
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-yyz4568-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YvVlV5%2B7wexTJT%2F%2FVktTg4Cjdo9o7Qa47M4MD026bkD78QENR%2BUnaqxU%2FMVRdVpg0BpNor3kXxhHitB4S79AUT8ngyB87L9MCW7uPzZXDySV05PY4senMbVwjBStNHbCd%2FaVPGxLoarVSRkY%2BCs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7ff0a7d0c94dd90e-HEL
esp.js
cdn.id5-sync.com/api/1.0/ 		119 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308280101/pubads_impl.js?cb=31077496
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 21 Aug 2023 10:48:56 GMT
server
cloudflare
x-amz-request-id
FMD5XQGCJEJ2G1MF
age
2243
etag
W/"e6744398f78bbd5138fa1a9e34f686e4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7ff0a7d10f444c79-HEL
x-amz-id-2
sHj3XSUcecw8AvI5wNonc7WdZgBkjiCxZecsy11TnZgCGXUcgk+Y+qmotJ2IxTZzXDnWx2enroU=
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308280101/pubads_impl.js?cb=31077496
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 03 Aug 2023 11:12:29 GMT
server
nginx
etag
W/"64cb8b9d-aa04"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 31 Aug 2023 23:01:25 GMT
connectId-gpt.js
connectid.analytics.yahoo.com/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connectid.analytics.yahoo.com/connectId-gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308280101/pubads_impl.js?cb=31077496
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:e00:10:dd8:5e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a5531a7467f0e324959b8c056c8ada8709116598b07d560936ff787ad7d5818b
Security Headers
Name Value
Content-Security-Policy default-src 'self'

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 22:11:30 GMT
via
1.1 e13e8f228afcbd0862f27c6ebd714878.cloudfront.net (CloudFront)
content-security-policy
default-src 'self'
x-amz-cf-pop
AMS1-C1
age
2996
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
7504
x-amz-expiration
expiry-date="Mon, 31 Jul 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified
Mon, 31 Jul 2023 15:05:44 GMT
server
AmazonS3
etag
"831ad85cf4ef2e916bda07dc20b4cc5d"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
IepVqMjTFTsj8eC5V5j6N3Y4QUDFI9YzO5DqJv5guBaOdURqoLKoyw==
ads
securepubads.g.doubleclick.net/gampad/ 		51 KB
17 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=881737239288560&correlator=687627936052075&eid=31077496%2C44782498%2C31068825&output=ldjh&gdfp_req=1&vrg=202308280101&ptt=17&impl=fifs&iu_parts=22653346938%2Cpastebin.com_vli98651&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&fsfs=1&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693436485174&lmt=1693425685&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=180&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpastebin.com%2FaR3KSyku&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=521790050.1693436484&ga_sid=1693436485&ga_hid=1223903291&ga_fc=true&dlt=1693436483123&idt=1526&prev_scp=vli_adslot%3D98651%26vli_acc%3Dvli_24%26vli_adtype%3Ddisplay%26hb_width%3D336%26hb_height%3D280%26vli_sf%3D1%26vli_slot%3Dvi_1282598651_banner%26pw_tagid%3D98651%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dpastebin.com&adks=3376066252&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308280101/pubads_impl.js?cb=31077496
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47c359fa4ca682753ad454534137b378a07a44fea8530ed97b2661e4fc50ac6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:25 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16957
x-xss-protection
0
google-lineitem-id
6000084849
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138390666271
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastebin.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
534 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNyAwZrKZA-qqMq-Pewe-artM-KtAytATZrreKRdzNwqfftkRwlNcso_YPRkjmNBYAbPMA,BBUbYMA,BAAbYZARrdzNuggustRwkjNTRmNaMUZTRleNplR_yszuNyqslt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:25 GMT
cf-cache-status
MISS
last-modified
Wed, 30 Aug 2023 23:01:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NvCj6ZLj2mfEWA6Wy6HwV3Gu8hZrNs%2FiQjhZVnE9PYHozhx%2FrKNpAKvqxKTK5hcwUrev0YTzh2iH5cBcQwKdxghIdiSMhOoYmoXYClw%2FyEiL4ML5kPDkVLrkzz1JSscGEQbMfQlffijnPIpMADePaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7ff0a7d08912d90e-HEL
content-length
0
alt-svc
h3=":443"; ma=86400
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308280101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308280101/pubads_impl.js?cb=31077496
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b7aeb0a6d829e379c2933a0ba74f90f2f19e930449b52a5660869408c5307cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11675
x-xss-protection
0
container.html
bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9FB7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308280101/pubads_impl.js?cb=31077496
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastebin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 23:01:25 GMT
expires
Thu, 29 Aug 2024 23:01:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308280101/ 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308280101/pubads_impl_page_level_ads.js?cb=31077496
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308280101/pubads_impl.js?cb=31077496
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332fe127faccfee262d5942df6721ba63712c60c5fbf6e8895689df79211146b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:39:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
44496
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13564
x-xss-protection
0
server
cafe
etag
10122007999268732976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 29 Aug 2024 10:39:49 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pastebin.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pastebin.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 30 Aug 2023 23:01:25 GMT
prebid
ib.adnxs.com/ut/v3/ 		262 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
997c1edccbce5605ebf278a7bb33190eaa1f206b713ff84203c9bd2263fdc4e5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pastebin.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:25 GMT
an-x-request-uuid
d89bc509-2957-431d-9914-1448b59d86d4
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastebin.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.204.1.182; 185.204.1.182; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
262
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg-apac.smartadserver.com/prebid/ 		171 B
554 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://pastebin.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:24 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pastebin.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2259332ce34684b18%22%3A%2266dc993edc2988c2a046%7C445x250%7Cf%3D0.01%2Cc%3Dv%2C%22%7D&ref=https%3A%2F%2Fpastebin.com%2FaR3KSyku&s=fe408b0d-324e-43fd-8a42-18f3485846a3&pv=bab23176-4fab-4a1d-9b05-b135ac564b37&vp=desktop&lib_name=prebid&lib_v=7.48.0&us=0&iqid=%7B%22pcid%22%3A%2211a22b84-3959-4d23-af44-e49a8b6bafd1%22%2C%22pcidDate%22%3A1693436484475%7D&fpd=%7B%22site%22%3A%7B%22domain%22%3A%22pastebin.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22pastebin.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fpastebin.com%2FaR3KSyku%22%2C%22name%22%3A%22pastebin.com%22%2C%22ref%22%3A%22%22%2C%22privacypolicy%22%3A0%2C%22mobile%22%3A0%7D%2C%22user%22%3A%7B%22gender%22%3A%22O%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.140%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pubpower.io%22%2C%22sid%22%3A%22888%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pastebin.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22pwatevib_xon210.3430483887%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22stype%22%3A%22ppuid%22%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220d14102b-9a50-422c-82ce-9993c0cb38ab%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.64 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
1b38d0ab727fb6cd8cac46b1055dd9578921325977e116bd7366329c87589fde
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pastebin.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:25 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-124
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://pastebin.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
1065
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastebin.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastebin.com
date
Wed, 30 Aug 2023 23:01:25 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
pbjs
useast.quantumdex.io/auction/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastebin.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastebin.com
date
Wed, 30 Aug 2023 23:01:25 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7ff0a7d09adb4c7f-HEL
access-control-allow-methods
POST, GET
unruly_prebid
targeting.unrulymedia.com/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastebin.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://pastebin.com
pragma
no-cache
date
Wed, 30 Aug 2023 23:01:25 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRmNUKUAZRzdNAtBMPKar-UPTr-PBYM-ayMY-tUTaUKyBMKUZRlmNaKAbYZARdzNwqfftkRqxeNco_TYMYZUKUAZ_TRwkjNTR_yszuNyqsltRkjmNaKAbYZA,aKAbaA,aKAbUU,aUAbaA,aZAbaA,aBAbTMA,KZAbTAA,KYMbaA,PUMbUARwlNgyzdtroq,kzwigxlt,jxqfzxdrtbRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:25 GMT
cf-cache-status
MISS
last-modified
Wed, 30 Aug 2023 23:01:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FfCc%2BLXV7ZTrytJ4jgplGG%2FPN4%2BkIzNIz78jVfNnow837t%2F9GgA6rciufEB16pmzh7TC5N2XtW%2FEJio%2BQGC7KKG24EyY9x17HGjCFvk5oTMsMuyc5jbJTGLj4nsDNxj5zNEHGAamZNT2OU8VHnp%2FGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7ff0a7d0b93fd90e-HEL
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRmNUKUAZRzdNZUBMTqKA-AUKB-PTMP-aZrM-PeTeKZarrwYBRlmNPPZbYZARdzNcortg%20gxzlzktqdRqxeNco_TYMYZUKUAZ_T_gxzlzktqdRwkjNAR_yszuNyqsltRkjmNPPZbYZARwlNgyzdtroq,ldqkzqrltkctk,lgfgwo,jxqfzxdrtb,xfkxsnRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:25 GMT
cf-cache-status
MISS
last-modified
Wed, 30 Aug 2023 23:01:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JCn%2B0%2FKj8yCUxEdEkTAki%2FBJkAtx8%2BOLZCCw8Ba3p0P81KEi%2B88U7nEpLewNxrjL3OokNdYb7EjgNKGNBew9QYHUwZ0DE5dVu8lkVCTuAbHQxEGPKYxHPoh%2BfN6J1jRVsyTPPPGROT0qt8QrVRbm4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7ff0a7d0b940d90e-HEL
content-length
0
alt-svc
h3=":443"; ma=86400
ads
securepubads.g.doubleclick.net/gampad/ 		44 KB
17 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=881737239288560&correlator=2117896307633326&eid=31077496%2C44782498%2C31068825&output=ldjh&gdfp_req=1&vrg=202308280101&ptt=17&impl=fifs&iu_parts=22653346938%2Cpastebin.com_vli77474&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90%7C468x60&ifi=2&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693436485250&lmt=1693425685&adxs=155&adys=1386&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=180&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpastebin.com%2FaR3KSyku&vis=1&psz=970x-1&msz=970x-1&fws=4&ohw=998&ga_vid=521790050.1693436484&ga_sid=1693436485&ga_hid=1223903291&ga_fc=true&dlt=1693436483123&idt=1526&prev_scp=vli_adslot%3D77474%26vli_acc%3Dvli_24%26vli_adtype%3Ddisplay%26hb_width%3D970%26hb_height%3D90%26pw_tagid%3D77474%26vli_sf%3D1%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dpastebin.com&adks=2019292162&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308280101/pubads_impl.js?cb=31077496
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a81b08ae46ab488d3c92bdb3ef9b48c32240ec53fb1e22a9e2bc016ae77bc58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:25 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17593
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastebin.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNyaatAMAM-Tawt-PeeM-aTYq-AytAPAZPMYeeRdzNwqfftkRwlNcso_YPRkjmNaKAbaA,KYMbaA,PUMbUARrdzNuggustRwkjNTRmNKKPKPRleNplR_yszuNyqslt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:25 GMT
cf-cache-status
MISS
last-modified
Wed, 30 Aug 2023 23:01:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2F9Hx1xK16gE1CKzRvFjAVOC6pAaSUEiXU%2F4kcRZg9ClhHaPXkcCr%2BWOQahI5mUc%2BG3s02ARaWFyeq4%2F0ob8GxaXnSWU49usRt3yYKRnEmwy6NmZprdRHpdnwgJbqRkAU%2BN7tPHHqdENJUB%2F6AkMGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7ff0a7d0e990d90e-HEL
content-length
0
alt-svc
h3=":443"; ma=86400
ads
securepubads.g.doubleclick.net/gampad/ 		66 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=881737239288560&correlator=144968462821177&eid=31077496%2C44782498%2C31068825&output=ldjh&gdfp_req=1&vrg=202308280101&ptt=17&impl=fifs&iu_parts=22653346938%2Cpastebin.com_vli50010&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C970x66%7C960x90%7C950x90%7C930x180%7C750x100%7C728x90%7C468x60&ifi=3&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693436485259&lmt=1693425685&adxs=155&adys=337&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=180&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpastebin.com%2FaR3KSyku&vis=1&psz=970x-1&msz=970x-1&fws=4&ohw=998&ga_vid=521790050.1693436484&ga_sid=1693436485&ga_hid=1223903291&ga_fc=true&dlt=1693436483123&idt=1526&prev_scp=vli_adslot%3D50010%26vli_acc%3Dvli_24%26vli_adtype%3Ddisplay%26hb_width%3D970%26hb_height%3D250%26pw_tagid%3D50010%26vli_sf%3D1%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dpastebin.com&adks=2170385744&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308280101/pubads_impl.js?cb=31077496
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
82b4ce65fe73d9405d67b5bd0b3a63512146e008c01a2b3ce4e7bc2844173a0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:25 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14464
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastebin.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNKyerAAZP-AZZa-PqMy-wTTr-rBqTaTyZAZyaRdzNwqfftkRwlNcso_YPRkjmNaKAbYZA,aKAbaA,aKAbUU,aUAbaA,aZAbaA,aBAbTMA,KZAbTAA,KYMbaA,PUMbUARrdzNuggustRwkjNTRmNZAATARleNplR_yszuNyqslt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:25 GMT
cf-cache-status
MISS
last-modified
Wed, 30 Aug 2023 23:01:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BoDL7DcudvN18KnOEM9WRmsegtyiUZnRBq%2FhsvXVU2RoOwlA2agtiSn%2F8vxjFoLRokXzIxV4%2FaOBKT2zc1v6Gp6wQuDOZbc6afSyL1y4iALqyLm4oiYJhnQGtbrcXZQIp0nPkgmxkIrV%2FUXHgzQPEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7ff0a7d0f997d90e-HEL
content-length
0
alt-svc
h3=":443"; ma=86400
ads
securepubads.g.doubleclick.net/gampad/ 		48 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=881737239288560&correlator=127498832798293&eid=31077496%2C44782498%2C31068825&output=ldjh&gdfp_req=1&vrg=202308280101&ptt=17&impl=fifs&iu_parts=22653346938%2Cpastebin.com_vli50013&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=4&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693436485265&lmt=1693425685&adxs=436&adys=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=180&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpastebin.com%2FaR3KSyku&vis=1&psz=1600x-1&msz=728x-1&fws=512&ohw=0&ga_vid=521790050.1693436484&ga_sid=1693436485&ga_hid=1223903291&ga_fc=true&dlt=1693436483123&idt=1526&prev_scp=vli_adslot%3D50013%26vli_acc%3Dvli_24%26vli_adtype%3Ddisplay%26hb_width%3D970%26hb_height%3D90%26pw_tagid%3D50013%26vli_sf%3D1%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dpastebin.com&adks=2732689569&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308280101/pubads_impl.js?cb=31077496
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
13cab0df552f1768ae09eba114555352e2156c6677acd146cf09fdf24e68c476
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:25 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11834
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastebin.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNByYqAUrr-PBUw-Peaw-aZTP-ayTKAYUtKrABRdzNwqfftkRwlNcso_YPRkjmNKYMbaA,aKAbaARrdzNuggustRwkjNTRmNZAATBRleNplR_yszuNyqslt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:25 GMT
cf-cache-status
MISS
last-modified
Wed, 30 Aug 2023 23:01:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UVJTB8qd3S1sjHPMkgmZvtZIHz%2FuLqIWg1G9JjRGTp5pXJps1%2BxsYvF3pvc2Xg90B0BOtPCFdYlHBjqzOyztVWLS8HH%2FzZXnzdJrjcOHfyQxdfKEMIH%2F%2BRsJSyd%2BKLbUqT4ErRssEkvyJ7azHxoL4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7ff0a7d109abd90e-HEL
content-length
0
alt-svc
h3=":443"; ma=86400
increment
id5-sync.com/api/esp/ 		0
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://pastebin.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastebin.com
date
Wed, 30 Aug 2023 23:01:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=881737239288560&correlator=252537769253464&eid=31077496%2C44782498%2C31068825&output=ldjh&gdfp_req=1&vrg=202308280101&ptt=17&impl=fifs&iu_parts=22653346938%2Cpastebin.com_vli78983&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250%7C250x250%7C200x200%7C180x150%7C160x600%7C120x600&ifi=5&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693436485377&lmt=1693425685&adxs=1159&adys=1073&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=180&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpastebin.com%2FaR3KSyku&vis=1&psz=300x-1&msz=300x-1&fws=512&ohw=0&ga_vid=521790050.1693436484&ga_sid=1693436485&ga_hid=1223903291&ga_fc=true&dlt=1693436483123&idt=1526&prev_scp=vli_adslot%3D78983%26vli_acc%3Dvli_24%26vli_adtype%3Ddisplay%26hb_width%3D300%26hb_height%3D600%26pw_tagid%3D78983%26vli_sf%3D1%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dpastebin.com&adks=658833177&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308280101/pubads_impl.js?cb=31077496
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
be0e28ff58a9be2926636e25b47f11c920060dae7621798dbe74a77df65f8599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:25 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12060
x-xss-protection
0
google-lineitem-id
6000084849
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138390666262
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastebin.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNBqrBAqMt-aaYe-Ptet-Mtqe-MwwAeyBaaYtqRdzNwqfftkRwlNcso_YPRkjmNBAAbUAA,BAAbYZA,YZAbYZA,YAAbYAA,TMAbTZA,TUAbUAA,TYAbUAARrdzNuggustRwkjNTRmNKMaMBRleNplR_yszuNyqslt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:25 GMT
cf-cache-status
MISS
last-modified
Wed, 30 Aug 2023 23:01:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FoBJkXrsmnXue22MzBCeeDtdZUW3nZu2pS7Ze%2FfEnDS8jv5V8yfB8xfQvYznB50dzDgqVyKxogrtZyBuaWifoixZjlP%2B1Bq4zwZr%2B1lt6oL10zS3ChWkAhHCJkpIYMtYHen2mBO08iusQahwSDdKbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7ff0a7d1bac3d90e-HEL
content-length
0
alt-svc
h3=":443"; ma=86400
fed
ups.analytics.yahoo.com/ups/58813/ 		2 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58813/fed?v=1&url=https%3A%2F%2Fpastebin.com%2FaR3KSyku
Requested by
Host: connectid.analytics.yahoo.com
URL: https://connectid.analytics.yahoo.com/connectId-gpt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:25 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
https://pastebin.com
content-type
application/json
access-control-allow-credentials
true
syncframe
gum.criteo.com/ Frame 8020 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=pastebin.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://pastebin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 23:01:25 GMT
server
Kestrel
server-processing-duration-in-ticks
361387
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
container.html
bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6563 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308280101/pubads_impl.js?cb=31077496
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastebin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 23:01:25 GMT
expires
Thu, 29 Aug 2024 23:01:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308280101/pubads_impl.js?cb=31077496
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 30 Aug 2023 23:01:25 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=881737239288560&correlator=4278642630055297&eid=31077496%2C44782498%2C31068825&output=ldjh&gdfp_req=1&vrg=202308280101&ptt=17&impl=fifs&iu_parts=22653346938%2Cpastebin.com_vli67605&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C970x66%7C960x90%7C950x90%7C930x180%7C750x100%7C728x90%7C468x60&ifi=6&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie=ID%3Db947d75e11fa815f%3AT%3D1693436485%3ART%3D1693436485%3AS%3DALNI_MZh1yjtBuS6ChiPRTxK7nrPdX-Ngw&gpic=UID%3D00000c6b97d6c144%3AT%3D1693436485%3ART%3D1693436485%3AS%3DALNI_MaWkMYI4LPhPNQ7AG-BlG8frFIeuQ&abxe=1&dt=1693436485513&lmt=1693425685&adxs=154&adys=1135&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=180&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpastebin.com%2FaR3KSyku&vis=1&psz=970x-1&msz=970x-1&fws=4&ohw=998&psts=AOrYGsk8in84ZQnqSXHC-O9316r55cP3WUR0TZTzWxwGJNkHvH194tqdmSfUFSnBFxxAQNwKrrf39mQvkga87ciga9yKqQ&ga_vid=521790050.1693436484&ga_sid=1693436485&ga_hid=1223903291&ga_fc=true&dlt=1693436483123&idt=1526&prev_scp=vli_adslot%3D67605%26vli_acc%3Dvli_24%26vli_adtype%3Ddisplay%26hb_width%3D970%26hb_height%3D250%26pw_tagid%3D67605%26vli_sf%3D1%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dpastebin.com&adks=71528700&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308280101/pubads_impl.js?cb=31077496
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
24b6349f296a120f3b0a1934462bb43f3b83b7eac66cc0f8bb0cc5d7cfde103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:25 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11870
x-xss-protection
0
google-lineitem-id
6000084849
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138390666289
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastebin.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNUtAMwtqt-MKYt-PePq-aPrr-UKYAPtMtTKwrRdzNwqfftkRwlNcso_YPRkjmNaKAbYZA,aKAbaA,aKAbUU,aUAbaA,aZAbaA,aBAbTMA,KZAbTAA,KYMbaA,PUMbUARrdzNuggustRwkjNTRmNUKUAZRleNplR_yszuNyqslt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:25 GMT
cf-cache-status
MISS
last-modified
Wed, 30 Aug 2023 23:01:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=URbvPFEaR6xRuAVOF0e2Jz0zfpKea7zRvgZPjeis5XwrgORfeViEtheYPxTrQxtkAnvCL5Dy%2BLLjHjXtVB5Z7FZZzVSvESXPnh5nXpZ56R6t4uSZe1BIhbidiZVBfqiBYQRF0Grv9KA4eDe2jUMa3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7ff0a7d28be1d90e-HEL
content-length
0
alt-svc
h3=":443"; ma=86400
css2
fonts.googleapis.com/ Frame 6563 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
URL: https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 30 Aug 2023 23:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 30 Aug 2023 22:18:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 30 Aug 2023 23:01:25 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame DDD1 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: pastebin.com
URL: https://pastebin.com/aR3KSyku
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 07:32:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
314912
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 26 Aug 2024 07:32:53 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame DDD1 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: pastebin.com
URL: https://pastebin.com/aR3KSyku
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
21098
x-jsd-version
1.15.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230064-FRA, cache-yyz4549-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"6658-uUC6DsKFQz3nsj0JP3lp528lwJQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CLz3luqfdgNN98IPnsOocx3T0Zmf56TWN29jLYxsbKMoOs7%2FQmyrs2Avfz4R1Sk0f7rbfCh%2FrdiyxcCb47sRvHNfwphzBYBC9Gl2ER7zyRAkX9ZNEcmAEo6R9wZ6tDYaA5t%2BL0Y0fnrXrQrFXZE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7ff0a7d2bc37d90e-HEL
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DDD1 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: pastebin.com
URL: https://pastebin.com/aR3KSyku
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693222425768293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Aug 2023 23:01:25 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230829/r20110914/elements/html/ Frame 6563 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230829/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
URL: https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 14:42:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
29945
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8570
x-xss-protection
0
server
cafe
etag
11167480076894372452
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Sep 2023 14:42:20 GMT
container.html
bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C2C7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308280101/pubads_impl.js?cb=31077496
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastebin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 23:01:25 GMT
expires
Thu, 29 Aug 2024 23:01:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cc.jpeg
px.vliplatform.com/imp-v4/ 		0
499 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/imp-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNyAPBewaK-TPKe-PMUA-qYYt-ZrAUKMTqwKqYRqxeNRwNcso_YPRhNARlmNxfrtyoftrbxfrtyoftrRdzNwqfftkRrdzNuggustRwkhNzkxtRmNZAATARleNplR_yszuNyqslt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:25 GMT
cf-cache-status
MISS
last-modified
Wed, 30 Aug 2023 23:01:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7LY67yvteAiaIdtkZXFToQdT%2FhmyjK4cHym0DEKsRGOzIiVppQ%2FGHI9znmCCo6k0WMPuNlUGBTIwZD2JxxF5kirY4Uj5P1A%2F6CxffVeK23pARcRMJEwK%2BRmGPD9RfyR0LleldYRFHr1ajmK6EASoxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7ff0a7d33ce6d90e-HEL
content-length
0
alt-svc
h3=":443"; ma=86400
container.html
bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D642 		0
0
container.html
bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BEBE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308280101/pubads_impl.js?cb=31077496
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastebin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 23:01:25 GMT
expires
Thu, 29 Aug 2024 23:01:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cc.jpeg
px.vliplatform.com/imp-v4/ 		0
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/imp-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNZYUTreqP-KaMr-PUPw-wTKq-ByBrTZBTBYMeRqxeNRwNcso_YPRhNARlmNxfrtyoftrbxfrtyoftrRdzNwqfftkRrdzNuggustRwkhNzkxtRmNKKPKPRleNplR_yszuNyqslt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:25 GMT
cf-cache-status
MISS
last-modified
Wed, 30 Aug 2023 23:01:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FXRhYiJPGpVaQITTaUW1lPNBt2LEUTlCP4lTvRnL6M57xr1oH2MFx4EkvFYlD5Nw0606Hd9EMKfyP0ejWt7uVjETku5NqmWGVnepo4f3amI49a6HXxXKTQmsakd2j27pKULrHQKX3is7Y6gDV3SuLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7ff0a7d3ad53d90e-HEL
content-length
0
alt-svc
h3=":443"; ma=86400
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012307272333000/ Frame C2C7 		222 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Requested by
Host: bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
URL: https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 19:22:21 GMT
age
99544
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62092
x-xss-protection
0
server
sffe
etag
"72571316e23440c4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 19:22:21 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame C2C7 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
URL: https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 30 Aug 2023 10:00:11 GMT
age
46874
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5267
x-xss-protection
0
server
sffe
etag
"85c6144a0af9a6d8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 29 Aug 2024 10:00:11 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame C2C7 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs
Requested by
Host: bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
URL: https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 05:50:45 GMT
age
148240
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29055
x-xss-protection
0
server
sffe
etag
"34be4077024c0aa5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 05:50:45 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame C2C7 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs
Requested by
Host: bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
URL: https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 16:22:50 GMT
age
110315
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1908
x-xss-protection
0
server
sffe
etag
"a56399b21b8bf15b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 16:22:50 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame C2C7 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs
Requested by
Host: bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
URL: https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 10:05:13 GMT
age
132972
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13018
x-xss-protection
0
server
sffe
etag
"62ea6ad255afcfa9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 10:05:13 GMT
css
fonts.googleapis.com/ Frame C2C7 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
URL: https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 30 Aug 2023 23:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 30 Aug 2023 22:01:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 30 Aug 2023 23:01:25 GMT
en_bl.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C2C7 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en_bl.png
Requested by
Host: bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
URL: https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f1343ca74e009a2949392688b30d4a9a8f7f642ae4b593c9fdc76284531b049
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 11:27:24 GMT
x-content-type-options
nosniff
server
cafe
age
41641
etag
3004170791804808702
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2980
x-xss-protection
0
expires
Thu, 31 Aug 2023 11:27:24 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C2C7 		344 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
URL: https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 12:49:12 GMT
x-content-type-options
nosniff
server
cafe
age
36733
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Thu, 31 Aug 2023 12:49:12 GMT
container.html
bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 39F5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308280101/pubads_impl.js?cb=31077496
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastebin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 23:01:25 GMT
expires
Thu, 29 Aug 2024 23:01:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cc.jpeg
px.vliplatform.com/imp-v4/ 		0
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/imp-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNAZMABKYZ-rAyM-PPAP-ayYA-wtyqYqayAreMRqxeNRwNcso_YPRhNARlmNxfrtyoftrbxfrtyoftrRdzNwqfftkRrdzNuggustRwkhNzkxtRmNZAATBRleNplR_yszuNyqslt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:25 GMT
cf-cache-status
MISS
last-modified
Wed, 30 Aug 2023 23:01:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q8EBlroF2FVwDwXwY0F%2FqrH93LF4pPoOitY%2F9J6yufxy0O38M6EDPkfo4OVk6o4S%2BGHhGw1hM1EzgRoYsVdVtMZF7aWBCzlDXx5wdwK%2Bvr%2FMhRCKgW3WzB4VK46HmMS2RtvwNCb4QsyvocBE5fB31w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7ff0a7d41dfad90e-HEL
content-length
0
alt-svc
h3=":443"; ma=86400
sid
mug.criteo.com/ Frame 8020
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=pastebin.com&sn=ChromeSyncframe&so=0&topUrl=pastebin.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=xiL5N3x4TTY2MGFNY1Q0R1RpdXV2Wks2VklMQW51L1U2TWkwOGk1aVRmMGhjWFJMK0pzM21GM1M1T2k3VXM1T0dvM2hWUGNkRXJ1aEFjcUhCQVh2Q3BYMnFmd3QvUDh2MkU4MS84MjFsT1FXTWVSNjE4eGFtV0dKbW9sUD...
428 B
660 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=xiL5N3x4TTY2MGFNY1Q0R1RpdXV2Wks2VklMQW51L1U2TWkwOGk1aVRmMGhjWFJMK0pzM21GM1M1T2k3VXM1T0dvM2hWUGNkRXJ1aEFjcUhCQVh2Q3BYMnFmd3QvUDh2MkU4MS84MjFsT1FXTWVSNjE4eGFtV0dKbW9sUDNWbHdzdTByU2dBVFBoWENaYlRrTHVlMjZ3blBYUHBTcy9IaGh4K0F0MmY2MWNZa0E2dTdXY3lIN3o2QmNVUXNJYW9odHdtbjJiRjRpd2NIbiswZVI2UnYrSTh1aTg3b3YycFpBSFUxU1hOODBDNVpiZWdLbEE2KzRjT0tNT0xFeW03aGplK0trK29oSW5PVENmRnd0a005ZzRUcm1aZz09fA&cppv=2
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d58fcea732b394fa05cd706c882fb445f5225b170f9790f8c5d88a73438b8ca6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:25 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1379070
expires
0

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:25 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=xiL5N3x4TTY2MGFNY1Q0R1RpdXV2Wks2VklMQW51L1U2TWkwOGk1aVRmMGhjWFJMK0pzM21GM1M1T2k3VXM1T0dvM2hWUGNkRXJ1aEFjcUhCQVh2Q3BYMnFmd3QvUDh2MkU4MS84MjFsT1FXTWVSNjE4eGFtV0dKbW9sUDNWbHdzdTByU2dBVFBoWENaYlRrTHVlMjZ3blBYUHBTcy9IaGh4K0F0MmY2MWNZa0E2dTdXY3lIN3o2QmNVUXNJYW9odHdtbjJiRjRpd2NIbiswZVI2UnYrSTh1aTg3b3YycFpBSFUxU1hOODBDNVpiZWdLbEE2KzRjT0tNT0xFeW03aGplK0trK29oSW5PVENmRnd0a005ZzRUcm1aZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
268822
content-length
0
expires
0
bidding
adsystem.pocpoc.io/adv/v1/ 		2 B
595 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adsystem.pocpoc.io/adv/v1/bidding?dv=desktop&dm=pastebin.com&tid=VLI1-78983&sz=1&asz=300x600&at=native,banner
Requested by
Host: dsp.vlitag.com
URL: https://dsp.vlitag.com/js/v1/adtag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fa7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:26 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UrCyRmBNQLGzxEnbmCJEZacwbrB5GLZDAnhAG6%2BwUzHY4z7OjbEt46HlAwuZ4O76Sz5Rt4P0mR1Zb85hsZYdpO1NLCf30l%2BaYWt%2Fn%2FPATpptV2O8zFVuI2Kine7ksEvM4AohxHEFZMqmXfiZ9%2B3DJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastebin.com
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7ff0a7d4bd934c7b-HEL
expires
Fri, 01 Jan 1990 00:00:00 GMT
tfa.jpeg
px.pocpoc.io/v1/ 		0
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.pocpoc.io/v1/tfa.jpeg?e=rtNrtl0zghRzdNKMaYrTtT-rKTP-PZYB-MYZY-wTqMqZUArYaMRrdNhqlztwofGegdRzorNcsoT-KMaMBRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ea7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:26 GMT
cf-cache-status
MISS
last-modified
Wed, 30 Aug 2023 23:01:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Otstarhi3uJ2G5Tw8kKo97I1sX7L3UB85ajUcQFtC8l4y17RRlthdsOGltPCl%2FbxBJ0dTu2NowP7%2F8zNPeN5Ki16kAXTPMbqeLgU5RVTnPbq4t13JwLkZTc%2FlS0oYHzMUNwIym2%2FF%2FCb5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, immutable, max-age=864000
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7ff0a7d4bd994c7b-HEL
content-length
0
alt-svc
h3=":443"; ma=86400
container.html
bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 727D 		0
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0038 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastebin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
age
537
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 22:52:28 GMT
expires
Thu, 29 Aug 2024 22:52:28 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 77EC 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
52f446ee6e09a91773def9116ceeefca04f029963b24a9599c8ffb861750f071
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Yq228c2WyM6LdY_g41zkew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pastebin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
538
content-security-policy
script-src 'report-sample' 'nonce-Yq228c2WyM6LdY_g41zkew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 23:01:25 GMT
expires
Wed, 30 Aug 2023 23:01:25 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sdk.js
adsdk.microsoft.com/native-to-display/ Frame BEBE 		83 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
URL: https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
55d62bda1c56b4ae634d447d3a1c739110c42d0c375d9a17f7b3782472a6ccd1

Request headers

Referer
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/
Origin
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 30 Aug 2023 23:01:26 GMT
content-encoding
br
last-modified
Wed, 30 Aug 2023 19:08:13 GMT
vary
Accept-Encoding
x-azure-ref
20230830T230126Z-t69mhr3tyd5ar94065gxawzu2n00000008kg00000000mz4n
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
47558c7e-c01e-006b-0778-db0d8b000000
cache-control
private, max-age=3600
x-cache
TCP_HIT
x-ms-version
2009-09-19
c.gif
www.bing.com/aes/ Frame BEBE
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=624281d0-17a3-406d-8bbe-80a80e9d2900&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=d639f089-3685-4ae9...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=33e2f0d9b9e54d91a4d4710f5974bbfe&SNR=1&GV=2&med=10
0
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=33e2f0d9b9e54d91a4d4710f5974bbfe&SNR=1&GV=2&med=10
Requested by
Host: bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
URL: https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2a02:26f0:3500:1b::1724:a39e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:26 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 71EB0B2F79864085A66BF6BFB4EC2310 Ref B: FRA31EDGE0712 Ref C: 2023-08-30T23:01:26Z
x-cdn-traceid
0.9ea12417.1693436486.15576dfb
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Wed, 30 Aug 2023 23:01:26 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C84A65B8BB6E4B5CB33A6B09F681C0A0 Ref B: MIL30EDGE1219 Ref C: 2023-08-30T23:01:26Z
x-cdn-traceid
0.9ea12417.1693436486.15576d3c
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=33e2f0d9b9e54d91a4d4710f5974bbfe&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
154
expires
0
trk.js
cdn.adnxs.com/v/s/239/ Frame BEBE 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/239/trk.js
Requested by
Host: bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
URL: https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-183.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 23:01:26 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jul 2023 11:56:12 GMT
Server
AkamaiNetStorage
ETag
"615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27646
Expires
Thu, 29 Aug 2024 23:01:26 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/ Frame BEBE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/window_focus_fy2021.js
Requested by
Host: bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
URL: https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 22:51:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
569
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Sep 2023 22:51:56 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/ Frame BEBE 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
URL: https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 14:19:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
31344
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Sep 2023 14:19:01 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame BEBE 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
URL: https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 07:32:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
314912
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 26 Aug 2024 07:32:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BEBE 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
URL: https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693222425768293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Aug 2023 23:01:25 GMT
truncated
/ Frame C2C7 		161 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame C2C7 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4a9041a1536f8484c9f0275cb095633f476d0f83c033864b8730d07edabfe82

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame C2C7 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 05:14:28 GMT
x-content-type-options
nosniff
age
64018
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Aug 2024 05:14:28 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012307272333000/ Frame 39F5 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Requested by
Host: bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
URL: https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 19:22:21 GMT
age
99544
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62092
x-xss-protection
0
server
sffe
etag
"72571316e23440c4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 19:22:21 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 39F5 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
URL: https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 30 Aug 2023 10:00:11 GMT
age
46874
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5267
x-xss-protection
0
server
sffe
etag
"85c6144a0af9a6d8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 29 Aug 2024 10:00:11 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 39F5 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs
Requested by
Host: bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
URL: https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 05:50:45 GMT
age
148240
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29055
x-xss-protection
0
server
sffe
etag
"34be4077024c0aa5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 05:50:45 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 39F5 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs
Requested by
Host: bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
URL: https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 16:22:50 GMT
age
110315
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1908
x-xss-protection
0
server
sffe
etag
"a56399b21b8bf15b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 16:22:50 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 39F5 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs
Requested by
Host: bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
URL: https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 10:05:13 GMT
age
132972
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13018
x-xss-protection
0
server
sffe
etag
"62ea6ad255afcfa9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 10:05:13 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 39F5 		344 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
URL: https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 12:49:12 GMT
x-content-type-options
nosniff
server
cafe
age
36733
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Thu, 31 Aug 2023 12:49:12 GMT
12324938043789168629
tpc.googlesyndication.com/simgad/ Frame 39F5 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12324938043789168629?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnsTZIlGnO8cQ_BnGxh4zIMTDGTuA
Requested by
Host: bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
URL: https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e89bc9e803a3b4095a12b4cec38d4746853cfba41ba89a4086d0d2d131825045
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 19:21:08 GMT
x-content-type-options
nosniff
age
358817
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21537
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 13:26:24 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 25 Aug 2024 19:21:08 GMT
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 39F5 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
URL: https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 07:06:19 GMT
x-content-type-options
nosniff
server
cafe
age
57306
etag
15880770647744369592
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2982
x-xss-protection
0
expires
Thu, 31 Aug 2023 07:06:19 GMT
truncated
/ Frame 39F5 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b75d258cfb2b76189fc5f2afbb188ee4b7bf4debbe73f52808c24ffc9516360

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js
pagead2.googlesyndication.com/bg/ Frame 0038 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
416cd946382a6f9dca08f2660e23c313a9676547451b398edca0dfcba3170a78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:29:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
117097
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14803
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Aug 2024 14:29:49 GMT
bidding
adsystem.pocpoc.io/adv/v1/ 		2 B
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adsystem.pocpoc.io/adv/v1/bidding?dv=desktop&dm=pastebin.com&tid=VLI1-67605&sz=1&asz=970x250&at=native,banner
Requested by
Host: dsp.vlitag.com
URL: https://dsp.vlitag.com/js/v1/adtag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fa7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:26 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AQ%2FK78QzwPhzm325IIMgIAqSICkqE0LsOGz0kk5Zy5LHZucSyIGn3z8b0PSMsbFd2PZzfIcS2BQWWHMyoYgXWnhkBepYBN6QBcOOlV8%2BkPo4dtsDnOMMXucL7xFEDToTJIzlBafnhFA9juds9%2FMn8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastebin.com
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7ff0a7d4ddb74c7b-HEL
expires
Fri, 01 Jan 1990 00:00:00 GMT
tfa.jpeg
px.pocpoc.io/v1/ 		0
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.pocpoc.io/v1/tfa.jpeg?e=rtNrtl0zghRzdNeAytrMMM-wPZM-PwqT-arBU-UUTArKyPKYAaRrdNhqlztwofGegdRzorNcsoT-UKUAZRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ea7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:26 GMT
cf-cache-status
MISS
last-modified
Wed, 30 Aug 2023 23:01:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lSD8uwsos9lUnGT3Rk%2B%2Bp60rHWWUEbKA7y3ZsdPAlLaGs88JD6HFC29VDDpIPaeTECo00O8VDzK%2BwUT2od0fZeFYF6Ctfdh1gJRuKTl8niPaOz4Xj7ytNwOR0szpL1q74KpG2DCDVxd0Lw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, immutable, max-age=864000
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7ff0a7d4ddb94c7b-HEL
content-length
0
alt-svc
h3=":443"; ma=86400
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame DDD1 		63 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
URL: https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e883a277132916576be85df21d216a2689dbc586d66ab57c479fcc0e155612ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 22:57:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
217
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23941
x-xss-protection
0
server
cafe
etag
17328101047726939799
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 23:57:49 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 77EC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308280101&jk=881737239288560&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
creative.min.js
static.vliplatform.com/plugins/pbnative/ 		36 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vliplatform.com/plugins/pbnative/creative.min.js?v=1.05
Requested by
Host: dsp.vlitag.com
URL: https://dsp.vlitag.com/js/v1/adtag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03a4b8eeed06bd5b9c5a4a3f160407a0417175cc2068df1a2a37b67b821c0e8c

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 29 Aug 2023 09:09:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
134555
etag
W/"64edb5d6-8eb1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZsdQAwi0Al8qGJ7CMl4gr9wjhpiGU4KC%2BJSYzTqo%2F%2B%2F9smZ1PX6G7tZYIyS2cw3%2FXDa3k4LIN2GSjfh3bbGLvcFCvWFw7EhihMOtx2L2pA4%2BXWYxYmAY6833Oon%2BF%2BfISvsigt3X1q5YJmm2pDG2WBhUUuw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7ff0a7d5c9494c87-HEL
alt-svc
h3=":443"; ma=86400
expires
Tue, 29 Aug 2023 10:08:51 GMT
csi
csi.gstatic.com/ Frame DDD1 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~llyccza7&chm=1&e=21060099&ctx=2&qqid=CJScnMG-hYEDFdGOgwcdxYMEXg&met.4=fb.8~lb.bs~ol.bx~idt.wb~dt.-a3&met.3=492.4j_1~739.bv~738.bv~749.bv_2~113.e9_5~113.ee_1~112.e7_8&met.1=1.llyccyw1~14.0~15.0~16.0~17.0~18.0~19.0~20.0~21.0~1.llyccyu0~6.0~7.0~8.0~9.0~10.0~12.1~13.1p~14.1s~15.1s~16.9j~17.9j~18.9j~19.dx~20.dx~21.dx&met.7=CBsQCBgBMAE4AQ~CBEQChgBIAgoCDCbATiTAVAIWFpgFWhbcJkBeK40gAGCMogBi70BsAEBuAED~CBsQCiAJOCc~CE0QChgBIAkoCTD4AjjvAkAJSBhQGFidAWBTaJ0BcJYCeODFA4ABtMMDiAGNpguwAQG4AQM~CCgQChgBILcDKLcDMPwDOEVotwNw8wN4sb0BgAGFuwGIAYL2A7ABAbgBAw~CBsQCBgBMEE49gNoAnA-eIkXgAHdFIgBkjCgAbf__________wGwAQG4AQM~CBIQBxgBIEcoRzCRAjjKAUBISEhQSFjKAWCFAWjLAXCRAnivB4ABgwWIAbwjoAG3__________8BqgEVChNSb2JvdG86d2dodEA0MDA7NzAwsAEBuAED~CEsQChgBIFIoUjDwATieAWijAXDmAXimRYAB-kKIAf2iAaABt___________AbABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4009:827::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:26 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
platforms
odb.outbrain.com/utils/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/platforms?contentUrl=https://pastebin.com/aR3KSyku&widgetJSId=APP_1&key=INTER1JBG3BD8Q2B763PIB4G3&idx=0&format=vjnc&cors=true&extid=vli-78983
Requested by
Host: static.vliplatform.com
URL: https://static.vliplatform.com/plugins/pbnative/creative.min.js?v=1.05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e740fafe0846a5510c7031ea581cf1547da3ca2c9fdf56b63bbf5f2d47d7ebad

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Wed, 30 Aug 2023 23:01:26 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-cache
MISS, MISS
x-traceid
2d2e15b394f6cb709d6b1decdc0b30dd
content-length
2593
x-served-by
cache-lga13620-LGA, cache-fra-eddf8230030-FRA
x-timer
S1693436486.234527,VS0,VE133
vary
Accept-Encoding, User-Agent
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pastebin.com
access-control-allow-credentials
true
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
th
www.bing.com/ Frame BEBE 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OADD2.7559505399874_1TDKBHCOKC7DGXPO7M&pid=21.2&c=3&w=200&h=105
Requested by
Host: bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
URL: https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:3500:1b::1724:a39e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5d06ee8f4e1e170d57bb74abe6e8b5f49a5ac6d37b070ee8af39807293554623

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:26 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid
0.9ea12417.1693436486.15576eb1
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
5423
alt-svc
h3=":443"; ma=93600
quic-version
0x00000001
rd_log
ams3-ib.adnxs.com/ Frame BEBE 		0
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fpastebin.com%2FaR3KSyku&e=wqT_3QLpA-jpAQAAAwDWAAUBCMWUv6cGEIKIiqStiJrLVxgAKjYJ5j0-JhgIkz8R9g0Ed-51kj8ZAAAAoHA98j8h9g0SACkRJNAxAAAAIIXrsT8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4nPUFgAEBigEDVVNEkgUG8KSYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCHWh0dHBzOi8vcGFzdGViaW4uY29tL2FSM0tTeWt1gAMAiAMBkAMAmAMJoAMBqgMAwAPYBMgDANgDjrok4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AQFx1iIBQGYBQCgBbemy9ap0J7FaMAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFgoNP-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AGwo0E2gYWChAJEhkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHnPUF0gcNFWUBJgjaBwYBXnwYAOAHAOoHAggA8AexAYoIAhAAlQgAAIA_mAgBwAjwBg..&s=12a18ad107a5cc3137584629392c08dea4f23d32&bdref=https%3A%2F%2Fpastebin.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fpastebin.com%2F,https%3A%2F%2Fbcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&
Requested by
Host: bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
URL: https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:26 GMT
an-x-request-uuid
26b21e0a-7eb2-43f7-9804-1a730928eed6
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.204.1.182; 185.204.1.182; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame C2C7
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
URL: https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Redirect headers

date
Wed, 30 Aug 2023 23:01:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 39F5
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
URL: https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Redirect headers

date
Wed, 30 Aug 2023 23:01:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ob_logo_16x16.svg
widgets.outbrain.com/images/widgetIcons/ Frame 59E6 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.svg
Requested by
Host: pastebin.com
URL: https://pastebin.com/aR3KSyku
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-67.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Fri, 29 Sep 2023 23:01:26 GMT
date
Wed, 30 Aug 2023 23:01:26 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"af7be0711fb1cf2f41bb793256c8f148:1673369412.559449"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
13687
access-control-request-headers
X-OB-STG,X-OB-PRD
achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame 59E6 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: pastebin.com
URL: https://pastebin.com/aR3KSyku
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-67.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Fri, 29 Sep 2023 23:01:26 GMT
date
Wed, 30 Aug 2023 23:01:26 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
990
access-control-request-headers
X-OB-STG,X-OB-PRD
eyJpdSI6ImE5MGM5ZTc1OWYyNTg5MjYyMTU1MDRjZjc5ODU2NzZhNmRlODEwZmEzYzI3YjUyMmIwNzU3OThhMzdmOTIyOWMiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS41LCJjaCI6LTE2ODYwMTg1MSwiY3MiOjAsImYiOjR9.webp
images.outbrainimg.com/transform/v3/ Frame 59E6 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImE5MGM5ZTc1OWYyNTg5MjYyMTU1MDRjZjc5ODU2NzZhNmRlODEwZmEzYzI3YjUyMmIwNzU3OThhMzdmOTIyOWMiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS41LCJjaCI6LTE2ODYwMTg1MSwiY3MiOjAsImYiOjR9.webp
Requested by
Host: pastebin.com
URL: https://pastebin.com/aR3KSyku
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
00a977db5aae07efccac3bd5499dcbd00c32d55e4637d7a2c41eefd3b31642e9

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:26 GMT
last-modified
Wed, 02 Aug 2023 07:41:29 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=685974
access-control-allow-credentials
false
x-traceid
eb14f93534548d0dcd38c431a096ab5a
timing-allow-origin
*, *
content-length
17996
adview
securepubads.g.doubleclick.net/pagead/ Frame C2C7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CvvRQRcrvZJX9E8Gv3gOBwr64D8fJoP1x557v99oR__WQ49cCEAEgzcOtfWCxBaAB94muqgLIAQHgAgCoAwHIAwqqBOoBT9A1ayCwMdLRjz81smTvHDiy6bEcgV1G3IWYFQHrHRhVxXdp4ziSZeHl52PVNNatmK4gJet5RH6QQQ6aG0uOG9SnypOilG39wUNtjT4KmDDAcoJEBlM2UXDEIbtdF88PeO81OjkWQgLBl45EuZ47A95cPGbtiaUB8QEGvj8AWHkYy9o5YNXQGxrTHQtVAaCbDs6zdU-TYiDo75TXe9chsHPU04FygpPCb_WKUTa57truRT3l5t2nstY_BWrTuRI4SGyyNoLjgb5w63dggj6-XpZu80SN3T1VGpp_p-ZehZ9tCsUm_eXVhJAkwATWgbj2sATgBAGIBbXx4YJMkgUECAQYAZIFBAgFGASgBmaAB_H10dUBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQtcMD0ggUCIBhEAEYHTICigI6AoBASL39wTqaCR5odHRwczovL21rZmludGVjaHBhcnRuZXJzLmNvbS-ACgHICwHaDBEKCxCQ9LHtns-Qk-ABEgIBA9gTDYgUAtAVAZgWAYAXAbIXHwodCAASFHB1Yi05MDQ3NzM3NTcyODgwNDUzGJSNgQE&sigh=j9gDjUgvQ88&uach_m=[]&ase=2&cid=CAQSSwBpAlJWR3iQ6RZ-PhscItgB3PJXgjHPVsOT2Y-HUmLKOtu7ABBev04mZRaf1XGGsOgqKmF_im4V6a0vhNh3JAd0ka-UCU6tKetRYRgB&cbvp=2
Requested by
Host: bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
URL: https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 39F5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cmqt0RcrvZOrwE5Pr3gOeo6bgDq74uado6PzW8pMPZBABIM3DrX1gsQWgAbTW950oyAECqQKhR_hnSO1DPuACAKgDAcgDCKoE8QFP0JZdaT66VTU90Ul-UkEJvJwXzenDPdzXYdshUX6SXJnERZhQGTCp32sRLPdMXoPKmMx3A97NCj7e6efTYJ3LD91GUZoUrA8dLWozTfJV3h-__jSzgp1EcDExgxj3HHPB7m840fghjGipew8JzdF5GpqUxy_OdwJTm9xgohiiqihtUKvbUdd42LOBYnMml6JUDdRX-21SwQLhnVZsmxK7c6BFu0VDfgReTcQEH6Vazg89KFA2naMr8GtMD4CCPOPHAgzqjwjeCbusB_POKcaC_MXtmiH8uglWNbzqzZ6pIWbkOEK15rN4t-QdD1Mg4yK8wATS3bT63QPgBAGIBcrU0ZE8kgUECAQYAZIFBAgFGASgBgKAB7SOyP0CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQtL4C0ggUCIBhEAEYHTICigI6AoBASL39wTqaCSxodHRwczovL3d3dy5jbWcucnMva29zYS90cmFuc3BsYW50YWNpamEta29zZYAKAcgLAdoMEQoLEPDR--GB_ebn1wESAgED2BMN0BUBgBcBshcfCh0IABIUcHViLTkwNDc3Mzc1NzI4ODA0NTMYlI2BAQ&sigh=g0NVWL3CmBI&uach_m=[]&ase=2&cid=CAQSTABpAlJWuyHUrrDHpOqz6iQ-hyFNQX7RMMGUn5p9Cm-ShYtE2OJ_CTz4n3E0CJCP4AG_jqdquav9qtH4ZRrhlj_txbN9T7spm58QDcIYAQ&cbvp=2
Requested by
Host: bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
URL: https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
log-viewability
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.outbrainimg.com/loggerServices/log-viewability?requestId=a60eeb2ce8c35c7b76534be95d777399&position=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 23:01:26 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
c1fcb19bcde159786d47fa7fc04b7fc7
Content-Length
4
Expires
0
l
mcdp-nydc1.outbrain.com/ 		2 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcdp-nydc1.outbrain.com/l?token=a60eeb2ce8c35c7b76534be95d777399_198067_1693436486321
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 23:01:26 GMT
content-encoding
br
X-TraceId
104abcca81dab2eeaf9cae04b3399e80
Content-Length
6
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
generate_204
tpc.googlesyndication.com/ Frame 0038 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?2Fwa3A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:26 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
platforms
odb.outbrain.com/utils/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/platforms?contentUrl=https://pastebin.com/aR3KSyku&widgetJSId=APP_1&key=INTER1JBG3BD8Q2B763PIB4G3&idx=1&format=vjnc&cors=true&extid=vli-67605&t=YTYwZWViMmNlOGMzNWM3Yjc2NTM0YmU5NWQ3NzczOTk=
Requested by
Host: static.vliplatform.com
URL: https://static.vliplatform.com/plugins/pbnative/creative.min.js?v=1.05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
162e8d815d4d0e60df21f948615c3bfd1158cf5e02b0ddca947ec7f05e54917f

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Wed, 30 Aug 2023 23:01:26 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-cache
MISS, MISS
x-traceid
2c8a4229f9951f2b428833ce1fd12676
content-length
1325
x-served-by
cache-lga13629-LGA, cache-fra-eddf8230030-FRA
x-timer
S1693436487.602187,VS0,VE116
vary
Accept-Encoding, User-Agent
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pastebin.com
access-control-allow-credentials
true
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
cc.jpeg
px.vliplatform.com/iv-v4/ 		0
499 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/iv-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNoc-yAPBewaK-TPKe-PMUA-qYYt-ZrAUKMTqwKqYRqxeNRwNcso_YPRlmNxfrtyoftrbxfrtyoftrRdzNwqfftkRrdzNuggustRmNZAATARleNplR_yszuNyqslt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:26 GMT
cf-cache-status
MISS
last-modified
Wed, 30 Aug 2023 23:01:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pQvFIv2OPEB7H3dyvp0z%2FnRHXNZQw%2FSHlREEW5egr1T2fGae1ocLR1fWR2d1JQHm319jNiHp5i22g9bDGQvvMlSl2VIRw3pWz%2FRN9gImgIVFQIVK0uxjK362xP6YGL6Y5%2FWlEFKCCc80MazMqdEkPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7ff0a7d93ce3d90e-HEL
content-length
0
alt-svc
h3=":443"; ma=86400
truncated
/ Frame BEBE 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fddb768ec70f8446c05d88b5d7f638344b3d874f4186f71a23a564d4403b59f2

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
vevent
ams3-ib.adnxs.com/ Frame BEBE 		0
695 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fpastebin.com%2FaR3KSyku&e=wqT_3QLsBuhsAwAAAwDWAAUBCMWUv6cGEIKIiqStiJrLVxgAKjYJ5j0-JhgIkz8R9g0Ed-51kj8ZAAAAoHA98j8h9g0SACkRJNAxAAAAIIXrsT8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4nPUFgAEBigEDVVNEkgUG8GGYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACoqgx6gIdaHR0cHM6Ly9wYXN0ZWJpbi5jb20vYVIzS1N5a3WAAwCIAwGQAwCYAwmgAwGqA4MDCpkCaA0zIHd3dy5iaW5nLgUz8F5waS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPWQ2MzlmMDg5LTM2ODUtNGFlOS04YjBhLWYyOTM5ZmEwMDkxMiZjbUV4cElkPUxWMyZvQTJFAFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4AZI5aALhydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZ9CoBcGJhZ2VieSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzYzMTEzNDY1NjQwNDg3ODIzMzgiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqT0RNME9UUTFOak14TXpRM056a2pNak16TlRJNU16azNPREkxTlRnd01nPT3AA9gEyAMA2AOOuiTgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAW3psvWqdCexWjABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWCg0_6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAARPXwAABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHnPUF0gcNCREoASYM2gcGCAUJdOAHAOoHAggA8AexAYoIAhAAlQgAAIA_mAgBwAjwBg..&s=c318ad59f4f184e7102fa61a14aa895a4dec6dc0&type=nv&nvt=5&jm=1140|1141|1003&px=0&py=0&bw=182&bh=90&sid=2129609501135043672&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=728&ph=90&ww=728&wh=90&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:26 GMT
an-x-request-uuid
d6f0b52a-aa6b-401e-89f3-0f5c7765524d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.204.1.182; 185.204.1.182; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame BEBE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CeMNcRcrvZI2oE8mUjuwP6JGL6AXS4Nfgbo-ktpOTCsCNtwEQASAAYLEFggEXY2EtcHViLTkwNDc3Mzc1NzI4ODA0NTPIAQngAgCoAwHIAwKqBOwBT9DTeoqMEU3563rxpB1rySWQmmA0JFwpzOO2goV1UJlih_2KL6sMNREzXOM15EltCiNgHGWTGfqMqKnVcNKOQ95Li0t47gu77sgIuVilPmCBRes9QFHnTjXQHj3-d5GcxAObBxt8LBKsv_2ihwJj5Coqyvi79N8yawwtPcV6MtgbHKZGlMwyORbztoB8xQw44mhjjOirqboP_zsxu9g8Kjft3HwIWTb9yLib7VVOqHqyGnfknvWCmq7IRph64YfT9yrdvqQeN9oXczBj5-x6PnncWJLMGCJJfjD1nIEOvVI1IE_olN3LhmjceMjgBAGABr-Q-8Cx4MqI4wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFx0KGxIUcHViLTkwNDc3Mzc1NzI4ODA0NTMYlI2BAQ&sigh=1H_iOCG3DYM&uach_m=[UACH]&cid=CAQSTABpAlJWwqD8QmU2sLD7Rc6trSn50cmewr4WLSrLzXOc3yLK6sb6vyISGGW5xF51lYz9LM7tCcnf8_sPzY5SQ_MwkyNro4DPla_sC6EYAQ&cbvp=2&vis=1
Requested by
Host: bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
URL: https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
it
ams3-ib.adnxs.com/ Frame BEBE 		0
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fpastebin.com%2FaR3KSyku&e=wqT_3QLsBuhsAwAAAwDWAAUBCMWUv6cGEIKIiqStiJrLVxgAKjYJ5j0-JhgIkz8R9g0Ed-51kj8ZAAAAoHA98j8h9g0SACkRJNAxAAAAIIXrsT8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4nPUFgAEBigEDVVNEkgUG8GGYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACoqgx6gIdaHR0cHM6Ly9wYXN0ZWJpbi5jb20vYVIzS1N5a3WAAwCIAwGQAwCYAwmgAwGqA4MDCpkCaA0zIHd3dy5iaW5nLgUz8F5waS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPWQ2MzlmMDg5LTM2ODUtNGFlOS04YjBhLWYyOTM5ZmEwMDkxMiZjbUV4cElkPUxWMyZvQTJFAFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4AZI5aALhydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZ9CoBcGJhZ2VieSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzYzMTEzNDY1NjQwNDg3ODIzMzgiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqT0RNME9UUTFOak14TXpRM056a2pNak16TlRJNU16azNPREkxTlRnd01nPT3AA9gEyAMA2AOOuiTgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAW3psvWqdCexWjABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWCg0_6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAARPXwAABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHnPUF0gcNCREoASYM2gcGCAUJdOAHAOoHAggA8AexAYoIAhAAlQgAAIA_mAgBwAjwBg..&s=c318ad59f4f184e7102fa61a14aa895a4dec6dc0&pp=ZO_KRQAE1A0Hg4pJAALI6L300d7LnobA4rGDMA&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgjBERcrvZI2oE8mUjuwP6JGL6AXS4Nfgbo-ktpOTCsCNtwEQASAAYLEFggEXY2EtcHViLTkwNDc3Mzc1NzI4ODA0NTPIAQngAgCoAwHIAwKqBO8BT9DTeoqMEU3563rxpB1rySWQmmA0JFwpzOO2goV1UJlih_2KL6sMNREzXOM15EltCiNgHGWTGfqMqKnVcNKOQ95Li0t47gu77sgIuVilPmCBRes9QFHnTjXQHj3-d5GcxAObBxt8LBKsv_2ihwJj5Coqyvi79N8yawwtPcV6MtgbHKZGlMwyORbztoB8xQw44mhjjOirqboP_zsxu9g8Kjft3HwIWTb9yLib7VVOqHqyGnfknvWCmq7IRph64YfT9yrdvqQeddg24fLHHYHuxA1pxstIriZqdLT8spnXH9RspPNovvHTRuk-FVwkR3HgBAGABr-Q-8Cx4MqI4wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_25cp5qIrN42UO-6I9zK6V6pzEDqg%26client%3Dca-pub-9047737572880453%26adurl%3D&cbvp=2
Requested by
Host: bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
URL: https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:26 GMT
an-x-request-uuid
551c059e-4924-4428-9296-99a469a1260c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.204.1.182; 185.204.1.182; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cc.jpeg
px.vliplatform.com/iv-v4/ 		0
499 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/iv-v4/cc.jpeg?e=rNTYMYZRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNkggzR_wktjNryhR_cktjNryhR_qdmNgfRzdNoc-AZMABKYZ-rAyM-PPAP-ayYA-wtyqYqayAreMRqxeNRwNcso_YPRlmNxfrtyoftrbxfrtyoftrRdzNwqfftkRrdzNuggustRmNZAATBRleNplR_yszuNyqslt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:27 GMT
cf-cache-status
MISS
last-modified
Wed, 30 Aug 2023 23:01:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=153KsV27qKYC44%2F8J33DFP9YR%2FUaHtjk4bknq4Ro2j56s6AEk8BYrUuriCDomA899TqyS9tm%2BJJVrv29cL2vgVZE9Tus0bv5sIdmDTpWEiWIwZE%2F92UBqaSGs46NUOR%2B4zpvVwmTRMcEKzDnL32FDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7ff0a7dba831d90e-HEL
content-length
0
alt-svc
h3=":443"; ma=86400
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308280101&jk=881737239288560&bg=!6-il6KfNAAYHwnCgJ8I7ADQBe5WfOLkMWqlLCi4mUr1TsmHW2yy2CsRo0culsqXDKTGu6Fg1a3ry_VZXzeUhMvrnWjn5AgAAAWRSAAAACWgBBwoASxHkxMiVA9q1FA6WOUZUw4ylciwC8jsaVIiOv6YLnqi_WyewIX7egtCTPRNcHX2II4Rs2muUzPqPE-fR6v4vmG4PpyAZumw2O5yO4ZkCxAAXA5EGIFgFuiIuGAxjIjcwXtNmB1zDMDx2mttIbgszq9R11GIXCRSyWEWK0Rnp9910xvXdiR6S3EPHf2KOS7OaAPD4u_WS2QPARDrXbRS_CdGExtOUhCUPH03TE5lWiW3N5lCugUa1mvLsnFMBk2sGXY54Fm4AYGbyj1ecCeQyNOmbBPBQZvROJtq_UbJrMHh6RjP78JOjtSzcC_Sx8jdVbpwtua0Pk0X5_YBb-y_7r7koKXbwA-_inDY89mTpCPbJH4AfMVkQIqKCWpRuzekcXxQVs_H-nTnxHA-KSALRK3-Qqi7TXRmh-Z6BqmFFQLWTnS7uekOGkOeF3RWTwYCUG124ecgN59hJaQTVNYAGcMYNdjemV-uGV2MAEAYM4uXWhZrFK-vTldhq1399d2EO_MI-oOBGoNlt3dByuFT8td_ZH3wHBZ8oJGHx8SyqYW22C5aZh2ZHgVLkO07RND1TjAOq1LGofS-zIvIIzVtTSZxSwwpQ7KhEpqW9KlfUN3WO0FqRELBKcSzMydX-4-noAKuohJ5BhBY_ICmGcDYJz1Z-2Erv3NZYHEhHlLV2jE3diMEb_E9rDjpW8pdI5wp-H3VdFeulxJGjF6Vhn-Ee1io0zC4BRzRDIojslspxs9slsGK7PwYJfcPYz_9ZAWCxUZILySWFrT8LJP8YofZRR21th2_zd5qbqqE9wFfSDKxtMZa1FAWskeHTe83eNHAUMY-0HaRfTIZfzaUljG918-m1Zsy1W0xNDUEs9r213k1EF2DV52dU-Xz2yPDJUmv0XbaIS7_BxJsfRg1t9QiQDbmcsmmMz1Qv7YUYOKdw2hxplKku-XDfYUnW6GECVL_w6j9ADcHDQfXoMwvVwdTfZXMALlHL-V-eJGeNNw_iuknhWPeG46Xl9zdG37e94_qoOs0cVk2V0QbCwV_ZvcPefo5E_g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame C2C7 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsss-g1gLDkzBKjvGHsAfr7YyxOa83-vmAU0nlpc1_3pXgcCsNn8KqBtwiCGAhPon8jIrLrPFLKwv7Xdth7BfKwfPfHj035DP5GcjxD8MHFl5450F1jlS3nAjjjwLonG2J0KKDhUoFH1eQ&sai=AMfl-YQ8Z3BOlTbZFCDvxNQk4mk7K5DpszzORLBS2qnHLQwpqo8E89Dnrnj-W3f6NXMlzyQWDT6Q3OM8dLrX0eKUUzAI5-A6ioQchztq38zeDfxb9LrYlNfp1BOC433PCNS-gmirO8ffL39Kcayw&sig=Cg0ArKJSzH-ei_r8T67iEAE&cid=CAQSSwBpAlJWR3iQ6RZ-PhscItgB3PJXgjHPVsOT2Y-HUmLKOtu7ABBev04mZRaf1XGGsOgqKmF_im4V6a0vhNh3JAd0ka-UCU6tKetRYRgB&id=ampim&o=0,91&d=728,90&ss=1600,1200&bs=728,90&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=810&tls=1810&g=100&h=100&tt=1810&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 39F5 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvi3PS8yvD_Ef9B3Qy3TeGPR96dcFIe66WtdhaX_XLmaPcBTvXcYiiIkecy1lDoOEeE6ognlM1U4n-AbgzYkznOW2MKH9DuKqJG0WOKyZ2696mahakBcTENuWNaWtYWJiRaODJQPQh4xw&sai=AMfl-YQglwQo0GO6asl4EVoRM6BS9Ihydd8aZF3mrhAx8ohg-R7NlpD-My633LnwonYwHE1J5wwAA1d0R1e72JfZK5jjSC2YuBVTpUyhJ-QgC3-6cWoY9vRgLpkciT3rqH4Rzg8EdX7YA_A_oW24Ag&sig=Cg0ArKJSzBAyHYd1k5xEEAE&cid=CAQSTABpAlJWuyHUrrDHpOqz6iQ-hyFNQX7RMMGUn5p9Cm-ShYtE2OJ_CTz4n3E0CJCP4AG_jqdquav9qtH4ZRrhlj_txbN9T7spm58QDcIYAQ&id=ampim&o=0,91&d=970,90&ss=1600,1200&bs=970,90&mcvt=1011&mtos=0,0,1011,1011,1011&tos=0,0,1011,0,0&tfs=687&tls=1698&g=100&h=100&tt=1698&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpastebin.com%2F&domain=pastebin.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://pastebin.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://pastebin.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 30 Aug 2023 23:01:28 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
189374
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
/
id.a-mx.com/sync/ 		66 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.a-mx.com/sync/?tagId=&ref=null&u=https://pastebin.com/aR3KSyku&tl=https://pastebin.com/aR3KSyku&nf=0&rt=true&v=7.48.0&av=2.0&vg=vlipb&us_privacy=null&am=null&gdpr=0&gdpr_consent=
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9180aa99333f10f5819a5930e04b86f2486dd7baab33118a3c6404ee8817a076

Request headers

Referer
https://pastebin.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Aug 2023 23:01:28 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5fGars5jZKuwlLjlIUEqW6cxamNlzAB%2BFLvuumQj5GGz3xOr1vsUndYx%2BOE3nmCuVW9UwO%2FiYDWAl%2BExQILYFtziM3m7uBL6Y7blqMQieQtgzDlwgVhStLrZVTdSwtrKvnPm5u5CwR%2B7Vw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://pastebin.com
access-control-allow-credentials
true
cf-ray
7ff0a7e36c214c81-HEL
alt-svc
h3=":443"; ma=86400
json
gum.criteo.com/sid/ 		2 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpastebin.com%2F&domain=pastebin.com&cw=1&pbt=1&lsw=1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://pastebin.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:27 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastebin.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
230611
expires
0
prebid
id5-sync.com/api/config/ 		135 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
919c98e15e2d018403dcd1bd6c6501a6646518001a15f399c003711fcd808f44
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://pastebin.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastebin.com
date
Wed, 30 Aug 2023 23:01:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
async_usersync.html
acdn.adnxs.com/dmp/ Frame 978C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://pastebin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
59178
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 30 Aug 2023 23:01:28 GMT
ETag
W/"623de86a-cf34"
Expires
Sat, 12 Aug 2023 06:34:33 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
311, 350297
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230061-FRA
X-Timer
S1693436488.295349,VS0,VE0
pbjs
sync.quantumdex.io/usersync/ Frame DD7F 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcc8eae121aad50b24a014f5ddf5c02f62bff6f0b7169b992ad8467408b943a8

Request headers

Referer
https://pastebin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7ff0a7e31dc24c7f-HEL
content-encoding
gzip
content-type
text/html
date
Wed, 30 Aug 2023 23:01:28 GMT
server
cloudflare
all
ssl-market-east.smrtb.com/sync/ 		0
0
occ
ups.analytics.yahoo.com/ups/58645/ 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58645/occ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
30907
tags.bluekai.com/site/ 		62 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/30907?id=da1d76b2-18a1-4c51-9d23-53bb228020e5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.153.172 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-153-172.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Wed, 30 Aug 2023 23:01:28 GMT
content-length
62
content-type
image/gif
user-sync
sync.adkernel.com/ 		0
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=183045&r=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmd%26nuid%3D%7BUID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 23:01:28 GMT
Cache-Control
no-store
Server
nginx
Connection
close
Age
0
Content-Length
0
usg.gif
sync.go.sonobi.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=ZGExZDc2YjItMThhMS00YzUxLTlkMjMtNTNiYjIyODAyMGU1
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEMeRWCRkERveJcGp_0O5qxw&google_cver=1
49 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEMeRWCRkERveJcGp_0O5qxw&google_cver=1
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:28 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-124
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEMeRWCRkERveJcGp_0O5qxw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=255&redirect=https://sync.go.sonobi.com/us.gif?nw=av&nuid=$UID
  • https://sync.go.sonobi.com/us.gif?nw=av
49 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=av
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:28 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-124
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=av
date
Wed, 30 Aug 2023 23:01:28 GMT
server
Apache-Coyote/1.1
content-length
0
ID1=da1d76b2-18a1-4c51-9d23-53bb228020e5
d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ID1=da1d76b2-18a1-4c51-9d23-53bb228020e5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:678:cb4:bbbb::13 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
usersync
match.bnmla.com/ 		0
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sonobi&ssp_user_id=${userid}
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sonobi&ssp_user_id=${userid}
  • https://sync.go.sonobi.com/us.gif?nw=f0b1844a9b&nuid=700a05bc-23d8-42c1-98b5-8b83adc400eb
49 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=f0b1844a9b&nuid=700a05bc-23d8-42c1-98b5-8b83adc400eb
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:28 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-124
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//sync.go.sonobi.com/us.gif?nw=f0b1844a9b&nuid=700a05bc-23d8-42c1-98b5-8b83adc400eb
Date
Wed, 30 Aug 2023 23:01:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://x.videobyte.com/setuid?bidder=sonobi&uid=da1d76b2-18a1-4c51-9d23-53bb228020e5&cb=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dvb%26nuid%3D%24UID
  • https://sync.go.sonobi.com/us.gif?nw=vb&nuid=cf8c59de-a379-40d2-a293-c5d9a5bc15b6
49 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=vb&nuid=cf8c59de-a379-40d2-a293-c5d9a5bc15b6
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:28 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-124
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=vb&nuid=cf8c59de-a379-40d2-a293-c5d9a5bc15b6
date
Wed, 30 Aug 2023 23:01:28 GMT
content-length
120
vary
Origin
content-type
text/html; charset=utf-8
demconf.jpg
dpm.demdex.net/
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=87880&dpuuid=da1d76b2-18a1-4c51-9d23-53bb228020e5
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=da1d76b2-18a1-4c51-9d23-53bb228020e5
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=da1d76b2-18a1-4c51-9d23-53bb228020e5
Protocol
HTTP/1.1
Server
34.254.142.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-142-64.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v050-077f06c9c.edge-irl1.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
b0ZjtbZuTGc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v050-09ffa1c7c.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
bDKbPq9oQ7M=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=da1d76b2-18a1-4c51-9d23-53bb228020e5
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5140084926952608988
49 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5140084926952608988
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:28 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-124
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5140084926952608988
Date
Wed, 30 Aug 2023 23:01:28 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=424240527290892259
49 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=424240527290892259
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:28 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-124
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:28 GMT
an-x-request-uuid
396d2589-9bab-4d37-9ea0-45618eed9d9b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=424240527290892259
x-proxy-origin
185.204.1.182; 185.204.1.182; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=d23b3493-e95c-4684-8c90-5dfa11688cf5&google_hm=ZDIzYjM0OTMtZTk1Yy00Njg0LThjOTAtNWRmYTExNjg4Y2Y1
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDn2P2y_OYZRGBe6MZ8ZY4I&google_cver=1&ssp=sonobi&bsw_param=d23b3493-e95c-4684-8c90-5dfa11688cf5
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDn2P2y_OYZRGBe6MZ8ZY4I&google_cver=1&ssp=sonobi&bsw_param=d23b3493-e95c-4684-8c90-5dfa11688cf5
Protocol
H2
Server
3.127.240.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-240-172.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDn2P2y_OYZRGBe6MZ8ZY4I&google_cver=1&ssp=sonobi&bsw_param=d23b3493-e95c-4684-8c90-5dfa11688cf5
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
359
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/ecm3?ex=sonobi.com&id=da1d76b2-18a1-4c51-9d23-53bb228020e5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sonobi
  • https://creativecdn.com/cm-notify?pi=sonobi&tc=1
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=IZAB1KhSu9MmI8Mf5yra&pi=sonobi&tc=1
49 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=IZAB1KhSu9MmI8Mf5yra&pi=sonobi&tc=1
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:28 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-124
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=IZAB1KhSu9MmI8Mf5yra&pi=sonobi&tc=1
pragma
no-cache
date
Wed, 30 Aug 2023 23:01:28 GMT, Wed, 30 Aug 2023 23:01:28 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
7318ffc0e8fa1d771446
aax-eu.amazon-adsystem.com/x/ 		47 B
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/x/7318ffc0e8fa1d771446
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 23:01:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XBJM41V0YDC1ZWHZWDA1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
text/javascript;charset=UTF-8
Connection
keep-alive
Content-Length
47
cm
us-u.openx.net/w/1.0/ 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=1be30a61-c15d-465d-b6e5-82da40df8212&r=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dopenx%26nuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:28 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
match
e.serverbid.com/udb/9969/ 		35 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dco%26nuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:28 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://pastebin.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58
generic
match.adsrvr.org/track/cmf/ 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=4d443a3ea2&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 23:01:28 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
getuid
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/getuid?redir=%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dtl%26nuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
rtset
bh.contextweb.com/bh/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=da1d76b2-18a1-4c51-9d23-53bb228020e5&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=bkJvZE9FLVdSbVRnbG9IbS1ZMFplUQ&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEKoPPM7H_SoDlIIUiZHA2bY&google_cver=1
49 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEKoPPM7H_SoDlIIUiZHA2bY&google_cver=1
Protocol
H2
Server
208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pastebin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
fi-FI
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-fh96x
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEKoPPM7H_SoDlIIUiZHA2bY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
d610287a0f05f5dfa5e8bc8ad786f5755467dccb9067876cb7261782eda6060a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://pastebin.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastebin.com
date
Wed, 30 Aug 2023 23:01:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
pixel
ap.lijit.com/ Frame DD7F 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 30 Aug 2023 23:01:28 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
setuid
sync.quantumdex.io/ Frame DD7F
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1&rts=3476257367284379616
  • https://sync.quantumdex.io/setuid?bidder=between&uid=b7fe8a0a-186c-52f3-b9b7-907fdd585a37
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=b7fe8a0a-186c-52f3-b9b7-907fdd585a37
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7ff0a7e5c8f44c7f-HEL
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=b7fe8a0a-186c-52f3-b9b7-907fdd585a37
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame DD7F
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-cea27d48-e082-3e52-91da-12c4fe24bb16
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-cea27d48-e082-3e52-91da-12c4fe24bb16
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7ff0a7e699e14c7f-HEL
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-cea27d48-e082-3e52-91da-12c4fe24bb16
pragma
no-cache
date
Wed, 30 Aug 2023 23:01:28 GMT
cache-control
no-store
content-length
0
expires
0
setuid
sync.quantumdex.io/ Frame DD7F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=424240527290892259
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=424240527290892259
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7ff0a7e44f394c7f-HEL
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:28 GMT
an-x-request-uuid
ed8810ab-7382-4051-805f-7bb33b208b2c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=424240527290892259
x-proxy-origin
185.204.1.182; 185.204.1.182; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
0.gif
id5-sync.com/i/495/ Frame DD7F 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Wed, 30 Aug 2023 23:01:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
/
s.ad.smaato.net/c/ Frame DD7F 		0
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25e8:ba00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:00:43 GMT
via
1.1 ff78b299270b99e41cda1a1252610524.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
AMS1-P3
age
45
x-cache
Hit from cloudfront
cache-control
no-cache, must-revalidate
x-amz-cf-id
_d_ig2vszGRF5X2GzzfW_8h2aJYIIE9YYCv6F3WhSeynZNm_WZpRQQ==
v1
match.sharethrough.com/FGMrCMMc/ Frame DD7F 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.78.17.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-78-17-163.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:28 GMT
usermatch
ssum-sec.casalemedia.com/ Frame C6C6
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
069463cfd3992703de4e91875500ad5b526f6ced3f8292ed128dbee27e0f8baa

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1752
Content-Type
text/html
Date
Wed, 30 Aug 2023 23:01:28 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Wed, 30 Aug 2023 23:01:28 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A516 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=171258
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 30 Aug 2023 23:01:28 GMT
expires
Fri, 01 Sep 2023 22:35:46 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame B590
Redirect Chain
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
a3891516eac37b544defce025a602d15f0a2abeb9355916e93c0a08facc48fef

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1283
content-type
text/html; charset=utf-8
date
Wed, 30 Aug 2023 23:01:28 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Wed, 30 Aug 2023 23:01:28 GMT
location
/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
onetag-sys.com/usync/ Frame 1B4A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
setuid
sync.quantumdex.io/ Frame FAF2
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
43 B
94 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7ff0a7e558724c7f-HEL
content-length
43
content-type
image/gif
date
Wed, 30 Aug 2023 23:01:28 GMT
server
cloudflare

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Wed, 30 Aug 2023 23:01:28 GMT
etag
OPTOUT
expires
0
location
https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
pragma
no-cache
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 3CFA 		0
368 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
44.194.237.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-237-52.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://sync.quantumdex.io/
content-length
0
content-type
text/html
date
Wed, 30 Aug 2023 23:01:28 GMT
server
istio-envoy
x-envoy-upstream-service-time
0
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
async_usersync
ib.adnxs.com/ Frame 978C 		0
594 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:28 GMT
an-x-request-uuid
f76207c2-bdb8-4b7c-b254-6cc5f86a23f8
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
185.204.1.182; 185.204.1.182; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
696.json
id5-sync.com/g/v2/ 		276 B
683 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/696.json
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
1c7c702f9e4dd44489b85ebde8d59607abc374614785d1a2eb64375a12586850
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://pastebin.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastebin.com
date
Wed, 30 Aug 2023 23:01:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
generic
match.adsrvr.org/track/cmf/ Frame B590 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 23:01:28 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ebda
eb2.3lift.com/ Frame B590
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDMzNzcyOTUzMDczMjAxNzkyNDk1OA%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame B590
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEP2FtfflOPBAS3l9hjK9Zl4&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEP2FtfflOPBAS3l9hjK9Zl4&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 30 Aug 2023 23:01:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEP2FtfflOPBAS3l9hjK9Zl4&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B590
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDMzNzcyOTUzMDczMjAxNzkyNDk1OA%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDMzNzcyOTUzMDczMjAxNzkyNDk1OA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDMzNzcyOTUzMDczMjAxNzkyNDk1OA%3D%3D
date
Wed, 30 Aug 2023 23:01:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame B590 		0
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4337729530732017924958&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:28 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: F51FDAD8C5DD4DE8B635D2A35274C4AA Ref B: FRAEDGE2015 Ref C: 2023-08-30T23:01:28Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYEK+hdP9fUTDJEqSjlfw==
sync
x.bidswitch.net/ Frame B590
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=4337729530732017924958&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=4337729530732017924958&gdpr=0&gdpr_consent=
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&bsw_user_id=${BSW_USER_UD}&bsw_param=26581def-b290-4fba-a25b-93979ddde889&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=triplelift&bsw_param=26581def-b290-4fba-a25b-93979ddde889
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=triplelift&bsw_param=26581def-b290-4fba-a25b-93979ddde889
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
3.127.240.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-240-172.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=triplelift&bsw_param=26581def-b290-4fba-a25b-93979ddde889
date
Wed, 30 Aug 2023 23:01:28 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
4337729530732017924958
pr-bh.ybp.yahoo.com/sync/triplelift/ Frame B590 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/triplelift/4337729530732017924958?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:f821:c088:dfda:b5f7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
c.gif
c.bing.com/ Frame B590 		42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=4337729530732017924958&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:28 GMT
last-modified
Wed, 30 Aug 2023 19:01:41 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3245CBD86D714AAF972C7E432B915E36 Ref B: FRAEDGE1706 Ref C: 2023-08-30T23:01:28Z
etag
"8d59566974dbd91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame B590
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40...
  • https://eb2.3lift.com/xuid?mid=2711&xuid=b2855a24-9742-468b-b635-9a8abac993bc&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=b2855a24-9742-468b-b635-9a8abac993bc&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 30 Aug 2023 23:01:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:28 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://eb2.3lift.com/xuid?mid=2711&xuid=b2855a24-9742-468b-b635-9a8abac993bc&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
747093
content-length
0
expires
Wed, 30 Aug 2023 00:00:00 GMT
xuid
eb2.3lift.com/ Frame B590
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=424240527290892259&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=424240527290892259&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 30 Aug 2023 23:01:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:28 GMT
an-x-request-uuid
e47cec1e-6eb8-4247-89e5-6dd2f7583c2f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=424240527290892259&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
185.204.1.182; 185.204.1.182; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame A516 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=6678414&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
a74997f0155844938773df077bcc37a8ae3af5227a6b2f3505c1daeb13ee0dd6

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 23:01:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dcm
s.amazon-adsystem.com/ Frame C6C6
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZO_KSLGSBrnJCrP3qXO8RQAAFDEAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZO_KSLGSBrnJCrP3qXO8RQAAFDEAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZO_KSLGSBrnJCrP3qXO8RQAAFDEAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 23:01:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YSGPHY5PQN4P8C6Y9GZ5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 23:01:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
F81NAJJFT76PY4Q9NS09
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZO_KSLGSBrnJCrP3qXO8RQAAFDEAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame C6C6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZO_KSLGSBrnJCrP3qXO8RQAAFDEAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHi1iOokUd8buoAL4oMjXBA&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHi1iOokUd8buoAL4oMjXBA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 23:01:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHi1iOokUd8buoAL4oMjXBA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame C6C6
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZO-KSLGSBrnJCrP3qXO8RQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIDO4MrjqYPBWQt8buyYFrk&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIDO4MrjqYPBWQt8buyYFrk&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 23:01:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIDO4MrjqYPBWQt8buyYFrk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame C6C6 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 23:01:28 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame C6C6
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 23:01:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
date
Wed, 30 Aug 2023 23:01:28 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
content-type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame C6C6
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHdvk7J35UAACUX7sfYQQ&expiration=1694646088
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHdvk7J35UAACUX7sfYQQ&expiration=1694646088
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 23:01:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHdvk7J35UAACUX7sfYQQ&expiration=1694646088
Date
Wed, 30 Aug 2023 23:01:28 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame C6C6
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZO-KSLGSBrnJCrP3qXO8RQAA%265169&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=8b5de979-58cf-49a3-b1c5-11305f147971-tuctbe94fc8
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=8b5de979-58cf-49a3-b1c5-11305f147971-tuctbe94fc8
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 23:01:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=8b5de979-58cf-49a3-b1c5-11305f147971-tuctbe94fc8
date
Wed, 30 Aug 2023 23:01:28 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
53785
rum
dsum-sec.casalemedia.com/ Frame C6C6
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=su6g2ue78YSpuPCMsu7ojLS89omp7_OPvezTlj8r
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=su6g2ue78YSpuPCMsu7ojLS89omp7_OPvezTlj8r
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 23:01:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:28 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=su6g2ue78YSpuPCMsu7ojLS89omp7_OPvezTlj8r
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
setuid
sync.quantumdex.io/ Frame C6C6 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=ZO_KSLGSBrnJCrP3qXO8RQAAFDEAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7ff0a7e5c8e94c7f-HEL
content-length
43
content-type
image/gif
Pug
simage2.pubmatic.com/AdServer/ Frame 97F6
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 23:01:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 23:01:28 GMT
expires
Wed, 30 Aug 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1088811
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 876B
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=FCBC7E92-1BAA-4636-BFFD-6B27971BE08F&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=FCBC7E92-1BAA-4636-BFFD-6B27971BE08F&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=FCBC7E92-1BAA-4636-BFFD-6B27971BE08F&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 30 Aug 2023 23:01:29 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
NBQK99RX0CCDRDP917M3

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Wed, 30 Aug 2023 23:01:28 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=FCBC7E92-1BAA-4636-BFFD-6B27971BE08F&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
8HX2WM62ADGQ0AJAGHPG
Pug
image2.pubmatic.com/AdServer/ Frame 5D91
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=DK77zVn7qpMX-PqZDK2zmgr5q80XrazNC_8p977w
42 B
420 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=DK77zVn7qpMX-PqZDK2zmgr5q80XrazNC_8p977w
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 23:01:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Wed, 30 Aug 2023 23:01:28 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=DK77zVn7qpMX-PqZDK2zmgr5q80XrazNC_8p977w
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
setuid
sync.quantumdex.io/ Frame 2BAD 		43 B
94 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=FCBC7E92-1BAA-4636-BFFD-6B27971BE08F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7ff0a7e6ca194c7f-HEL
content-length
43
content-type
image/gif
date
Wed, 30 Aug 2023 23:01:28 GMT
server
cloudflare
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A516
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_Lx-khuqRja__Wsnlxvgjw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:28 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=171258
accept-ranges
bytes
content-length
5606
expires
Fri, 01 Sep 2023 22:35:46 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame A516 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=FCBC7E92-1BAA-4636-BFFD-6B27971BE08F&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.126.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-126-23.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:28 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.7.94
content-length
49
expires
0
cr
cr.frontend.weborama.fr/ Frame A516
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=416317473
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=416317473
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Server
34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.129.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:28 GMT
via
1.1 google
last-modified
Wed, 30 Aug 2023 23:01:28 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:28 GMT
via
1.1 google
last-modified
Wed, 30 Aug 2023 23:01:28 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=416317473
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
p
a.audrte.com/ Frame A516
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=FCBC7E92-1BAA-4636-BFFD-6B27971BE08F
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=aWdla2c5NHQtenZTd2lQUGdpemlLTFNZUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=8656571498206142987&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
HTTP/1.1
Server
44.209.220.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-220-96.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 23:01:29 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 30 Aug 2023 23:01:29 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame A516
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkNCQzdFOTItMUJBQS00NjM2LUJGRkQtNkIyNzk3MUJFMDhG&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 23:01:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame A516
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEH8VRbqsYTXAnvti_3Yxmoo&google_cver=1
42 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEH8VRbqsYTXAnvti_3Yxmoo&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 23:01:26 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEH8VRbqsYTXAnvti_3Yxmoo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame A516 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:28 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 29 Aug 2023 23:01:28 GMT
generic
match.adsrvr.org/track/cmf/ Frame A516 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 23:01:28 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame A516
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8656571498206142987
42 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8656571498206142987
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 23:01:28 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8656571498206142987
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
FCBC7E92-1BAA-4636-BFFD-6B27971BE08F
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame A516 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/FCBC7E92-1BAA-4636-BFFD-6B27971BE08F?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:f821:c088:dfda:b5f7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58292/ Frame A516 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=FCBC7E92-1BAA-4636-BFFD-6B27971BE08F&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
async_usersync
ib.adnxs.com/ Frame 978C 		0
594 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:29 GMT
an-x-request-uuid
05a196f5-a221-42d6-8712-15e5b72c667b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
185.204.1.182; 185.204.1.182; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame A516 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:30 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame A516 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=65271980&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
b8736c6f3fa8a333ada54fa1a1a23521472cd1ffe1934ba0ce7c217dbba4ac8a

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 30 Aug 2023 23:01:30 GMT
content-length
2046
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 53DE 		35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=FCBC7E92-1BAA-4636-BFFD-6B27971BE08F&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.232 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Wed, 30 Aug 2023 23:01:40 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame B884
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=424240527290892259&gdpr=0&gdpr_consent=
42 B
295 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=424240527290892259&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 23:01:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
f3078e76-e393-4a9a-834a-2a29ab9b120e
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 30 Aug 2023 23:01:31 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=424240527290892259&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
185.204.1.182; 185.204.1.182; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 0694
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7273254346710579352&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7273254346710579352&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 23:01:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Wed, 30 Aug 2023 23:01:31 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7273254346710579352&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 0B6D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=fIJozsKJUHtfNylUxC2Yl7nMAbY&gdpr=0&gdpr_consent=
42 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=fIJozsKJUHtfNylUxC2Yl7nMAbY&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 23:01:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Wed, 30 Aug 2023 23:01:32 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=fIJozsKJUHtfNylUxC2Yl7nMAbY&gdpr=0&gdpr_consent=
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 5561
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
259 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZO-KSwAAAeVJGwA4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Wed, 30 Aug 2023 23:01:32 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230029-FRA
x-timer
S1693436492.212921,VS0,VE93

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Wed, 30 Aug 2023 23:01:31 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZO-KSwAAAeVJGwA4
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230029-FRA
x-timer
S1693436492.874978,VS0,VE93
Pug
image2.pubmatic.com/AdServer/ Frame 5D01
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUad89c3b983ec46c4b8914f44f87a4c0a
42 B
323 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUad89c3b983ec46c4b8914f44f87a4c0a
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 23:01:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Wed, 30 Aug 2023 23:01:31 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUad89c3b983ec46c4b8914f44f87a4c0a
pragma
no-cache
server
Tengine
cookie-sync
match.prod.bidr.io/ Frame 5775
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFIZHZrN0ozNVVBQUNVWDdzZllRUQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAHdvk7J35UAACUX7sfYQQ&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=7762118876420507108&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AAHdvk7J35UAACUX7sfYQQ&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D7762118876420507108%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=7762118876420507108&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAHdvk7...
0
0
setuid
sync.quantumdex.io/ Frame 9B03 		43 B
117 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=FCBC7E92-1BAA-4636-BFFD-6B27971BE08F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7ff0a7f94e7b4c7f-HEL
content-length
43
content-type
image/gif
date
Wed, 30 Aug 2023 23:01:31 GMT
server
cloudflare
mw
mwzeom.zeotap.com/ Frame A516 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=FCBC7E92-1BAA-4636-BFFD-6B27971BE08F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:31 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7ff0a7f9ac5dd967-HEL
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame A516
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=FCBC7E92-1BAA-4636-BFFD-6B27971BE08F&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=FCBC7E92-1BAA-4636-BFFD-6B27971BE08F&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=FCBC7E92-1BAA-4636-BFFD-6B27971BE08F&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.51.122 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:45 GMT
frontend-id
7
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:45 GMT
frontend-id
1
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=FCBC7E92-1BAA-4636-BFFD-6B27971BE08F&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame A516
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=FCBC7E92-1BAA-4636-BFFD-6B27971BE08F&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=d5079c8d1e37a0bd/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Protocol
H2
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 23:01:32 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length
0
sync
x.bidswitch.net/ Frame A516
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5140084926952608988&expires=30&ssp=pubmatic
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=119&user_id=5140084926952608988&expires=30&ssp=pubmatic
Protocol
H2
Server
3.127.240.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-240-172.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:01:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

Location
https://x.bidswitch.net/sync?dsp_id=119&user_id=5140084926952608988&expires=30&ssp=pubmatic
Date
Wed, 30 Aug 2023 23:01:31 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
current
pubmatic-match.dotomi.com/match/bounce/ Frame A516 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=FCBC7E92-1BAA-4636-BFFD-6B27971BE08F&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 23:01:32 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame A516
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4457718765592940340&gdpr=0&gdpr_consent=&us_privacy=
1 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4457718765592940340&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 30 Aug 2023 23:01:32 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4457718765592940340&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 30 Aug 2023 23:01:31 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame A516
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:9368e341-7280-482d-80a4-39648b4fe900&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:9368e341-7280-482d-80a4-39648b4fe900&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 23:01:32 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:9368e341-7280-482d-80a4-39648b4fe900&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Wed, 30 Aug 2023 23:01:32 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
URL
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Domain
bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
URL
https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Domain
ssl-market-east.smrtb.com
URL
https://ssl-market-east.smrtb.com/sync/all?nid=2TUXLJJcKa0vKWTmtdAr&rr=https%253A%252F%252Fsync.go.sonobi.com%252Fus.gif%253Fnw%253Dsr%2526nuid%253D%7BXID%7D
Domain
match.bnmla.com
URL
https://match.bnmla.com/usersync?sspid=10084&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Den%26nuid%3D[UUID]
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=7762118876420507108&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAHdvk7J35UAACUX7sfYQQ&pid=558502&do=add&gdpr=0

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| documentPictureInPicture function| gtag object| dataLayer object| vitag function| $ function| jQuery object| yii object| webpackJsonp object| regeneratorRuntime object| _PBCFG string| tagApi object| viAPItag object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| pbTag function| getEidsByVLI object| ppocTag string| nativeAPI string| pbTagAPI object| ppocAPITag object| pbAPITag object| observeElementInViewport boolean| _clntTracking object| $sf object| vlipbChunk object| vlipb object| _pbjsGlobals object| ADAGIO object| mnet string| nobidVersion object| nobid object| _aps boolean| apstagLOADED object| apstag object| googletag object| ggeac object| google_js_reporting_queue object| apscustom undefined| google_measure_js_timing object| sas object| apntag object| _ADAGIO object| google_reactive_ads_global_state number| google_unique_id object| pbjs function| setImmediate function| clearImmediate object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_140 object| Criteo object| Criteo_identitytag_140 object| GoogleGcLKhOms object| pbnTag string| pbnAPI object| pbnAPItag object| google_image_requests

91 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQmda4xaQxCgoI4gEQmda4xaQxCgoItAIQmda4xaQxCgoI5gEQmda4xaQxCgoIhwIQmda4xaQxCgkICRCZ1rjFpDEKCQg6EJnWuMWkMQoKCIwCEJnWuMWkMQoJCF8Qmda4xaQxCgkIHxCZ1rjFpDE=
pastebin.com/ Name: _csrf-frontend
Value: 03e8316c59db30136cb829cf44ed4bf13ca7481147a64a2081cb0fe28947f3cea%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22zPYcod8EHd_hGU5MfuGsh4cGDPMY6X5R%22%3B%7D
.pastebin.com/ Name: _ga_S72LBY47R8
Value: GS1.1.1693436483.1.0.1693436483.0.0.0
.pastebin.com/ Name: _ga
Value: GA1.1.521790050.1693436484
pastebin.com/ Name: __ppIdCC
Value: pwatevib_xon210.3430483887
pastebin.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.pastebin.com/ Name: sharedid
Value: 0d14102b-9a50-422c-82ce-9993c0cb38ab
.script.ac/ Name: __cf_bm
Value: LjT_tHdXOnHWN_qAXnl4_aY0gQ5sTYbwUr4xldgSa10-1693436484-0-Ab4fyxxqbwteGEcu4N55hH3e0mxhHfeuHmTkaUFJIgQ24rh+voIzDIEqGFE4nrZOa+wr4au+98IBRuYXCN5qCr8=
.quantumdex.io/ Name: uid
Value: c8fdaff6-d39a-4486-82d3-1e9a7f044642
.go.sonobi.com/ Name: __uis
Value: da1d76b2-18a1-4c51-9d23-53bb228020e5
.go.sonobi.com/ Name: _usd_pastebin.com
Value: bab23176-4fab-4a1d-9b05-b135ac564b37
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: __uin_ex
Value: 1
.go.sonobi.com/ Name: __uir_ex
Value: 20901684
.go.sonobi.com/ Name: __uin_a9
Value: 1
.go.sonobi.com/ Name: __uir_a9
Value: 20901684
.go.sonobi.com/ Name: __uin_z1
Value: 1
.go.sonobi.com/ Name: __uir_z1
Value: 20901684
.adnxs.com/ Name: uuid2
Value: 424240527290892259
.adnxs.com/ Name: icu
Value: ChgI1YVfEAoYAiACKAIwxZS_pwY4AkACSAIQxZS_pwYYAQ..
.go.sonobi.com/ Name: HAPLB8G
Value: s85124|ZO/KS
.pastebin.com/ Name: connectId
Value: {"lastUsed":1693436485620,"lastSynced":1693436485620}
.doubleclick.net/ Name: IDE
Value: AHWqTUkl-QdzNKufEvdmcNipaRFM-TMcDrIP86-NwC8Z3MC6vDStT3I-Pd_Rj7yWid0
.criteo.com/ Name: uid
Value: b2855a24-9742-468b-b635-9a8abac993bc
.pastebin.com/ Name: __gads
Value: ID=a78d114c6549a519:T=1693436485:RT=1693436485:S=ALNI_Masbje_M56RlkiCnXazzq65ueWbpg
.pastebin.com/ Name: __gpi
Value: UID=00000c6b97579b50:T=1693436485:RT=1693436485:S=ALNI_MY73tYWLaBBpmD8qykzZ8BnpjyExw
.pastebin.com/ Name: cto_bundle
Value: Dx7Z1F9XbmRCbEE4VDA0RWkzUUptcGM5Z0RJT0ZDQmhRcGpteUFJUGQ4cmFIdTI0SmpEMG1XUWhIN1lkMzB4UlJhWHNLM3BObENoQSUyRiUyQjFHSlJCRGQlMkJxTXF2TjJyVklzY0ptQ0VoJTJCVmVMazU1SzdkOG42UnBKTEd6U1JqUUNTQm9zYWklMkIzQU5UJTJGMzRNaTIwMWh6ejB0TW12NmclM0QlM0Q
.bing.com/ Name: MUID
Value: 0A6062C747B863E5037171BA46656286
.doubleclick.net/ Name: DSID
Value: NO_DATA
.turn.com/ Name: uid
Value: 4457718765592940340
.3lift.com/ Name: tluid
Value: 4337729530732017924958
.demdex.net/ Name: demdex
Value: 70317096238498624113794931998630802520
.bluekai.com/ Name: bku
Value: rlQ99WMvftxF2M6u
.bluekai.com/ Name: bkpa
Value: KJy91ye1d02pSUHknp1ymE9lwtkAwVHC1VxlBZ/0nEWTREW+Bs1N1u68je/pnEDpRZ/01MQy1MOkBx19qCGBUx==
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: b7fe8a0a-186c-52f3-b9b7-907fdd585a37
.betweendigital.com/ Name: ss
Value: 1
.casalemedia.com/ Name: CMID
Value: ZO-KSLGSBrnJCrP3qXO8RQAA
.casalemedia.com/ Name: CMPS
Value: 5169
.casalemedia.com/ Name: CMPRO
Value: 5169
.ads.pubmatic.com/ Name: KCCH
Value: YES
.dpm.demdex.net/ Name: dpm
Value: 70317096238498624113794931998630802520
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.betweendigital.com/ Name: ut
Value: ZO_KSAAIbECtD0WxpJsNB2HI40l2Dl4d5yNa_g==
x.videobyte.com/ Name: vbxuid
Value: cf8c59de-a379-40d2-a293-c5d9a5bc15b6
.bidswitch.net/ Name: c
Value: 1693436488
.bidswitch.net/ Name: tuuid_lu
Value: 1693436488
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MrM0NTIzsLC0sBDiM9T1zE1MdDO3iA_LcQ0GAJmaOiclAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1slymtoZmlsYmxmYmFhamEMAI8UK2AQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MrM0NTIzsLC0sBDiM9T1zE1MdDO3iA_LcQ0GAJmaOiclAAAA
.bidswitch.net/ Name: tuuid
Value: d23b3493-e95c-4684-8c90-5dfa11688cf5
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-cea27d48-e082-3e52-91da-12c4fe24bb16
.mfadsrvr.com/ Name: tuuid
Value: 700a05bc-23d8-42c1-98b5-8b83adc400eb
.mfadsrvr.com/ Name: c
Value: 1693436488
.mfadsrvr.com/ Name: tuuid_lu
Value: 1693436488
.creativecdn.com/ Name: u
Value: IZAB1KhSu9MmI8Mf5yra
.creativecdn.com/ Name: ts
Value: 1693436488
.pubmatic.com/ Name: KADUSERCOOKIE
Value: FCBC7E92-1BAA-4636-BFFD-6B27971BE08F
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 0:2
.pubmatic.com/ Name: DPSync3
Value: 1694563200%3A201_245_241_235
.pubmatic.com/ Name: SyncRTB3
Value: 1694563200%3A8_71_220_13_54_56_21_251%7C1694649600%3A35%7C1693958400%3A223
.c.bing.com/ Name: MR
Value: 0
.mfadsrvr.com/ Name: ssh
Value: !sonobi,1693436488
.quantserve.com/ Name: d
Value: EIMBCwHqKfijAA
.quantserve.com/ Name: mc
Value: 64efca48-bd267-10c5f-72f1e
.weborama.fr/ Name: AFFICHE_W
Value: Evngvvq2TR8S16
.linkedin.com/ Name: bcookie
Value: "v=2&6cbffe39-dfa4-44d9-820d-f47c5021d3bf"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTM0MzY0ODg7MjswMjHHnUKdzSfQQWPmnZs4qZQxCdLl/5+jhcUtj1mn1LNB2Q==
.linkedin.com/ Name: lidc
Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2580:u=1:x=1:i=1693436488:t=1693522888:v=2:sig=AQGfd0P_hEHT60QhgriQL-sGzvVgokHS"
.adform.net/ Name: C
Value: 1
.simpli.fi/ Name: suid
Value: 45CDF0644E8A43A481A9CD8FF6358EC7
.adform.net/ Name: uid
Value: 8656571498206142987
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 6cdd5cbc8441db71
.bidr.io/ Name: bito
Value: AAHdvk7J35UAACUX7sfYQQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEH8VRbqsYTXAnvti_3Yxmoo&KRTB&23025-CAESEH8VRbqsYTXAnvti_3Yxmoo&KRTB&23386-CAESEH8VRbqsYTXAnvti_3Yxmoo
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-DK77zVn7qpMX-PqZDK2zmgr5q80XrazNC_8p977w&KRTB&19420-DK77zVn7qpMX-PqZDK2zmgr5q80XrazNC_8p977w&KRTB&22979-DK77zVn7qpMX-PqZDK2zmgr5q80XrazNC_8p977w&KRTB&23403-DK77zVn7qpMX-PqZDK2zmgr5q80XrazNC_8p977w
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-8656571498206142987&KRTB&23263-8656571498206142987&KRTB&23481-8656571498206142987
.pubmatic.com/ Name: PugT
Value: 1693436488
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: A63LHEy5zU1Vut828I5PQYM
.audrte.com/ Name: arcki2
Value: igekg94t-zvSwiPPgiziKLSYQ!20220908!1693436489239!ip#185.204.1.182
.audrte.com/ Name: arcki2_pubmatic
Value: FCBC7E92-1BAA-4636-BFFD-6B27971BE08F!20220908!1693436489242
.audrte.com/ Name: arcki2_ddp2
Value: igekg94t-zvSwiPPgiziKLSYQ!20220908!1693436489465
.audrte.com/ Name: arcki2_adform
Value: 8656571498206142987!20220908!1693436489691

6 Console Messages

Source Level URL
Text
deprecation warning URL: https://script.4dex.io/localstore.js
Message:
Listener added for a synchronous 'DOMNodeRemoved' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
security error URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js(Line 3)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://pastebin.com') does not match the recipient window's origin ('https://bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com').
network error URL: https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ID1=da1d76b2-18a1-4c51-9d23-53bb228020e5
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://match.bnmla.com/usersync?sspid=10084&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Den%26nuid%3D[UUID]
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://aax-eu.amazon-adsystem.com/ecm3?ex=sonobi.com&id=da1d76b2-18a1-4c51-9d23-53bb228020e5
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=FCBC7E92-1BAA-4636-BFFD-6B27971BE08F&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.teads.tv
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ads.betweendigital.com
ads.pubmatic.com
adsdk.microsoft.com
adsystem.pocpoc.io
ams3-ib.adnxs.com
ap.lijit.com
apex.go.sonobi.com
assets.vlitag.com
bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
bh.contextweb.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
cadmus.script.ac
cdn.adnxs.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cm.g.doubleclick.net
cms.quantserve.com
connectid.analytics.yahoo.com
cr.frontend.weborama.fr
creativecdn.com
crypto.refund.gift
cs-server-s2s.yellowblue.io
csi.gstatic.com
d.turn.com
dis.criteo.com
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsp.vlitag.com
dsum-sec.casalemedia.com
e.serverbid.com
eb2.3lift.com
euexchangesync.digitaleast.mobi
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id.a-mx.com
id5-sync.com
image2.pubmatic.com
image6.pubmatic.com
images.outbrainimg.com
lb.eu-1-id5-sync.com
log.outbrainimg.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.prod.bidr.io
match.sharethrough.com
mcdp-nydc1.outbrain.com
mug.criteo.com
mwzeom.zeotap.com
nep.advangelists.com
odb.outbrain.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pastebin.com
pixel.onaudience.com
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prg-apac.smartadserver.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.pocpoc.io
px.vliplatform.com
rtb.mfadsrvr.com
s.ad.smaato.net
s.amazon-adsystem.com
script.4dex.io
securepubads.g.doubleclick.net
services.vlitag.com
simage2.pubmatic.com
simage4.pubmatic.com
ssl-market-east.smrtb.com
ssp.disqus.com
ssum-sec.casalemedia.com
static.criteo.net
static.vliplatform.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.quantumdex.io
sync.srv.stackadapt.com
sync.taboola.com
t.adx.opera.com
tags.bluekai.com
targeting.unrulymedia.com
tpc.googlesyndication.com
u.ipw.metadsp.co.uk
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
useast.quantumdex.io
widgets.outbrain.com
www.bing.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
x.videobyte.com
bcf555ce78e95827ba1b21445caa50f3.safeframe.googlesyndication.com
match.bnmla.com
match.prod.bidr.io
ssl-market-east.smrtb.com
103.132.192.30
141.226.228.48
141.95.33.111
141.95.98.64
142.250.186.162
146.75.118.132
15.197.193.217
15.235.15.221
151.101.130.49
151.101.193.108
159.89.246.130
178.250.1.11
178.250.7.11
18.65.37.219
184.30.16.183
184.30.16.195
184.30.17.67
184.30.25.193
185.184.8.90
185.64.190.80
185.80.39.216
185.86.138.122
185.89.210.180
188.166.17.21
188.42.34.65
193.0.160.130
198.47.127.19
198.47.127.20
198.47.127.205
2001:678:cb4:bbbb::11
2001:678:cb4:bbbb::13
208.93.169.131
216.52.2.16
23.192.153.172
23.218.209.56
2600:9000:2104:e00:10:dd8:5e40:93a1
2600:9000:25e8:ba00:1b:5138:8a40:93a1
2606:4700:10::6816:1957
2606:4700:10::6816:2460
2606:4700:10::6816:3556
2606:4700:10::ac43:15e3
2606:4700:10::ac43:22aa
2606:4700:20::681a:9a9
2606:4700:20::681a:ea7
2606:4700:20::681a:fa7
2606:4700:3030::6815:5286
2606:4700::6810:5914
2606:4700::6812:1691
2620:116:800d:21:c5a4:625:6563:a5bb
2620:1ec:21::14
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:806::2002
2a00:1450:4001:809::2002
2a00:1450:4001:809::2004
2a00:1450:4001:80e::2001
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:812::200e
2a00:1450:4001:827::2003
2a00:1450:4001:828::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2001
2a00:1450:4009:827::2003
2a02:2638:3::3
2a02:2638:d::d
2a02:26f0:3500:1b::1724:a39e
2a02:fa8:8806:20::2010
2a05:d018:d29:3605:f821:c088:dfda:b5f7
2a06:98c1:3121::3
3.120.67.215
3.127.240.172
3.139.248.229
3.215.105.116
3.71.149.231
3.78.17.163
34.111.129.221
34.252.126.23
34.254.142.64
34.95.81.168
34.98.64.218
35.204.158.49
35.210.239.72
37.157.6.232
44.194.237.52
44.209.220.96
46.228.174.115
46.228.174.117
51.75.86.98
52.222.136.109
52.31.195.171
52.46.143.56
52.54.83.136
52.95.126.160
54.160.104.91
69.166.1.64
69.166.1.67
70.42.32.255
76.223.111.18
77.243.51.122
77.245.57.72
82.145.213.8
85.114.159.118
95.215.19.22
00a977db5aae07efccac3bd5499dcbd00c32d55e4637d7a2c41eefd3b31642e9
03a4b8eeed06bd5b9c5a4a3f160407a0417175cc2068df1a2a37b67b821c0e8c
069463cfd3992703de4e91875500ad5b526f6ced3f8292ed128dbee27e0f8baa
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07a31fb51092b5be28b0d96e4b8a6a39c6cfe0dcd6ece71604fdc1feb505d074
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5838b2fb18c10eeacf99b5ad4dd7e7f582e30fffb85b60396fd57ded32c099
0e1bf559a0ff2b782db1ed3d774b6bf1379c4cfef4fbca73cf0d046da0b27c18
0f8b342822ef1fa6a4a38d2d7921508eba2f06150762e3536a9949d8d7cf7b3f
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d
13cab0df552f1768ae09eba114555352e2156c6677acd146cf09fdf24e68c476
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
162e8d815d4d0e60df21f948615c3bfd1158cf5e02b0ddca947ec7f05e54917f
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18eae1725625fae05d69d9ec843ea6bcdbb7ceef86d4cb26bd117d1dfeed0cce
19037f548c23b16f66ac2e1cede1fe5bdc253589a37bd985334ca3adedd110dc
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
1b38d0ab727fb6cd8cac46b1055dd9578921325977e116bd7366329c87589fde
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1c7c702f9e4dd44489b85ebde8d59607abc374614785d1a2eb64375a12586850
1dbdedbe9f4296e295c5293ffe154fd7a1d66b1a6df7362c57b4e25fe0e32683
24b6349f296a120f3b0a1934462bb43f3b83b7eac66cc0f8bb0cc5d7cfde103f
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9
2a81b08ae46ab488d3c92bdb3ef9b48c32240ec53fb1e22a9e2bc016ae77bc58
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b75d258cfb2b76189fc5f2afbb188ee4b7bf4debbe73f52808c24ffc9516360
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
332fe127faccfee262d5942df6721ba63712c60c5fbf6e8895689df79211146b
3a0173182211c356718cc39291f5753a21fefe7422665f2bcd2a2798e02e846b
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e2c5ee3e670df454c774cd417f12f4ca3083db68091f9184fb29efd2af4877b
3e602bf5cbc6b2715d4cb4d1d17414b038387f971de019e2791d55e8bf23059e
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c
416cd946382a6f9dca08f2660e23c313a9676547451b398edca0dfcba3170a78
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
441f4b2c8ce22e54955155f09aca309ceb06fbb62e9fcbc77ae5a3f92cd543c3
4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47c359fa4ca682753ad454534137b378a07a44fea8530ed97b2661e4fc50ac6e
485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
52f446ee6e09a91773def9116ceeefca04f029963b24a9599c8ffb861750f071
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d62bda1c56b4ae634d447d3a1c739110c42d0c375d9a17f7b3782472a6ccd1
5714fa5a5c32c8021aa597e7469488a8d0f726fff911b73504a777187d2dc66f
5d06ee8f4e1e170d57bb74abe6e8b5f49a5ac6d37b070ee8af39807293554623
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5e2289a18eea3d5f113620a2de810b5cabda17664e82c4a27f39be7c038bd479
5ff466857c3492bc9b5c0bfeaef7797f107581a0c387ff6e1ac3314e2b084a40
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
67bed69f23af460ec3341aefcdf793955c250fbf879589de4b93d17b8ec4ae54
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b7aeb0a6d829e379c2933a0ba74f90f2f19e930449b52a5660869408c5307cd
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
6dbd608af559af404e04c35ac75d74c4a1af00e368f44fc3ac5d49cc6c5b3ab1
703d23efcb49183ab7f2795739f547fcd42c3d73e77f47b6c614892bb6666cea
705d4c9f7c4f6624847b955adacc53eabf960fc8b1d0d1a9659973df8eea9250
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
773ef390c0650fce7fe2832f5427c428f943a630c21f166a316384937006720f
7cc2ea3e7a0c3454ef0a765a4b78df2281ecd2a5bc5b6ba8a10b1f4191878a0e
7f1343ca74e009a2949392688b30d4a9a8f7f642ae4b593c9fdc76284531b049
7f494312dd58dd6d0a14eaa75c5a8b438827f919577f62a9d86f9048c91af7f6
82b4ce65fe73d9405d67b5bd0b3a63512146e008c01a2b3ce4e7bc2844173a0b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83663508e7a30ec49d105e45cd74305f82fbcf2e11c4be1d67093e0fa010498c
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
8774dde16f1ae45a9125b8689f96cf18a14207ae1d31ba4e584a2ce95f94e041
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89f6780a679f814dde634d3c40c0cf83ff72c1d92f679e9264f2badf04e504a3
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9180aa99333f10f5819a5930e04b86f2486dd7baab33118a3c6404ee8817a076
919c98e15e2d018403dcd1bd6c6501a6646518001a15f399c003711fcd808f44
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
95dbbacaaa6b78654b2b74da75fa16e9986ff82fe674aea184b07e643295c871
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
997c1edccbce5605ebf278a7bb33190eaa1f206b713ff84203c9bd2263fdc4e5
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9d790d8d644d85ba75095d8bce6dc947331745cf9fe0187d7b564505ffd41e53
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3891516eac37b544defce025a602d15f0a2abeb9355916e93c0a08facc48fef
a4a9041a1536f8484c9f0275cb095633f476d0f83c033864b8730d07edabfe82
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5531a7467f0e324959b8c056c8ada8709116598b07d560936ff787ad7d5818b
a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a
a74997f0155844938773df077bcc37a8ae3af5227a6b2f3505c1daeb13ee0dd6
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0
b8736c6f3fa8a333ada54fa1a1a23521472cd1ffe1934ba0ce7c217dbba4ac8a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be0e28ff58a9be2926636e25b47f11c920060dae7621798dbe74a77df65f8599
c0445a6eeac22daf4096fb8c0d53b36a26a9e78b2a0295b0f4305aedaa40808d
c06abb80cbaf1071aecf372afa599f62f2fb0447efe6a74a1d5a18ce90d21f06
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf
c81f14e2bb3209ad75981c1843043f0a465d4c090f2313d0aa5398a7767ca9ba
ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d12843580d3c46c9238c6fcb5ebeade90efc3b794562c14398dd544997e0bbef
d45d1b49b5918ea0ffa0b3d119995b96b558147f618f0ea1897906252be7bcb4
d58fcea732b394fa05cd706c882fb445f5225b170f9790f8c5d88a73438b8ca6
d610287a0f05f5dfa5e8bc8ad786f5755467dccb9067876cb7261782eda6060a
d7aee5871211604e24ffbaf5cc5d2c3f3e737be1362e829cd75250aef1e939a5
d9e08da8f03bfc136e84f23144e1d9c6837ebed60f4c61b6c8cafc8215f77585
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e740fafe0846a5510c7031ea581cf1547da3ca2c9fdf56b63bbf5f2d47d7ebad
e883a277132916576be85df21d216a2689dbc586d66ab57c479fcc0e155612ba
e89bc9e803a3b4095a12b4cec38d4746853cfba41ba89a4086d0d2d131825045
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fcc8eae121aad50b24a014f5ddf5c02f62bff6f0b7169b992ad8467408b943a8
fddb768ec70f8446c05d88b5d7f638344b3d874f4186f71a23a564d4403b59f2