urlscan.io logo urlscan.io
SecurityTrails logo

pastelink.net Open in urlscan Pro
88.208.215.108  Public Scan

Go To Rescan Add Verdict Report
URL: https://pastelink.net/3t5ilv84
Submission: On November 01 via manual from GB — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 93 IPs in 13 countries across 108 domains to perform 509 HTTP transactions. The main IP is 88.208.215.108, located in United Kingdom and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is pastelink.net. The Cisco Umbrella rank of the primary domain is 215717.
TLS certificate: Issued by R3 on September 14th 2023. Valid for: 3 months.
This is the only time pastelink.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 88.208.215.108 8560 (IONOS-AS ...)
2 172.217.16.202 15169 (GOOGLE)
1 104.17.24.14 13335 (CLOUDFLAR...)
1 104.21.63.106 13335 (CLOUDFLAR...)
1 104.21.28.48 13335 (CLOUDFLAR...)
1 142.250.186.36 15169 (GOOGLE)
3 142.250.184.200 15169 (GOOGLE)
1 172.67.144.62 13335 (CLOUDFLAR...)
31 3.69.213.60 16509 (AMAZON-02)
1 142.250.186.99 15169 (GOOGLE)
4 172.217.16.195 15169 (GOOGLE)
2 142.250.184.206 15169 (GOOGLE)
27 172.64.136.15 13335 (CLOUDFLAR...)
34 142.250.186.66 15169 (GOOGLE)
3 2.18.96.187 16625 (AKAMAI-AS)
24 142.250.184.226 15169 (GOOGLE)
3 216.239.34.36 15169 (GOOGLE)
5 172.64.137.15 13335 (CLOUDFLAR...)
2 104.26.8.169 13335 (CLOUDFLAR...)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 178.250.1.8 44788 (ASN-CRITE...)
3 145.40.97.67 54825 (PACKET)
8 52 51.89.9.253 16276 (OVH)
1 16 104.22.68.131 13335 (CLOUDFLAR...)
7 52.19.46.203 16509 (AMAZON-02)
7 3.127.161.184 16509 (AMAZON-02)
28 3.248.171.173 16509 (AMAZON-02)
10 13 185.89.210.101 29990 (ASN-APPNEX)
1 185.106.140.18 7979 (SERVERS-COM)
2 104.16.88.20 13335 (CLOUDFLAR...)
11 142.250.185.194 15169 (GOOGLE)
1 18.66.97.14 16509 (AMAZON-02)
1 108.156.47.119 16509 (AMAZON-02)
1 172.67.38.106 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 104.18.35.167 13335 (CLOUDFLAR...)
3 178.250.1.3 44788 (ASN-CRITE...)
1 65.9.66.122 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 142.250.185.161 15169 (GOOGLE)
1 142.250.185.162 15169 (GOOGLE)
1 104.18.22.145 13335 (CLOUDFLAR...)
1 5 104.18.41.104 13335 (CLOUDFLAR...)
1 8 172.64.146.152 13335 (CLOUDFLAR...)
4 8 3.71.149.231 16509 (AMAZON-02)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
4 178.250.1.11 44788 (ASN-CRITE...)
1 172.67.23.234 13335 (CLOUDFLAR...)
3 162.19.138.117 16276 (OVH)
1 34.250.99.225 16509 (AMAZON-02)
1 151.101.1.108 54113 (FASTLY)
1 172.64.98.39 13335 (CLOUDFLAR...)
1 13.107.21.200 8068 (MICROSOFT...)
3 7 185.86.139.102 201081 (SMARTADSE...)
14 15.197.193.217 16509 (AMAZON-02)
5 15 69.173.144.138 26667 (RUBICONPR...)
2 18.194.76.100 16509 (AMAZON-02)
2 178.250.1.9 44788 (ASN-CRITE...)
5 185.29.132.245 30419 (MEDIAMATH...)
5 7 69.173.144.139 26667 (RUBICONPR...)
5 5 193.108.153.18 20940 (AKAMAI-ASN1)
12 19 142.250.186.34 15169 (GOOGLE)
7 35.244.174.68 15169 (GOOGLE)
4 209.54.182.161 16509 (AMAZON-02)
17 21 185.64.190.79 62713 (AS-PUBMATIC)
16 18 52.58.92.77 16509 (AMAZON-02)
2 2 208.93.169.131 46244 (WEBMD-IDC...)
5 5 46.228.174.117 56396 (AMOBEE)
2 2 46.228.164.11 56396 (AMOBEE)
2 198.47.127.19 3257 (GTT-BACKB...)
2 34.254.54.88 16509 (AMAZON-02)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
2 3 34.240.22.214 16509 (AMAZON-02)
1 108.138.26.48 16509 (AMAZON-02)
7 7 52.49.166.237 16509 (AMAZON-02)
3 3 70.42.32.63 13789 (INTERNAP-...)
2 2 34.102.253.54 396982 (GOOGLE-CL...)
15 19 185.64.191.210 62713 (AS-PUBMATIC)
4 4 54.209.88.56 14618 (AMAZON-AES)
1 100.26.105.189 14618 (AMAZON-AES)
5 5 203.195.121.141 7979 (SERVERS-COM)
1 1 167.235.184.171 24940 (HETZNER-AS)
2 216.52.2.30 30282 (AS-INAPCD...)
2 192.132.33.69 18568 (BIDTELLECT)
3 3 23.60.204.187 16625 (AKAMAI-AS)
6 23.218.210.30 16625 (AKAMAI-AS)
1 162.19.138.83 16276 (OVH)
3 5 185.86.138.152 201081 (SMARTADSE...)
3 34.98.64.218 396982 (GOOGLE-CL...)
1 3 52.95.125.22 16509 (AMAZON-02)
2 2 91.228.74.200 16509 (AMAZON-02)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 1 18.158.152.62 16509 (AMAZON-02)
1 2 151.101.66.49 54113 (FASTLY)
1 1 82.145.213.8 39832 (NO-OPERA)
2 72.251.245.179 32475 (SINGLEHOP...)
1 35.186.193.173 15169 (GOOGLE)
2 2 213.155.156.184 1299 (TWELVE99 ...)
1 1 193.0.160.131 54312 (ROCKETFUEL)
1 195.5.165.20 44968 (IPROM-AS)
1 2 104.18.25.173 13335 (CLOUDFLAR...)
1 2 34.111.129.221 396982 (GOOGLE-CL...)
1 54.152.141.210 14618 (AMAZON-AES)
1 35.204.158.49 396982 (GOOGLE-CL...)
4 4 37.157.5.133 198622 (ADFORM)
1 198.47.127.20 3257 (GTT-BACKB...)
2 2 98.98.134.241 21859 (ZEN-ECN)
4 4 64.158.223.140 41041 (VCLK-EU-SE)
1 1 134.122.57.34 14061 (DIGITALOC...)
1 76.223.111.18 16509 (AMAZON-02)
2 2 3.120.46.47 16509 (AMAZON-02)
2 216.58.206.34 15169 (GOOGLE)
3 4 138.201.8.249 24940 (HETZNER-AS)
1 1 8.2.108.194 46636 (NATCOWEB)
1 1 37.157.5.132 198622 (ADFORM)
1 35.205.65.172 396982 (GOOGLE-CL...)
2 34.95.69.49 396982 (GOOGLE-CL...)
509 93
13    88.208.215.108 (United Kingdom)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
pastelink.net
2    172.217.16.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f202.1e100.net
fonts.googleapis.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    104.21.63.106 (None, )

ASN13335 (CLOUDFLARENET, US)
www.ezojs.com
1    104.21.28.48 (None, )

ASN13335 (CLOUDFLARENET, US)
the.gatekeeperconsent.com
1    142.250.186.36 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f4.1e100.net
www.google.com
3    142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net
www.googletagmanager.com
1    172.67.144.62 (United States)

ASN13335 (CLOUDFLARENET, US)
privacy.gatekeeperconsent.com
31    3.69.213.60 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
g.ezoic.net
1    142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net
www.gstatic.com
4    172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f3.1e100.net
fonts.gstatic.com
2    142.250.184.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f14.1e100.net
www.google-analytics.com
27    172.64.136.15 (United States)

ASN13335 (CLOUDFLARENET, US)
g.ezodn.com
go.ezodn.com
34    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
securepubads.g.doubleclick.net
3    2.18.96.187 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-96-187.deploy.static.akamaitechnologies.com
ads.pubmatic.com
24    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
pagead2.googlesyndication.com
3    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
5    172.64.137.15 (United States)

ASN13335 (CLOUDFLARENET, US)
bshr.ezodn.com
go.ezodn.com
2    104.26.8.169 (None, )

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
3    145.40.97.67 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
52    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
16    104.22.68.131 (None, )

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
7    52.19.46.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-46-203.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
7    3.127.161.184 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-161-184.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
28    3.248.171.173 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-171-173.eu-west-1.compute.amazonaws.com
hb-api.omnitagjs.com
visitor.omnitagjs.com
visitor-eu-west-1.omnitagjs.com
13    185.89.210.101 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    185.106.140.18 (Netherlands)

ASN7979 (SERVERS-COM, US)
rtb.adxpremium.services
2    104.16.88.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
11    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
googleads.g.doubleclick.net
www.googletagservices.com
1    18.66.97.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-14.fra56.r.cloudfront.net
connectid.analytics.yahoo.com
1    108.156.47.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-47-119.lhr50.r.cloudfront.net
cdn.prod.uidapi.com
1    172.67.38.106 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
3    178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    142.250.185.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f1.1e100.net
49f5040f1a78f8f1412e6eb85e884369.safeframe.googlesyndication.com
1    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
partner.googleadservices.com
1    104.18.22.145 (None, )

ASN13335 (CLOUDFLARENET, US)
cadmus.script.ac
5    104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
8    172.64.146.152 (United States)

ASN13335 (CLOUDFLARENET, US)
cd.connatix.com
cds.connatix.com
8    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
4    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    172.67.23.234 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
3    162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
id5-sync.com
1    34.250.99.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-99-225.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    172.64.98.39 (United States)

ASN13335 (CLOUDFLARENET, US)
adxbid.info
1    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
7    185.86.139.102 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
ssbsync-global.smartadserver.com
14    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
15    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
2    18.194.76.100 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-76-100.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
5    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
7    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
5    193.108.153.18 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-18.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
19    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
7    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
4    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
21    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
18    52.58.92.77 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-92-77.eu-central-1.compute.amazonaws.com
x.bidswitch.net
aws-fr-sync.bidswitch.net
2    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
5    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
2    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
2    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
2    34.254.54.88 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-54-88.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
3    34.240.22.214 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-22-214.eu-west-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
1    108.138.26.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-48.fra56.r.cloudfront.net
api-2-0.spot.im
7    52.49.166.237 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-166-237.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
3    70.42.32.63 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
19    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
4    54.209.88.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-88-56.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    100.26.105.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-26-105-189.compute-1.amazonaws.com
jadserve.postrelease.com
5    203.195.121.141 (Singapore)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    167.235.184.171 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.171.184.235.167.clients.your-server.de
inv-nets.admixer.net
2    216.52.2.30 (New York, United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
2    192.132.33.69 (United States)

ASN18568 (BIDTELLECT, US)
PTR: NET-33-132-192.69.bidtellect.com
bttrack.com
3    23.60.204.187 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-60-204-187.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
6    23.218.210.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-210-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu
lb.eu-1-id5-sync.com
5    185.86.138.152 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
3    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
eu-u.openx.net
us-u.openx.net
3    52.95.125.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    91.228.74.200 (United Kingdom)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    85.114.159.118 (Mössingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    18.158.152.62 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-152-62.eu-central-1.compute.amazonaws.com
sonata-notifications.taptapnetworks.com
2    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    72.251.245.179 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
2    213.155.156.184 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
2    104.18.25.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    54.152.141.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-141-210.compute-1.amazonaws.com
a.audrte.com
1    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
4    37.157.5.133 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
2    98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
4    64.158.223.140 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams02-nessy-float2.dotomi.com
pubmatic-match.dotomi.com
rubicon-match.dotomi.com
1    134.122.57.34 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    3.120.46.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-46-47.eu-central-1.compute.amazonaws.com
ghent-aws-fr.bidswitch.net
2    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net
adx.g.doubleclick.net
4    138.201.8.249 (Ergolding, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.249.8.201.138.clients.your-server.de
sync.richaudience.com
1    8.2.108.194 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
1    37.157.5.132 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    35.205.65.172 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 172.65.205.35.bc.googleusercontent.com
cookiesync.api.bliink.io
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
Apex Domain
Subdomains		 Transfer
63 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
adx.g.doubleclick.net — Cisco Umbrella Rank: 2427
388 KB
52 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
75 KB
47 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 534
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 502
image8.pubmatic.com — Cisco Umbrella Rank: 662
image6.pubmatic.com — Cisco Umbrella Rank: 823
simage2.pubmatic.com — Cisco Umbrella Rank: 843
image2.pubmatic.com — Cisco Umbrella Rank: 924
image4.pubmatic.com — Cisco Umbrella Rank: 1184
simage4.pubmatic.com Failed
211 KB
32 ezodn.com
g.ezodn.com — Cisco Umbrella Rank: 11555
go.ezodn.com — Cisco Umbrella Rank: 8931
bshr.ezodn.com — Cisco Umbrella Rank: 10279
306 KB
31 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 376
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2394
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 969
eus.rubiconproject.com — Cisco Umbrella Rank: 602
token.rubiconproject.com — Cisco Umbrella Rank: 458
52 KB
31 ezoic.net
g.ezoic.net — Cisco Umbrella Rank: 15132
27 KB
28 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3481
visitor.omnitagjs.com — Cisco Umbrella Rank: 799
visitor-eu-west-1.omnitagjs.com — Cisco Umbrella Rank: 30335
12 KB
25 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
49f5040f1a78f8f1412e6eb85e884369.safeframe.googlesyndication.com
tpc.googlesyndication.com Failed
329 KB
20 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 351
ghent-aws-fr.bidswitch.net — Cisco Umbrella Rank: 12914
aws-fr-sync.bidswitch.net — Cisco Umbrella Rank: 29766
7 KB
16 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 5524
csync.smilewanted.com — Cisco Umbrella Rank: 2822
static.smilewanted.com — Cisco Umbrella Rank: 9244
18 KB
14 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
2 KB
14 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
acdn.adnxs.com — Cisco Umbrella Rank: 609
secure.adnxs.com — Cisco Umbrella Rank: 495
27 KB
13 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1113
cd.connatix.com — Cisco Umbrella Rank: 3425
cds.connatix.com — Cisco Umbrella Rank: 3536
vid.connatix.com Failed
lit.connatix.com Failed
616 KB
13 pastelink.net
pastelink.net — Cisco Umbrella Rank: 215717
347 KB
12 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 774
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1511
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733
4 KB
12 yahoo.com
connectid.analytics.yahoo.com — Cisco Umbrella Rank: 4351
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
12 KB
9 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 984
match.sharethrough.com — Cisco Umbrella Rank: 559
5 KB
7 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 573
4 KB
7 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890
4 KB
7 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 728
7 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 657
static.yieldmo.com Failed
11 KB
7 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 757
gum.criteo.com — Cisco Umbrella Rank: 454
dis.criteo.com — Cisco Umbrella Rank: 597
ssp-sync.criteo.com Failed
8 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 599
cm.adform.net — Cisco Umbrella Rank: 1267
3 KB
5 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1638
4 KB
5 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 566
3 KB
5 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1372
2 KB
5 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1656
google-bidout-d.openx.net — Cisco Umbrella Rank: 1665
eu-u.openx.net — Cisco Umbrella Rank: 2753
us-u.openx.net — Cisco Umbrella Rank: 522
2 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2462
21 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
246 KB
4 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1851
1 KB
4 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3483
rubicon-match.dotomi.com — Cisco Umbrella Rank: 2310
1 KB
4 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 689
4 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
2 KB
4 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 976
id.crwdcntrl.net — Cisco Umbrella Rank: 2498
bcp.crwdcntrl.net — Cisco Umbrella Rank: 887
sync.crwdcntrl.net — Cisco Umbrella Rank: 865
14 KB
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 863
id5-sync.com — Cisco Umbrella Rank: 440
32 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
178 KB
3 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 580
1 KB
3 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2139
creativecdn.com — Cisco Umbrella Rank: 592
2 KB
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
csm.nl3.eu.criteo.net Failed
76 KB
3 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
410 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
255 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 894
104 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 726
938 B
2 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24983
497 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 860
s.tribalfusion.com — Cisco Umbrella Rank: 2311
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4905
562 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1392
565 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 709
766 B
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
1010 B
2 bttrack.com
bttrack.com — Cisco Umbrella Rank: 826
252 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 683
277 B
2 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4089
683 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
952 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 547
2 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
3 KB
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1523
26 KB
2 gatekeeperconsent.com
the.gatekeeperconsent.com — Cisco Umbrella Rank: 35848
privacy.gatekeeperconsent.com — Cisco Umbrella Rank: 42177
9 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
imasdk.googleapis.com Failed
2 KB
1 bliink.io
cookiesync.api.bliink.io — Cisco Umbrella Rank: 10511
174 B
1 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 3060
as.ck-ie.com Failed
496 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 417
140 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2242
555 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 795
610 B
1 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2810
111 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6074
277 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 868
795 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5723
369 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1397
554 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 6560
347 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533
524 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 928
273 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2430
390 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1122
534 B
1 spot.im
api-2-0.spot.im — Cisco Umbrella Rank: 2826
457 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268
481 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 236
699 B
1 adxbid.info
adxbid.info — Cisco Umbrella Rank: 12205
3 KB
1 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1601
349 B
1 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 1421
47 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1181
607 B
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1383
ssc-cms.33across.com Failed
5 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1762
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2491
3 KB
1 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 9542
2 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 ezojs.com
www.ezojs.com — Cisco Umbrella Rank: 27048
45 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
1 KB
0 casalemedia.com Failed
dsum-sec.casalemedia.com Failed
ssum.casalemedia.com Failed
0 lkqd.net Failed
cs.lkqd.net Failed
0 yieldlab.net Failed
ad.yieldlab.net Failed
0 smartclip.net Failed
ad.sxp.smartclip.net Failed
0 gumgum.com Failed
usersync.gumgum.com Failed
0 2mdn.net Failed
s0.2mdn.net Failed
0 aniview.com Failed
sync.aniview.com Failed
0 blismedia.com Failed
tr.blismedia.com Failed
0 deepintent.com Failed
match.deepintent.com Failed
0 outbrain.com Failed
sync.outbrain.com Failed
0 tapad.com Failed
pixel.tapad.com Failed
0 yahoo.net Failed
hb.yahoo.net Failed
0 primis.tech Failed
live.primis.tech Failed
0 ipredictive.com Failed
sync.ipredictive.com Failed
0 linkedin.com Failed
px.ads.linkedin.com Failed
0 vidoomy.com Failed
vid.vidoomy.com Failed
0 smartstream.tv Failed
ads.smartstream.tv Failed
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 adotmob.com Failed
sync.adotmob.com Failed
0 loopme.me Failed
csync.loopme.me Failed
0 a-mx.com Failed
id.a-mx.com Failed
509 108
Domain Requested by
52 onetag-sys.com 8 redirects go.ezodn.com
onetag-sys.com
visitor.omnitagjs.com
ads.pubmatic.com
pastelink.net
csync.smilewanted.com
34 securepubads.g.doubleclick.net pastelink.net
securepubads.g.doubleclick.net
www.googletagservices.com
cd.connatix.com
31 g.ezoic.net www.ezojs.com
go.ezodn.com
29 go.ezodn.com pastelink.net
go.ezodn.com
24 pagead2.googlesyndication.com pastelink.net
pagead2.googlesyndication.com
onetag-sys.com
googleads.g.doubleclick.net
go.ezodn.com
www.googletagservices.com
21 image8.pubmatic.com 17 redirects onetag-sys.com
ads.pubmatic.com
19 cm.g.doubleclick.net 12 redirects onetag-sys.com
ssbsync.smartadserver.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
18 visitor-eu-west-1.omnitagjs.com visitor.omnitagjs.com
ads.pubmatic.com
17 x.bidswitch.net 15 redirects onetag-sys.com
14 match.adsrvr.org pastelink.net
onetag-sys.com
ads.yieldmo.com
visitor.omnitagjs.com
ssbsync.smartadserver.com
ads.pubmatic.com
google-bidout-d.openx.net
13 pastelink.net pastelink.net
11 simage2.pubmatic.com 7 redirects visitor.omnitagjs.com
onetag-sys.com
ads.pubmatic.com
11 pixel.rubiconproject.com 4 redirects onetag-sys.com
visitor.omnitagjs.com
9 csync.smilewanted.com 1 redirects go.ezodn.com
ads.yieldmo.com
csync.smilewanted.com
onetag-sys.com
9 visitor.omnitagjs.com go.ezodn.com
visitor.omnitagjs.com
onetag-sys.com
ssbsync.smartadserver.com
9 ib.adnxs.com 6 redirects go.ezodn.com
acdn.adnxs.com
8 image2.pubmatic.com 8 redirects
8 ups.analytics.yahoo.com 4 redirects connectid.analytics.yahoo.com
go.ezodn.com
onetag-sys.com
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
onetag-sys.com
go.ezodn.com
7 match.prod.bidr.io 7 redirects
7 id.rlcdn.com onetag-sys.com
visitor.omnitagjs.com
7 pixel-eu.rubiconproject.com 5 redirects onetag-sys.com
7 cds.connatix.com pastelink.net
cd.connatix.com
cds.connatix.com
7 btlr.sharethrough.com go.ezodn.com
7 ads.yieldmo.com go.ezodn.com
ads.yieldmo.com
6 eus.rubiconproject.com visitor.omnitagjs.com
eus.rubiconproject.com
6 prebid.smilewanted.com go.ezodn.com
5 rtb-csync.smartadserver.com 3 redirects ssbsync.smartadserver.com
5 ads.betweendigital.com 5 redirects
5 ssbsync-global.smartadserver.com 3 redirects onetag-sys.com
5 ads.stickyadstv.com 5 redirects
5 sync.mathtag.com onetag-sys.com
5 capi.connatix.com 1 redirects pastelink.net
visitor.omnitagjs.com
cds.connatix.com
cd.connatix.com
4 token.rubiconproject.com 1 redirects eus.rubiconproject.com
visitor.omnitagjs.com
4 sync.richaudience.com 3 redirects csync.smilewanted.com
4 c1.adform.net 4 redirects
4 sync.srv.stackadapt.com 4 redirects
4 secure.adnxs.com 4 redirects
4 sync.1rx.io 4 redirects
4 s.amazon-adsystem.com onetag-sys.com
4 gum.criteo.com go.ezodn.com
static.criteo.net
gum.criteo.com
4 fonts.gstatic.com fonts.googleapis.com
3 www.googletagservices.com securepubads.g.doubleclick.net
3 aax-eu.amazon-adsystem.com 1 redirects ads.pubmatic.com
google-bidout-d.openx.net
3 secure-assets.rubiconproject.com 3 redirects
3 b1sync.zemanta.com 3 redirects
3 pr-bh.ybp.yahoo.com 2 redirects ads.pubmatic.com
3 id5-sync.com go.ezodn.com
cdn.id5-sync.com
3 static.criteo.net securepubads.g.doubleclick.net
go.ezodn.com
static.criteo.net
3 prebid.a-mo.net go.ezodn.com
visitor.omnitagjs.com
3 region1.google-analytics.com www.googletagmanager.com
3 ads.pubmatic.com pastelink.net
go.ezodn.com
ads.pubmatic.com
3 www.googletagmanager.com pastelink.net
www.googletagmanager.com
www.google-analytics.com
2 rubicon-match.dotomi.com 2 redirects
2 i.clean.gg cadmus.script.ac
2 adx.g.doubleclick.net pastelink.net
2 ghent-aws-fr.bidswitch.net 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 cr.frontend.weborama.fr 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 cm.adgrx.com ads.pubmatic.com
visitor.omnitagjs.com
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 cms.quantserve.com 2 redirects
2 bttrack.com visitor.omnitagjs.com
2 ap.lijit.com visitor.omnitagjs.com
csync.smilewanted.com
2 ads.playground.xyz 2 redirects
2 creativecdn.com 2 redirects
2 image6.pubmatic.com ads.pubmatic.com
2 ad.turn.com 2 redirects
2 bh.contextweb.com 2 redirects
2 dis.criteo.com pastelink.net
ads.pubmatic.com
2 match.sharethrough.com pastelink.net
visitor.omnitagjs.com
2 ssbsync.smartadserver.com pastelink.net
visitor.omnitagjs.com
2 oajs.openx.net 1 redirects pastelink.net
2 cdn.jsdelivr.net ads.pubmatic.com
securepubads.g.doubleclick.net
2 script.4dex.io go.ezodn.com
script.4dex.io
2 bshr.ezodn.com go.ezodn.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.googleapis.com pastelink.net
1 cookiesync.api.bliink.io csync.smilewanted.com
1 cm.adform.net 1 redirects
1 us.ck-ie.com 1 redirects
1 us-u.openx.net google-bidout-d.openx.net
1 eu-u.openx.net google-bidout-d.openx.net
1 aws-fr-sync.bidswitch.net 1 redirects
1 eb2.3lift.com adxbid.info
1 match.adsby.bidtheatre.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 um.simpli.fi ads.pubmatic.com
1 a.audrte.com ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 p.rfihub.com 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 t.adx.opera.com 1 redirects
1 sonata-notifications.taptapnetworks.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 google-bidout-d.openx.net oa.openxcdn.net
1 static.smilewanted.com csync.smilewanted.com
1 lb.eu-1-id5-sync.com go.ezodn.com
1 inv-nets.admixer.net 1 redirects
1 jadserve.postrelease.com visitor.omnitagjs.com
1 api-2-0.spot.im visitor.omnitagjs.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 sync.targeting.unrulymedia.com 1 redirects csync.smilewanted.com
1 c.bing.com pastelink.net
1 adxbid.info go.ezodn.com
1 acdn.adnxs.com go.ezodn.com
1 id.crwdcntrl.net go.ezodn.com
1 id.hadron.ad.gt go.ezodn.com
1 cd.connatix.com 1 redirects
1 cadmus.script.ac script.4dex.io
1 partner.googleadservices.com pagead2.googlesyndication.com
1 49f5040f1a78f8f1412e6eb85e884369.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 connectid.analytics.yahoo.com securepubads.g.doubleclick.net
1 rtb.adxpremium.services go.ezodn.com
1 hb-api.omnitagjs.com go.ezodn.com
1 bidder.criteo.com go.ezodn.com
1 hbopenbid.pubmatic.com go.ezodn.com
1 g.ezodn.com pastelink.net
1 www.gstatic.com www.google.com
1 privacy.gatekeeperconsent.com the.gatekeeperconsent.com
1 www.google.com pastelink.net
1 the.gatekeeperconsent.com pastelink.net
1 www.ezojs.com pastelink.net
1 cdnjs.cloudflare.com pastelink.net
0 csm.nl3.eu.criteo.net Failed gum.criteo.com
0 imasdk.googleapis.com Failed cd.connatix.com
0 lit.connatix.com Failed cd.connatix.com
0 vid.connatix.com Failed cd.connatix.com
0 ssum.casalemedia.com Failed adxbid.info
0 dsum-sec.casalemedia.com Failed googleads.g.doubleclick.net
0 cs.lkqd.net Failed googleads.g.doubleclick.net
0 ad.yieldlab.net Failed googleads.g.doubleclick.net
0 ad.sxp.smartclip.net Failed googleads.g.doubleclick.net
0 static.yieldmo.com Failed pastelink.net
srcdoc
0 usersync.gumgum.com Failed pastelink.net
0 simage4.pubmatic.com Failed ads.pubmatic.com
0 tpc.googlesyndication.com Failed pastelink.net
0 s0.2mdn.net Failed pastelink.net
0 sync.aniview.com Failed visitor.omnitagjs.com
0 tr.blismedia.com Failed visitor.omnitagjs.com
0 match.deepintent.com Failed visitor.omnitagjs.com
0 sync.outbrain.com Failed visitor.omnitagjs.com
0 ssc-cms.33across.com Failed visitor.omnitagjs.com
0 pixel.tapad.com Failed visitor.omnitagjs.com
0 hb.yahoo.net Failed visitor.omnitagjs.com
0 live.primis.tech Failed visitor.omnitagjs.com
0 sync.ipredictive.com Failed visitor.omnitagjs.com
0 px.ads.linkedin.com Failed visitor.omnitagjs.com
0 vid.vidoomy.com Failed adxbid.info
0 as.ck-ie.com Failed adxbid.info
0 ssp-sync.criteo.com Failed csync.smilewanted.com
0 ads.smartstream.tv Failed googleads.g.doubleclick.net
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 sync.adotmob.com Failed visitor.omnitagjs.com
0 csync.loopme.me Failed visitor.omnitagjs.com
ads.pubmatic.com
0 id.a-mx.com Failed go.ezodn.com
509 167

This site contains no links.

Subject Issuer Validity Valid
pastelink.net
R3		 2023-09-14 -
2023-12-13		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
www.ezojs.com
GTS CA 1P5		 2023-09-10 -
2023-12-09		 3 months crt.sh
gatekeeperconsent.com
GTS CA 1P5		 2023-10-31 -
2024-01-29		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
ezoic.net
R3		 2023-09-17 -
2023-12-16		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
ezodn.com
E1		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2023-10-23 -
2024-10-22		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.a-mo.net
R3		 2023-10-06 -
2024-01-04		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-08-05		 a year crt.sh
connectid.analytics.yahoo.com
GlobalSign ECC OV SSL CA 2018		 2023-08-15 -
2024-02-08		 6 months crt.sh
cdn.prod.uidapi.com
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-09-25 -
2023-12-24		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
script.ac
E1		 2023-10-31 -
2024-01-29		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
adxbid.info
E1		 2023-10-07 -
2024-01-05		 3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01		 2023-10-24 -
2024-04-21		 6 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.mathtag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-30 -
2024-04-29		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.spot.im
Amazon RSA 2048 M02		 2023-09-03 -
2024-09-30		 a year crt.sh
*.postrelease.com
Amazon RSA 2048 M02		 2023-10-27 -
2024-11-23		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-04 -
2024-04-21		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
*.iprom.net
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
*.audrte.com
Amazon RSA 2048 M01		 2023-02-08 -
2024-03-08		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
*.api.bliink.io
GoGetSSL RSA DV CA		 2023-05-22 -
2024-06-21		 a year crt.sh
i.clean.gg
GTS CA 1D4		 2023-09-17 -
2023-12-16		 3 months crt.sh
connatix.com
GTS CA 1P5		 2023-09-05 -
2023-12-04		 3 months crt.sh

This page contains 62 frames:

Primary Page: https://pastelink.net/3t5ilv84
Frame ID: 29F1B09C6577E649C5126135405AE9EE
Requests: 191 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231031/r20190131/zrt_lookup.html
Frame ID: 2B3E4CFBDDB7E4ACDCACBE4021BD393A
Requests: 1 HTTP requests in this frame

Frame: https://49f5040f1a78f8f1412e6eb85e884369.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C4EF3CD2F89B303432CF2FB1E2E74C31
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750856239204414&output=html&h=250&adk=1204883557&adf=2224284356&w=706&lmt=1698874227&rafmt=12&channel=4987320600&format=706x250&url=https%3A%2F%2Fpastelink.net%2F3t5ilv84&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698874226256&bpp=4&bdt=2482&idt=956&shv=r20231031&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&correlator=4533154427087&frm=20&pv=2&ga_vid=1833405134.1698874225&ga_sid=1698874227&ga_hid=681257193&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=400&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532335%2C44798934%2C44805932%2C44807048%2C44807464%2C31078297&oid=2&pvsid=4190647440363764&tmod=2093918269&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=972
Frame ID: 456189B2696E6C43717FEEA229698824
Requests: 1 HTTP requests in this frame

Frame: https://cds.connatix.com/p/368057/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882&tier=1
Frame ID: 722B351D231EA3DD031AAB20710D4DB1
Requests: 10 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Frame ID: E079FE56A7310C2B14F8077ADF4CC9CD
Requests: 6 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Frame ID: 1E5BE210D2724AB400D03E6849593BDE
Requests: 21 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 61DF7F0BE1FBA876D4115E3D6F23365E
Requests: 3 HTTP requests in this frame

Frame: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 3BCB04D1433E643143AFB0B7C18FD66A
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Frame ID: 72467E8475C12105970F4FDDD9DE426A
Requests: 19 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1698874226426
Frame ID: 21BF435A43D8AB78F38A0B9456105DED
Requests: 15 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: F1A8D675F1437DD65FBC028E1863F791
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 8C1B13380E9D9C5AB7935A81C7A8FDF1
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: 3DD937EDC5EF2756E5BDE82D1173FB7B
Requests: 20 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: B93B557AD13ED7FE148755D3C215AAFA
Requests: 19 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Frame ID: D0AAB6CB9F61FDCF2E543EC86BC5CE59
Requests: 16 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: DF7D57D0F0222FDD414B8535EA2AE86A
Requests: 19 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Frame ID: A7CB6932AB33B5C5E71A40B7CDC77AF7
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=pastelink.net
Frame ID: C34338F324C3EAF2009F68402A9681B7
Requests: 3 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: A58876F6EE25B628EB9F65156339BE23
Requests: 6 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 0443371610E45F5850AACC6946D679E6
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=B3ABD658-6510-47A0-8543-FE669B89DF5B&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: AE6133CF0EF26512C747E0F41C312283
Requests: 1 HTTP requests in this frame

Frame: https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
Frame ID: ADA9D73871DC506ECBF8F6BCEE3003DF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2393881630050333936&gdpr=0&gdpr_consent=
Frame ID: 3DAE50F1A18BE166F250BC88C2E629EF
Requests: 1 HTTP requests in this frame

Frame: https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
Frame ID: B476D4BC117DA74D9950A9F7E6CAA9D8
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 800B3CA470D176888D2483F989D94795
Requests: 1 HTTP requests in this frame

Frame: https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
Frame ID: ABBE80B2672D1FA6AB4A0624207F4CF2
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Frame ID: CFFB84C6B605F7AC1AD13CD7B9E871BE
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZULDeAAAArVjVAAU
Frame ID: 4907615F1AD20F9BC0899451D090DA1C
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=B3ABD658-6510-47A0-8543-FE669B89DF5B
Frame ID: 846BEEECB0B09B75298CE55DAD635564
Requests: 1 HTTP requests in this frame

Frame: https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
Frame ID: 1B9164D95B4D7F6063920FB8DF4FB4D2
Requests: 1 HTTP requests in this frame

Frame: https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
Frame ID: 27F3B8ED7A917D5EB7758C563D7EA4E5
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: B4035BC74B7EB2BD7D0418A90380D497
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 725D61D49C41816E14CD77AB5765C695
Requests: 1 HTTP requests in this frame

Frame: https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
Frame ID: 2E9CD7D0CDB5723CE576F030497C5960
Requests: 1 HTTP requests in this frame

Frame: https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
Frame ID: 60222D43D4F5FDFD690C0438EE21EB18
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 181B734BABFDE7EAF2B208979DDD3BEC
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: E9C11BEE6A306EB9109C47CFBD8D3DA5
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 61E0A86422E63C60AF34707663B1D179
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstliCe0VQ3A36S6p4NcGbjP548kktS7ZH_Lp3AeMN_6QW_6ovKQsNZlqhXnZ0iepO0PKGBTDh6jHSFgZ_L44ihiBVtwbbwoB9MZ1q6fOwVFcgzuOU4ErWjuMx7IqdtdjbQigsIciJArn24qyXu6KWbdXRf5EVmFGCLC4KivCDivTYL-or4FTWlFSK26XlgfUN_BgtMtQQwykFg1QvxkwawX8VrA1KJRYrBUvpAgZ5by05C22G3XKdo28s7CEylIBDHomHNasFtjGnUQADWDSk88aXjgBgcJ0UhYeWY9CPpZAtE2cacqYpSu-TZg02Bka76WwPtakwppygLbWsJL_0b1OilhKdGQ-o74VeJtPPOZ3Q&sai=AMfl-YRS99wbxV0syntDM7AzsUtocFjt5ohLznRYHw2tXX5XAmqJchRS5UNHHYygJWZdNDLYdSzR3lc6JDyUxdijrvm58CiO2ESseO0na9ACkq1Zcvgg0WH53kJwde2Zr_o&sig=Cg0ArKJSzL4IvQGq7VKXEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 3F1CBB8911F9028A8B03456B3F7512B1
Requests: 11 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: A68E9FF906264B6CA7C57BE7BDE77569
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: 1DBC8671D016E11FB5CE272529D78992
Requests: 16 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 70262A265D22396A9B252C134EA320A7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvJWxDB5IUBGP3EuPkBMAE&v=APEucNXnV3v_uUcF-QanxUNJOhh-KPb5EEamvzhdVb1uC_2N1mAG6FRX8xM0lYW8vdkh3RZimyESi3PoDWc5vLLBrSH0TjUN961VJbVVtXaxjR3jX_SPAQ4
Frame ID: 82CE2EC4784119D2E0A5B57904DA5E47
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 90241AACD3DE97A52D5CCDCC92666721
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 173FD9146111F047EE72E309236E5460
Requests: 15 HTTP requests in this frame

Frame: https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=9a5353ba-e71e-4f61-9897-398e51822172&gdpr=0&gdpr_consent=&us_ps=
Frame ID: AC0E9BDD4A31382E27DE297C6BC8A23D
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-18b3309c-1213-4463-ae3b-59c8e198f501-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-18b3309c-1213-4463-ae3b-59c8e198f501-003
Frame ID: 8199ABD6DE46207E8501CD40A4638701
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/6ba0b4a4-fbcf-5432-8913-f696ec5135ee
Frame ID: 5D7CC17DA7C381FB42219F8983997A1C
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/bizzclick/98b55351aa3a0461d6e279612aaee3346077920089d56b56a94757fdd4482976
Frame ID: 03B1FC16D44FA366305FE218DA3E75BA
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/6652614731716365000
Frame ID: 796008785633271DE105D914C6D7D64C
Requests: 1 HTTP requests in this frame

Frame: https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=230
Frame ID: 7B3F1BB80652B12ECF5F4955184ACC21
Requests: 1 HTTP requests in this frame

Frame: https://cookiesync.api.bliink.io/getuid?url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbliink%2F%24UID
Frame ID: 266BEFAE9D59EC23AEAE1C27ECF95781
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/47de23d1df628a2c2fd3b055dda898ca?gdpr_consent=&gdpr=0
Frame ID: DA8EECC37BB9F97274FDD05CB458F546
Requests: 1 HTTP requests in this frame

Frame: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Frame ID: A480F3BC14549AED2C0A23398771B412
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZrX5NPT6Hk2hC2KjThY2Q37lxXQlY5yzDKtHPCfi2uU6dDc-CSUGE56_LvqirYt9PLCgqTTKG3nGARm6DNT8o2CODGDVaC8CrfQW_-Tr9lk0ZP_aQf0Jk2BcKyqPc19QNMCfSD14bXtHRduPiRhU7tx6Uy_1ts327rjW2EbB-zhnh76MIt1ETHygeYd8xTFKAmitjmAvU_eJ1bJYo4JalhHeB1RvpguH55q15FywlH00mb5aOjDYINc0sEz7iCYn_m3hWR9r-zqmIt-pS2JeGJSrA0PZbqtqy7wahbmegBtZJpDWxrNWctS5jXzjuuK7y7BYScX2_R5vHERcRJj77D-rWI9hNqCPuEBhiMq9ESaOv9dXMb85jQg&sai=AMfl-YQ-IDC5aKRbbo4vFQkeo9PHzSmha_XTWcG438brTphCjmmVDCec3Gf9dsITvmg6dc0McvETD-A6YN0r3o4IGjqJlEZTb7iQ0AcUOgYYw6ahjBY4Wo2qC0i5o_B_hBo&sig=Cg0ArKJSzC2eq6NHLc63EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 4BBDE367BB38726F65040A6130C1B1A5
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvJWxDB5IUBGP3EuPkBMAE&v=APEucNV-XbxuoFEdJxCpVCLZCW8JuBAjk4wDWnW5BfUPolBD8qS7rWqLZa5Awp_sKb8cYR6CZ6Uv-yQmPdw230W-207b34DBYVDrmFa1203niC70jD8DaGw
Frame ID: 0890A974153F9E76FC1E6512CF40BC2A
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: CCE8788478C0D18E01D7328FB4CA6FF6
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 4AEE5F53909B53C46F657F41FCCD9CC3
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvFBuZi4bvrCLoNTPbj8VhBp_vuuLm2g5bej5ldXR2t8rDvcP4bbolVlVY2JMEZOtPkIL_KigkNqjJE7C1xCv3FEDycRwqHBFUFZiq7bnb8bg0C0W9J8IOysO7OXU6WQPX9nhRL9lR3dehSrgp37nj9Nkk5nVCwg8v5uR6Rj1PwNwZn6WwYOreOGtiswSZjbGsuLjQTC2sTlt4YAUaP9Eo_M9C0yFNci-dxxPupgW1O2jBGa7EUHBXq_F-EXM7AQduDwLM0W72N3YFEHW3hT9oTh9iZjHqShH6UlS6sJEzZ4ntmN7aINLOXkMgeK4KIIg3adc737iT5DgIiDwVInOgtZYEv4rtXaOvsJ8MszQ&sai=AMfl-YS64msK3m_6UwIDcP2nOpVtgNGEZbeV1HsjuA0wX2JTIjgS0lBtVhAm6KWF0m5DGDSSUm6Y4k8c56aiaR4CBdz6kw7WorxsM0n7VqIdjj84ePWYVd7DhONemc5shks&sig=Cg0ArKJSzLfTmUxx16bEEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: DBA56759DD66120E6CDEE2AE9F7A8605
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvJWxDB5IUBGPO6uPkBMAE&v=APEucNUq-RxtHj-BDV0lH1rzJTWXZeTkgFrKm96yQIUWyhvGZROUtZcOhIJqTpWJL6c4UyNp1L8QkO3LYQoiSU44-SY0JZLVcPnihePTRU2hPLOz5Gl_nEk
Frame ID: 6B6C931BD0589758258CCBA3E4A251EA
Requests: 5 HTTP requests in this frame

Frame: https://static.yieldmo.com/images/ad-choices.svg
Frame ID: EA250D10FA48E29EB04FD86BFC280A97
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

509
Requests

69 %
HTTPS

0 %
IPv6

108
Domains

167
Subdomains

93
IPs

13
Countries

3410 kB
Transfer

9574 kB
Size

140
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 119
  • https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882 HTTP 302
  • https://cds.connatix.com/p/368057/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882&tier=1
Request Chain 131
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fpastelink.net%2F3t5ilv84&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fpastelink.net%2F3t5ilv84&rid=esp&cc=1
Request Chain 150
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LOG9UQG6-5-KAQ8&gdpr=0
Request Chain 155
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2393881630050333936
Request Chain 156
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=319e643acfc0d19b31ebccfe6c174&gdpr_consent=&gdpr=1
Request Chain 158
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi4zLiOz0Azf5r7jgnQZra-c3_ZqlyuAXSQ
Request Chain 161
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=kGMBuMzSWhyP5gCYC9ZEXzlwBVAa5Cva2OCnSg0F5jQ
Request Chain 163
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGIxpgxsnM_tw_mTjRTB17o&google_cver=1
Request Chain 167
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=yieldmo HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LOG9UQC7-1Q-A58P
Request Chain 168
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEBfh1feXl-D_ce87VgqLDh4&google_cver=1
Request Chain 170
  • https://bh.contextweb.com/bh/rtset?pid=561118&ev=1&rurl=https%3a%2f%2fads.yieldmo.com/v000/sync?userid=%%VGUID%%&pn_id=pp&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy= HTTP 302
  • https://ads.yieldmo.com/v000/sync?userid=ujBaf8EMJnl3&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0
Request Chain 171
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&zcc=1&cb=1698874231284 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=1225412530 HTTP 302
  • https://sync.1rx.io/usersync/turn/9119690413696387230?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-18b3309c-1213-4463-ae3b-59c8e198f501-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-18b3309c-1213-4463-ae3b-59c8e198f501-003 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-18b3309c-1213-4463-ae3b-59c8e198f501-003
Request Chain 176
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-eu-west-1.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=2393881630050333936&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Request Chain 177
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-eu-west-1.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a01d2fa9fdb29%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=2393881630050333936&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Request Chain 178
  • https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=UqIsYjPXXLk7C02d2KjJ&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=&tc=1
Request Chain 179
  • https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=adyoulike&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=adyoulike&ssp_user_id=9a5353ba-e71e-4f61-9897-398e51822172&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-sBgcdfhE2pl.llV5fnzobKhOTnC5Q0KhghGQ0Q--~A&expires=5&ssp=adyoulike HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=9a5353ba-e71e-4f61-9897-398e51822172&name=BIDSWITCH&gdpr=&gdpr_consent=
Request Chain 181
  • https://match.prod.bidr.io/cookie-sync/aul HTTP 303
  • https://match.prod.bidr.io/cookie-sync/aul?_bee_ppp=1 HTTP 303
  • https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AAENY07KhYcAABg2xplsjQ&name=BEESWAX
Request Chain 182
  • https://csync.smilewanted.com/getuid?source=openrtb&zoneCode=openrtb_adyoulike&redirect=https%3A%2F%2Fvisitor-eu-west-1.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSMILE_WANTED%26ttl%3D720%26uid%3De77031af9e62c4ae76bee5b9517c4ef4%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=SMILE_WANTED&ttl=720&uid=e77031af9e62c4ae76bee5b9517c4ef4&visitor=18a17799546f92b1f52d3755048e88d2&gdpr=0&gdpr_consent=
Request Chain 185
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-eu-west-1.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26visitor%3D__ZUID__%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 186
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-eu-west-1.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_BANNER%26ttl%3D720%26uid%3Dbdef6bd95b7450b4e62a32db8c7d8c9d%26visitor%3D__ZUID__%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 187
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&pu=https%3A%2F%2Fvisitor-eu-west-1.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DPUBMATIC%26ttl%3D720%26uid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26visitor%3D%23PMUID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2393881630050333936
Request Chain 189
  • https://sync.srv.stackadapt.com/sync?nid=33&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-ed123e2f-fa20-58ba-40a8-5af76122dbc9$ip$85.218.70.160&name=STACKADAPT&gdpr=0&gdpr_consent=
Request Chain 191
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEENX%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D&gdpr=0&consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEENX%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D&gdpr=0&consent=&crf=1&rts=634891658194671073 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=6ba0b4a4-fbcf-5432-8913-f696ec5135ee&name=BETWEENX&gdpr=0&gdpr_consent=
Request Chain 192
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5E789729-1E92-41CA-8B4F-987C6EDAE9FE&rurl=https%3A%2F%2Fvisitor-eu-west-1.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADMIXER%26ttl%3D720%26uid%3D0f4b0fcde45fe67019618f4c5f35f52e%26visitor%3D%24%24visitor_cookie%24%24%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=3b230d7754c34b8dab8f1c175ec68a62&gdpr=0&gdpr_consent=
Request Chain 196
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 197
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 199
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 203
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi4zLiglhBCFbYIOHml4yVK-boqAQXTCf5w
Request Chain 205
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGIxpgxsnM_tw_mTjRTB17o&google_cver=1
Request Chain 207
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LOG9UQF5-U-I57A&gdpr=0
Request Chain 208
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2393881630050333936
Request Chain 209
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=47de23d1df628a2c2fd3b055dda898ca&gdpr_consent=&gdpr=0
Request Chain 211
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=4620150274202798648
Request Chain 212
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=kGMBuMzSWhyP5gCYC9ZEXzlwBVAa5Cva2OCnSg0F5jQ
Request Chain 213
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2393881630050333936
Request Chain 214
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-2RM.RndE2uHNQelEy.NdvN.v7Aqj0uompIy9nrQ-~A
Request Chain 216
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=onetag&ssp_user_id=9a5353ba-e71e-4f61-9897-398e51822172&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-sBgcdfhE2pl.llV5fnzobKhOTnC5Q0KhghGQ0Q--~A&expires=5&ssp=onetag HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=9a5353ba-e71e-4f61-9897-398e51822172&gdpr=&gdpr_consent=&us_privacy=
Request Chain 223
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=smartadserver HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=7RI-L_ogWLpAqFr3YSLbyVXaRqA&user_group=1&ssp=smartadserver&gdpr=0 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=9a5353ba-e71e-4f61-9897-398e51822172&gdpr=0&gdpr_consent=
Request Chain 224
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NDYyMDE1MDI3NDIwMjc5ODY0OA==&gdpr=0&gdpr_consent=
Request Chain 226
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=NDYyMDE1MDI3NDIwMjc5ODY0OA==&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEKxoeb6cmVTBzI8qKATbNWs&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 229
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=B3ABD658-6510-47A0-8543-FE669B89DF5B&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=B3ABD658-6510-47A0-8543-FE669B89DF5B&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 230
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=wyojXpYsIFTYKyAIzCw6XJd-IFnYeScPwi_wLMRb HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
Request Chain 231
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2393881630050333936&gdpr=0&gdpr_consent=
Request Chain 232
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7296609266459408536&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
Request Chain 233
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=9a5353ba-e71e-4f61-9897-398e51822172&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_ad34fc1b-3f75-4745-8107-dec66bbd9587&bsw_param=9a5353ba-e71e-4f61-9897-398e51822172&expires=10&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9a5353ba-e71e-4f61-9897-398e51822172&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 234
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=7RI-L_ogWLpAqFr3YSLbyVXaRqA&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
Request Chain 236
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZULDeAAAArVjVAAU
Request Chain 237
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFNGhFN0toWWNBQUJqN2h0UU91QQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAE4hE7KhYcAABj7htQOuA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=4620150274202798648&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAE4hE7KhYcAABj7htQOuA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D4620150274202798648%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=4620150274202798648&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAE4hE7KhYcAABj7htQOuA&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAE4hE7KhYcAABj7htQOuA&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=B3ABD658-6510-47A0-8543-FE669B89DF5B
Request Chain 238
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUadfb157e88884077b43e7bb06bc044f5 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
Request Chain 239
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
Request Chain 242
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8317966665527016768 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
Request Chain 243
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322329301776830 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
Request Chain 246
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 247
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=s6vWWGUQR6CFQ_5mm4nfWw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 249
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=382873761
Request Chain 251
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjNBQkQ2NTgtNjUxMC00N0EwLTg1NDMtRkU2NjlCODlERjVC&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
Request Chain 252
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEI30_bqJ34ZRup-FmkQa_Bg&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
Request Chain 254
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=770273705208909224 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
Request Chain 257
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B3ABD658-6510-47A0-8543-FE669B89DF5B&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-87Nwz51E2uXImq2foVdP44m_dWAOsSQ-~A&gdpr=0
Request Chain 258
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=24381f8a-062e-473d-bf9e-cc834db2ecca-6542c378-4348&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
Request Chain 259
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9191748007734315166&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 260
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=16ef43cb3931931&is_secure=true&networkId=17100&version=1&nuid=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIDD6btsPpUgMCuWDgAAAAAAA&expiration=1698960632&nuid=B3ABD658-6510-47A0-8543-FE669B89DF5B&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 261
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:52e6de76-f6f2-4f38-927e-3e58c737e32f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
Request Chain 285
  • https://ghent-aws-fr.bidswitch.net/imp/0.112908/BSWhttps_A_B_Badx.g.doubleclick.net_Bpagead_Badview_Cai_RCo79VcsNCZbbaBda5nsEPh-OA0AO7x529c5yq-IH2EZEvEAEgg__3mH2D17ceB1ASgAYKpsYkDyAEJqQKa2VsA7m2yPqgDAcgDmwSqBJICT9D-Ad-VahThHmjiA__0iKrfOPAJ879vn3Nw49MKvPkyQ3bq8MKQmeiaYb6PwyfW4Y6jMlR4oFasjaJcoPPFA0z-6J2YHaPYyOYLHIM4VAiF0xcjHRehwvAXKjB5jCKt8B2wdIUMeo65__9mlCgkQjzc1QrlDpllKO7kgyh93SzNDohUevKGD0IUKDTe-LuHloPaxvJ5qE48BAQk1XLfe9BjKssKXyT1gRw-NZ8ouvJsc9LF8jFoDqPcHcwvRqyklcMeMfcfBrIXfnqQ2R4zPCxfBpnq09X__F91bdDysIImO5rRi42chRDtLnVqins-uDxRUj-6lxmepBWVElEaZhXjrJMozh1lvQnl6-ZZyv1mfrP2cAEz8K10MAE4AQDiAWxtu7yTJIFBggDEAEYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGTIAH5tbOdqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB__6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKELmNBxj9xLj5AdIIFAiAYRABGF8yAooCOgKAQEi9__cE68ggUYmlkZGVyLW9uZXRhZ18xODQ3MjGACgTICwGiDAwqCgoI5LSxAu61sQLaDBEKCxCglvbP__ryXtLUBEgIBA7ATyMSsFcgTlJvu4wPYEwqIFAXYFAHQFQGAFwGyFwgKBggAEgAYAOgXAQ_Jsigh_RCJ3Jmb7YXkE_Juach__m_R_EUACH_F_Jase_R2_Jnis_R4_Jpr_R38_A_I_WAUCTION__PRICE_X_Jcid_RCAQSMgDICaaNV7xRmxTd6Lfzh9qLfk__fjTwQ3flJg7dSlUM7crEeCEjh2fl-rMlA3VgOHvHsGAE/fOnwf3Cvs1G7bZ2eIo8l3tPjyX0yqg4LrpvUHI0jyhX2P6VSfbAknNe2v5eQmBI-vuh-ih0-B2FTfL2C5lK3uXEYoofF_XWjSBvI0uFlfTQuFA1WJBuCSCUoKSNLwEhjd3X8tbJKP_Zs-drDC2VlR1G3Dj4ImvSYlUK31aNNMKH_bwKWf1fVD6VeQZnqlOUhdWG8LGZtvIaL_2zKPaFPd5Z1tQ4LliE2PlfhanzCkH8vjCylGoxoHKFpc37HthnMLx7FuNYeyBS8JXaQmokZY7gz0jytlOBk9-LDV0vaRZDfaJ3KYzFyyPLsTAYccvgFzZ7I382aNtEVPe4nIRzlnPpvqwH17OJzaK-oLyWzURtSh2bn2oYSrGT_jtqQ1Un73iP09vGWNMTemKHdal7k-LpUE-KM8zwvTmM2ifYftqeT3fKRVrWecjlSpISYHtL9O4QCi9eXLsa6wtIdAUpAS6pBeTV98y-FDMsK5VMIHiDxC71qGROUxWrvr0Cpk3-TtsOf-WJTCi3JXQuYyLvQQoJ8Z6XFtceheuToiEFLFQHmpxKK54dWK6EvKnB0QmtrHY-RhGtKAoaGyhPYsQhIA_EB-_AyjaodS7TTjm6rPsLifvnhWNfqPLPP_khyoZLvsi9ehoV1XV1cu9GdPA6LImat1TCucpxkBw7C7ODLJm23j-1UkN3vJ0TZmSOEne5Zfkoy_2zfRAwL-_7-4BGR0WTqu9dKkk33RsMcBBWMqFP5Grxl3BN2MpsmbUMn1h-OEgjmEuztU3BMMSG1Nup7TRXxeNglzIvT4GZfsjD8Ve_VgdWACQHqTAmFykcZBWw3cnV-y3qecK1gLOCRKrvaixjZtRrVlxP9lkh_PWSRGhk-vnW-teqRgXbTz_lBDDLI06xHFKA0QBtmcusp44_K4TCK5Xp95U9b4DAm3KbvOVI6pcpmAEvPYi6nmLexz-U9cPnb0T2T7r_QTrp28aIpwsmI6kk4Lh0wux6CKc-42CpqwbWouhCN5eLEX6qTcgYjrwF8Gn4sxKW1WvetlV6wgw9DmIdzunlPOIxHXHGKQWAe8ukWUuNgFG5q1PI-ysUo3Oet0UR5IxELuG6IAxQbNDrFfp4-qFiDcwfcVc59djonmevYZOpGhvOlkj44YsrS4OI0glpugJMS3_VOdHHedxAUG-pL-Losqb_6RjG949ipXT8XNE4HVFTugk5YMuMPf9c-S1b9ZGYlHAuocMqT_FZc4JabIXhl3kwS00t4xmvw-ghwgSSXPy2iSOlvbLXBOsoL65JCwZpfzBRVThI9k0c48DGZ2ZsgNHHM_TC8uVVPcBCRhBdx8L8HCz10ZqIftoY49dK7eNRkFsWL3EUuzhLXO13_tBy6ajI5oPDkUcV1W5qsgvtvaDc0j-g7nST0xIOYsGKO1o8PmRRCyEaUESIdx4Msm9z2iHI74ngA7md-xZcIypWATXcg593FNzKaqWLVA_CJ_LsKkTNB_5BX0NEifphbdRw7TmzzHAh3CzZ7wvRStJ1qOobVxa5VQ5yNkyb43dw0jKfcn8dFqqDEIHZSqzEt8oIJ3Re-4LdlplNn/ HTTP 302
  • https://adx.g.doubleclick.net/pagead/adview?ai=Co79VcsNCZbbaBda5nsEPh-OA0AO7x529c5yq-IH2EZEvEAEgg_3mH2D17ceB1ASgAYKpsYkDyAEJqQKa2VsA7m2yPqgDAcgDmwSqBJICT9D-Ad-VahThHmjiA_0iKrfOPAJ879vn3Nw49MKvPkyQ3bq8MKQmeiaYb6PwyfW4Y6jMlR4oFasjaJcoPPFA0z-6J2YHaPYyOYLHIM4VAiF0xcjHRehwvAXKjB5jCKt8B2wdIUMeo65_9mlCgkQjzc1QrlDpllKO7kgyh93SzNDohUevKGD0IUKDTe-LuHloPaxvJ5qE48BAQk1XLfe9BjKssKXyT1gRw-NZ8ouvJsc9LF8jFoDqPcHcwvRqyklcMeMfcfBrIXfnqQ2R4zPCxfBpnq09X_F91bdDysIImO5rRi42chRDtLnVqins-uDxRUj-6lxmepBWVElEaZhXjrJMozh1lvQnl6-ZZyv1mfrP2cAEz8K10MAE4AQDiAWxtu7yTJIFBggDEAEYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGTIAH5tbOdqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKELmNBxj9xLj5AdIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggUYmlkZGVyLW9uZXRhZ18xODQ3MjGACgTICwGiDAwqCgoI5LSxAu61sQLaDBEKCxCglvbP_ryXtLUBEgIBA7ATyMSsFcgTlJvu4wPYEwqIFAXYFAHQFQGAFwGyFwgKBggAEgAYAOgXAQ&sigh=CJ3Jmb7YXkE&uach_m=[UACH]&ase=2&nis=4&pr=38:0.1129&cid=CAQSMgDICaaNV7xRmxTd6Lfzh9qLfk_fjTwQ3flJg7dSlUM7crEeCEjh2fl-rMlA3VgOHvHsGAE
Request Chain 286
  • https://aws-fr-sync.bidswitch.net/sync?ssp=onetag&dsp_id=16&imp=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=onetag&bsw_param=9a5353ba-e71e-4f61-9897-398e51822172&google_hm=OWE1MzUzYmEtZTcxZS00ZjYxLTk4OTctMzk4ZTUxODIyMTcy HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEAiOi5kFrbi1eFbIyJLOLEY&google_cver=1&ssp=onetag&bsw_param=9a5353ba-e71e-4f61-9897-398e51822172 HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=9a5353ba-e71e-4f61-9897-398e51822172&gdpr=&gdpr_consent=&us_privacy=
Request Chain 293
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F&rd=1 HTTP 303
  • https://x.bidswitch.net/sync?ssp=richaudience&gdpr=0&gdpr_consent=&user_id=65a64357-3c42-402f-b9e1-1zz1698874221 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Drichaudience%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=6ba0b4a4-fbcf-5432-8913-f696ec5135ee&ssp=richaudience&expires=30&user_group=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=9a5353ba-e71e-4f61-9897-398e51822172&gdpr=0&gdpr_consent=&us_ps=
Request Chain 296
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=5568543680 HTTP 302
  • https://sync.1rx.io/usersync/turn/8975575225620531358?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-18b3309c-1213-4463-ae3b-59c8e198f501-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-18b3309c-1213-4463-ae3b-59c8e198f501-003
Request Chain 297
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6652614731716365000
Request Chain 301
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELxZ2ilGoM17QNAiuiL7PDo&google_cver=1
Request Chain 302
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=7719749994456075456 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/6ba0b4a4-fbcf-5432-8913-f696ec5135ee
Request Chain 307
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi4zLjnFDG3v46ergPCXF70sONJMsuW9grg
Request Chain 308
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=pVPX59otmqzDVhQhObPKoLfUd06oqFIykmMUb0lopjk
Request Chain 312
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2393881630050333936
Request Chain 313
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=47de23d1df628a2c2fd3b055dda898ca&gdpr_consent=&gdpr=1
Request Chain 318
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGIxpgxsnM_tw_mTjRTB17o&google_cver=1
Request Chain 321
  • https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/bizzclick/98b55351aa3a0461d6e279612aaee3346077920089d56b56a94757fdd4482976
Request Chain 324
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/6652614731716365000
Request Chain 326
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&gdpr=0&google_gid=CAESEIeEeGsOqWH5bm_u2vwASkU&google_cver=1
Request Chain 330
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/47de23d1df628a2c2fd3b055dda898ca?gdpr_consent=&gdpr=0
Request Chain 336
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi4zLkO9NQVWUTrwyrrIOz1-bKl00huQI-g
Request Chain 337
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=pVPX59otmqzDVhQhObPKoLfUd06oqFIykmMUb0lopjk
Request Chain 338
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=B3ABD658-6510-47A0-8543-FE669B89DF5B
Request Chain 340
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LOG9UQG6-5-KAQ8&gdpr=0
Request Chain 341
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2393881630050333936
Request Chain 342
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=47de23d1df628a2c2fd3b055dda898ca&gdpr_consent=&gdpr=0
Request Chain 344
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=4620150274202798648
Request Chain 346
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGIxpgxsnM_tw_mTjRTB17o&google_cver=1
Request Chain 347
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-2RM.RndE2uHNQelEy.NdvN.v7Aqj0uompIy9nrQ-~A
Request Chain 348
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=onetag&gdpr=0&user_id=E2ImqUZkJaMIYyX_HGQ_q0c2Ja4IMSL4EmeQexhC HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=9a5353ba-e71e-4f61-9897-398e51822172&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 354
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr=0&gdpr_consent=&gdpr=0&khaos=LOG9UQG6-5-KAQ8 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LOG9UQG6-5-KAQ8&name=RUBICON&gdpr=0
Request Chain 372
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/LmeGniOz2LvtmPbrJAKJ2g?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-oOiLix9E2oJgXlr9aVc9kWh5k7GexKMLPqUugQ--~A
Request Chain 373
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOG9UQG6-5-KAQ8&gdpr=0
Request Chain 375
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEHizmZIKnaudfN3ck_4NMf4&google_cver=1
Request Chain 376
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=FwojFcBoTMaeFa1ufyiGJw&rk=usync-na&gdpr=0
Request Chain 378
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_lwhYpr-QQ6hqen1ilU_8g&rk=usync-other&gdpr=0
Request Chain 380
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAE4hE7KhYcAABj7htQOuA&expires=30&gdpr=0
Request Chain 381
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0 HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LOG9UQG6-5-KAQ8&gdpr=0
Request Chain 382
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&gdpr=0 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LOG9UQG6-5-KAQ8&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LOG9UQG6-5-KAQ8&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true
Request Chain 384
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LOG9UQG6-5-KAQ8&gdpr=0
Request Chain 386
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LOG9UQG6-5-KAQ8&gdpr=0
Request Chain 391
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LOG9UQG6-5-KAQ8&redir=true&gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LOG9UQG6-5-KAQ8&gdpr=0&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1rVG0ua01aRTJ1R0tMcVV1a2txTlJianJfRUdoWUI3ZH5B&gdpr=0&ovsid=LOG9UQG6-5-KAQ8&dpid=58160
Request Chain 392
  • https://token.rubiconproject.com/token?pid=37556&a=1&gdpr=0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LOG9UQG6-5-KAQ8&gdpr=0
Request Chain 393
  • https://c1.adform.net/serving/cookie/match?party=1164&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=6652614731716365000
Request Chain 394
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=0188f3d2-0376-4262-8ec0-e78ae159e102&gdpr=0
Request Chain 397
  • https://sync.srv.stackadapt.com/sync?nid=14&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=7RI-L_ogWLpAqFr3YSLbyVXaRqA
Request Chain 398
  • https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=2393881630050333936&expires=30&gdpr=0
Request Chain 399
  • https://ad.turn.com/r/cs?pid=6&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=9191748007734315166&expires=60&gdpr=0&gdpr_consent=
Request Chain 400
  • https://sync.1rx.io/usersync2/rubicon?gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4784626975
Request Chain 404
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=1&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=24381f8a-062e-473d-bf9e-cc834db2ecca-6542c378-4348&expires=360&gdpr=0&gdpr_consent=
Request Chain 408
  • https://pixel.rubiconproject.com/exchange/sync.php?p=33across&gdpr=0 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LOG9UQG6-5-KAQ8&gdpr=0
Request Chain 409
  • https://pixel.rubiconproject.com/exchange/sync.php?p=outbrain&gdpr=0 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LOG9UQG6-5-KAQ8&obUid=&initiator=&gdpr=0
Request Chain 413
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZULDeAAAArVjVAAU&gdpr=0
Request Chain 415
  • https://um.simpli.fi/rb_match?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=4045D098764F458682B994D33705A4DB&expires=365
Request Chain 417
  • https://token.rubiconproject.com/token?pid=2046&pt=n&a=1&gdpr=0 HTTP 302
  • https://rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=l5PbjTjA1w_E4vBUw6Qgzg&gdpr=0 HTTP 302
  • https://rubicon-match.dotomi.com/match/bounce/current?DotomiTest=5c54c90b5e541931&is_secure=true&networkId=12783&version=1&nuid=l5PbjTjA1w_E4vBUw6Qgzg&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAAIdy5mFlOEDQN55PecAAAAAAA&expiration=1698960633&nuid=l5PbjTjA1w_E4vBUw6Qgzg&is_secure=true&gdpr=0
Request Chain 418
  • https://dsp.adfarm1.adition.com/cookie/?ssp=7&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7296609266459408536&expires=730&gdpr=0
Request Chain 420
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17184&gdpr=0 HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LOG9UQG6-5-KAQ8&gdpr=0
Request Chain 421
  • https://bh.contextweb.com/bh/rtset?pid=560687&ev=1&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D390200%26nid%3D5120%26put%3D%25%25VGUID%25%25&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=ujBaf8EMJnl3&ev=1&pid=560687&gdpr=0
Request Chain 430
  • https://ghent-aws-fr.bidswitch.net/imp/0.141232/BSWhttps_A_B_Badx.g.doubleclick.net_Bpagead_Badview_Cai_RCW4WPcsNCZe3ABaad2fcPwd62sAS7x529c5yq-IH2EZEvEAEgg__3mH2D17ceB1ASgAYKpsYkDyAEJqQKa2VsA7m2yPqgDAcgDmwSqBJICT9A0nfjsiTNqclbpP3T__g64ujsXj6BS3X4XlzzTAR2dNY5TQHSmGZ2gfVU11F1nh2yxDe1Gzs93OUcfF0SJ6h8i__Z08Pr4dfyXs7-V35v__VL5JGwAZRv3LIL8Sv2xqGhFDvLflBIe5BVMJBPKhnrq__ot961NGsHxjOMx-E18Ounv6KunWsj3arVGrUvN3kHSYIfxj5p1kX2ZkuBKhttGMB2afCZXUlqh05iquIKQX5GzeDiOVJqYikJ9xmyJNXgf57gIxDUYbJud4aVTFomSltXb2l39cKfPcYBQxERSC2M8IW__Y__GIsDNLylSHn0uGJyq5Urujb9IcSINMinJQnzEaT-rixJUCLzgrgFYvaQV__TnsAEz8K10MAE4AQDiAWxtu7yTJIFBggDEAEYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGTIAH5tbOdqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB__6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEMvxCBj9xLj5AdIIFAiAYRABGF8yAooCOgKAQEi9__cE68ggUYmlkZGVyLW9uZXRhZ18xODQ3MjGACgTICwGiDAwqCgoI5LSxAu61sQLaDBEKCxDgkpqjkYCLnYEBEgIBA7ATyMSsFcgTlJvu4wPYEwqIFAXYFAHQFQGAFwGyFwgKBggAEgAYAOgXAQ_Jsigh_RcfDuqej0gRo_Juach__m_R_EUACH_F_Jase_R2_Jnis_R4_Jpr_R38_A_I_WAUCTION__PRICE_X_Jcid_RCAQSMgDICaaNCDMKidC2Aj-fZtjbkZtZfF__9rFPwR905OBaONsrqAl0R3EZmqWA1unV3RrVmGAE/Qa9bVlxmI6JXXE3lOclbkt0bsHDExGu-qPRWmSNxrecKzGYnPPUbOQlInptJcUxBzfGjJ6tt7o4MkiaWxJ-xqlKCmoPtqRddtM-dflRfx4mB9ZdRHK9SJLpJ-1uVWnPwJxNXW1SlfwFGWIiAtWvv1_4hwK6AJpUEy0M_AldOO7GkaZTSBtho4QxtzSCI8UcbsX7IAhwanNjZsqX7qvPnqrQNSeQbNqBoSVMZZ3dDa46F6paiMfCmU2BViPzgKYAJ0qkJfZf7oJ62TxZIwqU-_9TOeN5YjFIoFGb6J6uGi7SZGUdd8rjCPgPuhLpoNjGgiUMu_YCkYtSFj12drtiOfsV_jrG9n3xvlLs3eSA5hQcVfMaNyVj7yjm2-rNxm2rLUfbczrX2hEpzQ2M67msr7p5uipkTfBeHS4PP4OTJoEyyBdBaSCd59Pao6KM-uMTUO1NAbxhkuThXqPLBdOTxZAyrSc-HbJrpRplDTVjIgrpQJZ42OEXEh7SKLdwdhnOF7RVP8FfaisNcR9O1FAtBZMtgkHoQGe7PbaBqN7jhB1FwSnddb0giEJKvznRRe2VfHWXVXD4sKmojv3fxXjxbNE1Z2iFZ7rTEPTqJohadOEWE2MLchoSnek2Z8exyMEkrt01BpdXL1sux6RGoFwPfBplrBoYdRbaY-F8A_PypSoFDEzrkkx8OyEEXok9cfLqE_G1LXdEcLgflBeorgnbUrtkEfu3P9ekNuww8APitQBv5YxLyFab8bfXHLj1WLvQTEe8SK9LzXVMUzkPqCQhdpZqy8CwbQwu1zzw_8iZP1O5vy6zhizLuu05HvobsX77SGwb5ts6YewqM0oJGHtY_TGwwqwjfW3dnNHVoaSwYRBT-liL9BE_XunPiUt-ONiMFzaZ0P6fkg6wPyFk78hSbA8IaLsI6uVZ6twPpSGIyryutRcQ9g7gA2n6lSYhYDCWPFz4-KrohoL_k7T5CLrnFY0WdR_PAidRfgdu3FIRsQUbJrPHnNCMSAl6ccVZMvpRhuodQYNkRGdmMH6peGLh-3PxulXizUfdAkvUPsjUyANHWqROeCJ99kktLjQ9Ge1bdwErYNZ89BBIQtOnn_uiXd28aXH8UZuUxKOFZd0zRBembJANdfn1JyckX7VT211BRzKC0pq0aYlIa7k1PpOX6CQuAT04t4UycK7_6A94Y1b3gUF0Of3YYEQyyKZUNPiZHGszagWaEPAqslQuXKDNywdse0asGyD-aV2my4LvjxgnzgASWu83_bUwhSatEqUJs-AqG-uMZ3dflY_fHPZb7NE8XOIKxUh9puv3UkUHacCIa3uusyhRmQNZVVDhCjqMRUb-56gpf16cjhIvcEjlSaQdWWpPdAXH6WctvwLR0bmg36BEo90EvmEkXkn7GwUYnvrbvdkES-4dQts6qrsu9tx4Vt_q8Pr_L1TualVDTg-CBclKuxlgzHL4xagFAsIPpDDjvKgq4PMPufMb--T8zvcldl7-K51SJdJ9bClNELvgX-KAVNv40b-laUrrQeNTKHm9pseZtx7GbFrv1-Z3H6V76xIVFMcy_3ezUCG4uxgvy/ HTTP 302
  • https://adx.g.doubleclick.net/pagead/adview?ai=CW4WPcsNCZe3ABaad2fcPwd62sAS7x529c5yq-IH2EZEvEAEgg_3mH2D17ceB1ASgAYKpsYkDyAEJqQKa2VsA7m2yPqgDAcgDmwSqBJICT9A0nfjsiTNqclbpP3T_g64ujsXj6BS3X4XlzzTAR2dNY5TQHSmGZ2gfVU11F1nh2yxDe1Gzs93OUcfF0SJ6h8i_Z08Pr4dfyXs7-V35v_VL5JGwAZRv3LIL8Sv2xqGhFDvLflBIe5BVMJBPKhnrq_ot961NGsHxjOMx-E18Ounv6KunWsj3arVGrUvN3kHSYIfxj5p1kX2ZkuBKhttGMB2afCZXUlqh05iquIKQX5GzeDiOVJqYikJ9xmyJNXgf57gIxDUYbJud4aVTFomSltXb2l39cKfPcYBQxERSC2M8IW_Y_GIsDNLylSHn0uGJyq5Urujb9IcSINMinJQnzEaT-rixJUCLzgrgFYvaQV_TnsAEz8K10MAE4AQDiAWxtu7yTJIFBggDEAEYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGTIAH5tbOdqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEMvxCBj9xLj5AdIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggUYmlkZGVyLW9uZXRhZ18xODQ3MjGACgTICwGiDAwqCgoI5LSxAu61sQLaDBEKCxDgkpqjkYCLnYEBEgIBA7ATyMSsFcgTlJvu4wPYEwqIFAXYFAHQFQGAFwGyFwgKBggAEgAYAOgXAQ&sigh=cfDuqej0gRo&uach_m=[UACH]&ase=2&nis=4&pr=38:0.14123&cid=CAQSMgDICaaNCDMKidC2Aj-fZtjbkZtZfF_9rFPwR905OBaONsrqAl0R3EZmqWA1unV3RrVmGAE
Request Chain 431
  • https://aws-fr-sync.bidswitch.net/sync?ssp=onetag&dsp_id=16&imp=1 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D%26gdpr_consent%3D HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=6ba0b4a4-fbcf-5432-8913-f696ec5135ee&ssp=gumgum2&expires=30&user_group=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=9a5353ba-e71e-4f61-9897-398e51822172&gdpr=&gdpr_consent=&us_privacy=
Request Chain 452
  • https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESED1gkw2BMo1WvNOZOPOYVb4&gdpr=0&google_cver=1
Request Chain 453
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEJrwO9fIRn0q5q7Llp0g77w&google_cver=1&gdpr=0
Request Chain 457
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&gdpr=0 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEMMAMYjq9q4ibk0mR2mkx4k&gdpr=0&google_cver=1
Request Chain 459
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJQkqjSEVORFNFKB_k43k9U&google_cver=1&gdpr=0
Request Chain 463
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LOG9UQG6-5-KAQ8&gdpr=0
Request Chain 464
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2393881630050333936
Request Chain 466
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=4620150274202798648
Request Chain 468
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=B3ABD658-6510-47A0-8543-FE669B89DF5B
Request Chain 469
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-2RM.RndE2uHNQelEy.NdvN.v7Aqj0uompIy9nrQ-~A
Request Chain 470
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=onetag&gdpr=0&gdpr_consent=

509 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 3t5ilv84
pastelink.net/ 		32 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
d947b805e04a78be4629fbf610ad54b7bdd217b422c9b566fbbef83b84d86d12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 01 Nov 2023 21:30:23 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
SAMEORIGIN
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f202.1e100.net
Software
ESF /
Resource Hash
af9edf3e86a80586d0770850908bf3929a2112adc59211e9cb715c0218f14b9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 01 Nov 2023 21:30:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 21:30:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 01 Nov 2023 21:30:24 GMT
styles.css
pastelink.net/assets/css/ 		130 KB
130 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastelink.net/assets/css/styles.css?q=37
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
12b2573815dac6ac5646fab27841f398fa908cc13d510f2e14bffb595b726bbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/3t5ilv84
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 26 Jul 2023 15:36:49 GMT
server
nginx
etag
"64c13d91-2071e"
content-type
text/css
accept-ranges
bytes
content-length
132894
jquery-3.6.0.min.js
pastelink.net/assets/js/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastelink.net/assets/js/jquery-3.6.0.min.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/3t5ilv84
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-15d9d"
content-type
application/javascript
accept-ranges
bytes
content-length
89501
script.min.js
pastelink.net/assets/js/ 		46 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastelink.net/assets/js/script.min.js?q=37
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
89f0335d649cdccf5bc16b4fad138e1fa6da670d851c82b48ccdd31273371110
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/3t5ilv84
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 26 Jul 2023 15:36:49 GMT
server
nginx
etag
"64c13d91-b8f8"
content-type
application/javascript
accept-ranges
bytes
content-length
47352
js.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/js-cookie/latest/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/js-cookie/latest/js.cookie.min.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
10107023
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
772
last-modified
Mon, 04 May 2020 16:11:49 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec5-6d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uAO2libdth3cKvO9KFGPfU6fBMc08J4WW9%2Fl8HF18dPdi9DeAOqi%2BCCexAglBUyO7usaJtwti4IXat1jAjfkJOUEKbNNZFbBKtPFqUdg%2BQ%2FFQ6KLd0QYSsabIv6xY9%2BW8POUMgeK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81f73d1d7fb0f0e3-CDG
expires
Mon, 21 Oct 2024 21:30:24 GMT
sa.min.js
www.ezojs.com/ezoic/ 		130 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ezojs.com/ezoic/sa.min.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.63.106 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b062c4377a8ebbe4b1f326b8d4591e1f6de41d1359f48a59961bbbb8a7961ad

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 Nov 2023 00:31:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
75558
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3JX9Y9HLptMefaGuDF7MaMeIjjAxNQRJNv5d%2BoUiWUq%2BRYWBIO3ehAgYymjHanBL5GI9IIT295mwEe2C%2BdvHQSfsCEPrQyQFdPlCMbNLq1yXcewnhhCMBc1CjmwmK2Lk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=86400
x-robots-tag
noindex
cf-ray
81f73d1dbc7a6679-AMS
alt-svc
h3=":443"; ma=86400
cmp.min.js
the.gatekeeperconsent.com/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://the.gatekeeperconsent.com/cmp.min.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.28.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c13a6e27988f84e3525e60ea308b444b49587fd3ecf07037d8fbd424c263476

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 Nov 2023 21:19:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
138
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6MvzL0KxrqQsr4X31GoK%2BTH75Q3bWSiew0TQ1bnlXk0CkHumQ1QAZaiGXBMYhuBDaqaBmByomckFneuFWjK5jEGyc669EAsKLK9%2BrfATa6mkcVBgp4EVy2NZ9TBnlZY49iTS9Vxd0QP0CiSd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=14400
x-robots-tag
noindex
cf-ray
81f73d1dbd341c96-AMS
alt-svc
h3=":443"; ma=86400
css2
fonts.googleapis.com/ 		1 KB
514 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Waterfall:wght@400&display=swap
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f202.1e100.net
Software
ESF /
Resource Hash
3cd373edcb087cffed39501ed5c514c75b35742ae40ab902e66a2fa3329f7d7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 01 Nov 2023 21:30:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 21:30:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 01 Nov 2023 21:30:24 GMT
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=captchaLoaded
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
GSE /
Resource Hash
a7cc1c0a78c74129a8c173cf11de37ec09eb2d51bc63a5ca452fa966d7c211f8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 01 Nov 2023 21:30:24 GMT
gtm.js
www.googletagmanager.com/ 		260 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
862d72189e79222ecf63eeb540b5c968ab7fb26f467ab436ea9999990b0ed0ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
91358
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 01 Nov 2023 21:30:24 GMT
consent_modules.json
privacy.gatekeeperconsent.com/ 		34 B
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://privacy.gatekeeperconsent.com/consent_modules.json
Requested by
Host: the.gatekeeperconsent.com
URL: https://the.gatekeeperconsent.com/cmp.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.144.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23d808aef91f5fc3308dd8c97bde0383aef646942ae9b5d76c441da284469294

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vyGo3vKDpqpCdnfrN0W1UMSY6hYeNf3Mj6s7kKolCfVEgmWLuQ46hyci2evmJMKo4kicqw3Mk%2BBSjt7YnTxf0xqRIsoyGD7%2BqFI0um%2FI69DnJG9WPQBQyF0A6PlIhdPhlLkq0gE4D59G2CS2wPBTuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=15780000, public
cf-ray
81f73d216adf0a79-AMS
alt-svc
h3=":443"; ma=86400
content-length
34
sa.go
g.ezoic.net/ 		115 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/sa.go
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/ezoic/sa.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
556cbf0e32ca74b6dd14e43cc605991cbe1540ed23137b899478956b1d0339e4

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 01 Nov 2023 21:30:24 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
access-control-max-age
1728000
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
text/javascript
access-control-allow-origin
https://pastelink.net
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
access-control-allow-credentials
true
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-robots-tag
noindex
access-control-allow-headers
Content-Type
expires
Tue, 31 Oct 2023 21:30:24 GMT
recaptcha__de_ch.js
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/ 		464 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__de_ch.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=captchaLoaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
1f8a69b2a2b34f9ad653d8d8627fb36573303a4442a5aff2699707a5ccebf033
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Origin
https://pastelink.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 19:05:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
181474
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
190291
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 04:01:46 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 29 Oct 2024 19:05:51 GMT
debut_light.png
pastelink.net/assets/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/debut_light.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
c24ccee9a35eef9e74411eac871935bdff6bcb895cce80b754b66d3e4292a3ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-10c8"
content-type
image/png
accept-ranges
bytes
content-length
4296
pastelink-logo-german.svg
pastelink.net/assets/images/logo/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/logo/pastelink-logo-german.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
48c997dad566c02a0a4f8416efa520f838a711d067a08f33b3ccffd541333e92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-38e0"
content-type
image/svg+xml
accept-ranges
bytes
content-length
14560
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f3.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 19:33:17 GMT
x-content-type-options
nosniff
age
439027
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Oct 2024 19:33:17 GMT
truncated
/ 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
13100cd3879e5c1385581d7c88153e60cd7c3e4b0578fe2838daa56da689769b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
arrow-down-blue.svg
pastelink.net/assets/images/ 		239 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/arrow-down-blue.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
50a60e5e5f2e8f10a2f8685031ec9849ba8faff613139f3a402e89f25ccbbabc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-ef"
content-type
image/svg+xml
accept-ranges
bytes
content-length
239
moon.svg
pastelink.net/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/moon.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
ed6cd01c384db70bedbe24986aa85b0745f994ad71b7e5712f8a60e1ff457d7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-62e"
content-type
image/svg+xml
accept-ranges
bytes
content-length
1582
public-black.svg
pastelink.net/assets/images/ 		578 B
748 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/public-black.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
57226adbc32c91a8cd4ec9ee08e4f155f3450e79256731c04f81709a58c4c1fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-242"
content-type
image/svg+xml
accept-ranges
bytes
content-length
578
social-spritesheet.png
pastelink.net/assets/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/social-spritesheet.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
8af24d7350dbdc8eea22e4737deaa35a795b19b0560d7173113bec7e8a3effb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-70de"
content-type
image/png
accept-ranges
bytes
content-length
28894
logo-bg-90-tl.svg
pastelink.net/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/logo-bg-90-tl.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
1c9e4c65f9d921b1c0829958cc7b2f307a3e22ac7a23e8315b6db4c0954e1107
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-933"
content-type
image/svg+xml
accept-ranges
bytes
content-length
2355
pastelink-logo-german-contrast.svg
pastelink.net/assets/images/logo/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/logo/pastelink-logo-german-contrast.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
02614d11cbdc1f220b7be546d59ef5e14489c86a5fdce3f22ce7b6bf9990bc71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-3d2f"
content-type
image/svg+xml
accept-ranges
bytes
content-length
15663
logo-symbol-non-white-bg.svg
pastelink.net/assets/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/logo-symbol-non-white-bg.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
15f20e02ef301e62ed325d633f971c506dcf1be3458c2371b849b505bb8673dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-11c0"
content-type
image/svg+xml
accept-ranges
bytes
content-length
4544
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f3.1e100.net
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 17:18:52 GMT
x-content-type-options
nosniff
age
447092
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Oct 2024 17:18:52 GMT
MCoRzAfo293fACdFKcwo3bv9.woff2
fonts.gstatic.com/s/waterfall/v6/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/waterfall/v6/MCoRzAfo293fACdFKcwo3bv9.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Waterfall:wght@400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f3.1e100.net
Software
sffe /
Resource Hash
eccd38680a730362f3e1c7bf8a8215808a4d79a1189ef9732b10bcf89150de7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 21:03:11 GMT
x-content-type-options
nosniff
age
433633
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36624
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:39:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Oct 2024 21:03:11 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f3.1e100.net
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 05:30:43 GMT
x-content-type-options
nosniff
age
403181
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Oct 2024 05:30:43 GMT
js
www.googletagmanager.com/gtag/ 		246 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
1d4550d1876b9231dc478884c6ab6debda970b1f7039dc61574b59e87e120f80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86539
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 01 Nov 2023 21:30:24 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 01 Nov 2023 19:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6043
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 01 Nov 2023 21:49:42 GMT
v.js
g.ezodn.com/cmp/v2/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.ezodn.com/cmp/v2/v.js?v=4
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.136.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dce8ae752b8ed25d878707381a347b8889bfde191cd468eac141c5526a1f13dc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 20 Sep 2023 17:04:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
58878
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bKGY589u5gAhVexy%2Bfq1L%2FYXKMtkt0z9vH3IwfskMOh4YJZWSDIHg8RvQY2Gpo9TKD1%2B58Jl6o%2BW5G4HZBynDQ6z1jpQJGR6QuBp23%2FRVHtR9Ba1wzEbVrU%2By8ZZRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=15780000
cf-ray
81f73d24fe765c3d-AMS
alt-svc
h3=":443"; ma=86400
boise.js
go.ezodn.com/detroitchicago/ 		673 B
668 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/detroitchicago/boise.js?gcb=195-0&cb=2
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.136.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fa04d8b4b07ebd5ebb250e33b532615e80dd02d46afb5cc0654c3c128b1c427

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 18:07:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
62206
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6PnAobkxM4TpKQW1BG5dulFNxTm5viS9W4y9ZLs28iuJuFPayKiEmOpt0iS9XH3qw2DMh2ficKng9Q6iptk0yqigYUlX%2Fj7Gsutir%2B5CJlmP3GdqJ5JG%2F%2Bu6Dg%2BzuFI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
81f73d253c180a50-AMS
alt-svc
h3=":443"; ma=86400
abilene.js
go.ezodn.com/parsonsmaize/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.136.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b01d53596221a10ad89cd142297dd43310bbe0531fe4694fd590fdbeebf5a18d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 27 Oct 2023 21:36:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
431635
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rEWS%2Bx%2BX2TLHKKJ4kSQXVGiesLX4Hf2Xj2ik4S3hHbxiLF1DPpTWaVNRFRBelBKlJbCRzPBgyNwAe1JhLjizNaE8A2OZDSIhh%2FRtm3PFs3h0P1CmJT0FN5PSaLpXQSg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=14400
x-robots-tag
noindex
cf-ray
81f73d253c1b0a50-AMS
alt-svc
h3=":443"; ma=86400
et.js
go.ezodn.com/porpoiseant/ 		1 KB
868 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/porpoiseant/et.js?gcb=195-0&cb=2
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.136.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c34f09169d2a10e8f5863960e81575ab70f88b52f4bd3386ce5e41e73a94487

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 29 Aug 2023 18:02:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
50127
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8QRDVjTm%2BJKiuvEiIRAw3UJGUzBD%2BL4Sv0IR09pnkimiTiU3RCmWHB97TUb0nHiQeFHLopJm4WcQ1g%2BA2sr3hHUVk7eTkSjyG0NDf%2Ff0dbSg6QR3f7TGNzqfVPmN%2FPw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
81f73d253c200a50-AMS
alt-svc
h3=":443"; ma=86400
jellyfish.js
go.ezodn.com/porpoiseant/ 		37 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/porpoiseant/jellyfish.js?a=a&cb=11&dcb=195-0&shcb=34
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.136.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
300e2db7f019d940ffcb00bff1342eeeab8b4c44806e34b91f9e2c49432171aa

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 26 Oct 2023 21:47:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
66159
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qqQqaWJBCS1oN7kszvyaKuNbJ1taq1SVitUVzJZl8WHrkkMSN96sOFyZ0sX0F7kk%2FipOVwRzAVMSUUCWeFNmrbJPgRD7TQNRJB%2BEZxVcGBBdh1RIcAU9QVdx2ngk5MM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
81f73d253c1c0a50-AMS
alt-svc
h3=":443"; ma=86400
tortoise.js
go.ezodn.com/beardeddragon/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/beardeddragon/tortoise.js?gcb=0&cb=6
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.136.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ea07afd59f660225e82c177586447bf9960c48e6b1beb9b810e27a0be16ed9a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
73815
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
content-length
1378
last-modified
Tue, 17 Oct 2023 21:47:23 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tJm3HgbvDeGHilD4ooA%2B7QS%2FOaZ7TA8aA1I2TFyhLJvYHFUYX0LoEkOTIQuAVJZYl7bCXqWS4iQagGuH4devAALF5VFSKd%2BW2uBn44faX3%2FnXuTtdKaiOTPKknwLaao%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
81f73d253c1d0a50-AMS
armadillo.js
go.ezodn.com/beardeddragon/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/beardeddragon/armadillo.js?gcb=0&cb=27
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.136.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
270d68c001d05e764b3ccd047bedf93a8376bfd08b44124a67b9fa31e335cea8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1294929
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
content-length
1021
last-modified
Tue, 17 Oct 2023 21:48:14 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SAIm%2BhAbv3X6byAKidk5OmwBN6ge0ABIbsIw5sYaocFN9ahrbHYRDSSfAiUE51D1z%2Bq230j46or8GWA%2B6TXPQwWnjtCX9zP1IXgIuWGdzfmT%2FJGKAAUlgXBc4hV84sc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
81f73d253c1e0a50-AMS
anchorfix.js
go.ezodn.com/detroitchicago/ 		658 B
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/detroitchicago/anchorfix.js?cb=195-0
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.136.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de87bb69f975f75ecc1e95684d9f1bdaaae75bcbbb118b4b280a8c425be735c6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 03 Feb 2023 17:07:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
449839
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vxXxx9qWHnauOJNtR1QRi7Z3ct%2BK%2Ft7aR%2BXQVJR19y9FLcatML%2FxBOHDpdJy35F126eqP1j71oFbghoi%2B8t%2BOMmKZkl7Kn4O0DnBzH7qW9%2BD3XwF8xjqw%2BFDz64MUU4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
81f73d253c210a50-AMS
alt-svc
h3=":443"; ma=86400
stickyfix.js
go.ezodn.com/detroitchicago/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/detroitchicago/stickyfix.js?cb=37&dcb=195-0
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.136.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32a2baa1b5a0e87a7b49efbf01793684e0c5b719f13c73e6216143dc34e4ff60

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1291576
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
content-length
1296
last-modified
Tue, 17 Oct 2023 22:44:01 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=stCTg%2FCT37XlXiz%2FK35mruEorQBAt8uUOr7tQSbQhFHSZjCbWK4bsqwh2yxwzYpFZ6EJBi4rRPFz1%2F3s0ieMV5uNZ31GRitkJojSbKFwkD9FxCfVk8GUcyOl%2FLVxZQ4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
81f73d25dcea0a50-AMS
sidebarwall.js
go.ezodn.com/detroitchicago/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/detroitchicago/sidebarwall.js?gcb=0&cb=20
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.136.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c542e17b6f0b2503d96cc8d680e83cff629c472078334b0d6e9052311799e9a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 Nov 2023 17:53:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
12991
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dT5lfcT2kp5OwwGzQXMo%2BpiNjQs2o1aaS4jV409hCkLqqxPHDgNq2sQdqsGA4PZO8zEkzXM4%2FwIGqL%2BzCkRlCKYQ71%2Fs6QKDchl2PAtMufKnIly3XRO1sUYup5M8ep0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
81f73d25dced0a50-AMS
alt-svc
h3=":443"; ma=86400
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
d5e9c7abd3990ae5655dbd663c0af4e539eee368f1bf308d62d83866fb79774c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31143
x-xss-protection
0
server
cafe
etag
100 / 19662 / 31079371 / config-hash: 12744499585952903359
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 21:30:26 GMT
tuscon.js
go.ezodn.com/detroitchicago/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/detroitchicago/tuscon.js?gcb=0&cb=13
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.136.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50fbbe164918e6fb86e26b49d99c193d1c36ec6bbf9a51b9967ca74f2282ccde

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Oct 2023 03:17:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2484761
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W9cK47aLSzbTWaq7icXSM4StDLVZWkIlfnYD3lYkglynEylPoAyJOiedITqOjBHAc7o19bCkzJq887G6Wb5wxuGEdocXnBECvqaMYMs1S6plmZOLwGS0GG1twWdlt4E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
81f73d25dcee0a50-AMS
alt-svc
h3=":443"; ma=86400
kenai.js
go.ezodn.com/detroitchicago/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/detroitchicago/kenai.js?gcb=0&cb=6
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.136.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6923498f78595bd12b0b85b4d8fb03395bb293984a9efb4251447a9b80f459bb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 23:06:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
58878
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w67BC0%2BzpyiktiinwzXd6nI8at7y8pjdMr0xWJdJI%2FlREGU7LD7IvvG%2B6qcoRPX%2Bz%2BLMNyAkgwsoOv%2B6t70mgdVn4PmqDe8YgIL5XJcqyRa0vPRRzxGp6n1cJbViChc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
81f73d25dcef0a50-AMS
alt-svc
h3=":443"; ma=86400
portland.js
go.ezodn.com/detroitchicago/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/detroitchicago/portland.js?gcb=0&cb=43
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.136.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
958e28bc668ef4f2e177884feeb001f2024f40838d21856dcc4f2951615dc5e4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 13 Oct 2023 20:28:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1645321
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mAtu46kMlxB7C1mj1XfPheUcErlcAvfJUzf4C8A1GwoCtwxhdkn%2Fgt6EmQAEd%2BdiAeV0ODndGpaOThoM6yn8AaA4pYPMOrYLe5IjmH7e23uZXQsTAXcBlsFjcdWvhag%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
81f73d25dcf00a50-AMS
alt-svc
h3=":443"; ma=86400
dall.js
go.ezodn.com/hb/ 		748 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/hb/dall.js?cb=195-0-68
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.136.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57ed6dfe36a2b2680ab6067032185f2c4cccc534b118a3d2067c6b643ef43678

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 26 Oct 2023 17:01:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
534543
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sv9Wv3ivpfytIUJlPirhw5nvY6BADT2X5SaJO7CEcPpL8eyJiK%2Fs2EkfNBkFl6%2Ft0A3NFfaKSq%2FOgd5JVuhEsNhg%2BwMkOUOUsWaqfX7f%2BrXEp75fnSuypywusSPi%2FVI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
81f73d25dcf10a50-AMS
alt-svc
h3=":443"; ma=86400
pwt.js
ads.pubmatic.com/AdServer/js/pwt/162833/9311/ 		560 KB
174 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/162833/9311/pwt.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.96.187 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-96-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d2975ad9fed76943cd29612c490a47ff3885a95e75457aeef4a6d1c8752f156e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:25 GMT
content-encoding
gzip
last-modified
Mon, 16 Oct 2023 20:16:58 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=30471
accept-ranges
bytes
content-length
177523
expires
Thu, 02 Nov 2023 05:58:16 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		147 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
522df8cb457dc9f9c617f00dbe2e1ba22153c7280950c15c53bdc48cf53561a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51885
x-xss-protection
0
server
cafe
etag
9975912505566817176
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 21:30:26 GMT
banger.js
go.ezodn.com/porpoiseant/ 		55 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/porpoiseant/banger.js?cb=195-0&bv=279&v=100&PageSpeed=off
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.136.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47136135f5a6927b97483def6b726635568e8bde0a6e0d529f2fc7b339df2fcd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 27 Oct 2023 22:38:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
47531
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GtXf7Y6AqKDVOPjkUT5lhj7q7AhWhk5%2FSj3cC2kL0jTG%2FswZ%2FTwJmeqTzBzM%2F4hdm8mzprjounUKnBw1TgPH%2BwNUmgn2gc8E17uW1IecnaDIthXXtIrCQ9x%2BY6mvz%2Bo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
81f73d265d520a50-AMS
alt-svc
h3=":443"; ma=86400
ezoic.png
go.ezodn.com/utilcave_com/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.ezodn.com/utilcave_com/ezoic.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.136.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07a54e49f65745ec3e0c0bfec9c0005b787370f8f65476b8da936e14d9ceaaa1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:25 GMT
cf-cache-status
HIT
x-sol
middleton
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
421969
x-middleton-display
staticcontent_sol
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 27 Oct 2023 18:09:20 GMT
server
cloudflare
etag
W/"592-608b69664f91d-gzip-gzip"
vary
Accept-Encoding,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IXt93rJcOnK5QmqsqjHaKE3uzCE3qo9WVYUhYqT5GHf6U9%2FjLQWqydj%2FsVXZvQLhb957wNOK2jqCABNgAg45KWFNFL%2BP49MRetfQYQ7J47uvs%2FYZ600KAYICZPQNZos%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
cf-ray
81f73d26cdc60a50-AMS
expires
Sat, 04 Nov 2023 00:17:28 GMT
ezoicbwa.png
go.ezodn.com/utilcave_com/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.ezodn.com/utilcave_com/ezoicbwa.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.136.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b848ce1bea5ca25251a1c22058f8df660f1c8161c21ebc13a9ba55ec479d10

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:25 GMT
cf-cache-status
HIT
x-sol
middleton
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
421985
x-middleton-display
staticcontent_sol
alt-svc
h3=":443"; ma=86400
content-length
1331
last-modified
Thu, 26 Oct 2023 16:57:35 GMT
server
cloudflare
etag
"533-608a177fb1590-gzip-gzip"
vary
Accept-Encoding,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A1vV58Iu3dXLVYRPRpW8oRu0Rjl2WPDyZhRAuhrrv06GJD8fvclsmrBFGn53SPH3tj%2FukFfCAhTNEB20KEYKgCoI5EM8tkWZzxHM6ZZw6rUf2hbDLYyuVz68MVXAExs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
81f73d265d550a50-AMS
expires
Sat, 04 Nov 2023 00:17:16 GMT
collect
region1.google-analytics.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-S3DKHVPF03&gtm=45je3au1v873532799z8831407672&_p=681257193&gcd=11l1l1l1l1&cid=1833405134.1698874225&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698874225&sct=1&seg=0&dl=https%3A%2F%2Fpastelink.net%2F3t5ilv84&dt=10%20Unexpected%20Private%20ADHD%20Diagnosis%20UK%20Tips%20-%20Pastelink.net&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ezadloadhb.js
go.ezodn.com/porpoiseant/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/porpoiseant/ezadloadhb.js?gcb=195-0&cb=126
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.136.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e286031bab2a01f6284da514b3feb85b3a65a264d5d0172329ea44f698d46314

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 Nov 2023 02:07:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
69787
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JcSacVYVms9v5Ii47kSGc94dOlSHP%2FGlnZYKDyfy244uAXE8dwzj6NmQKpT6%2F%2BcNnY50ejRuJ2f37JkZf%2FC3u90tzb9gY9a0X283nwUGaazeyRlXhyetbP7tFALjw6A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=14400
x-robots-tag
noindex
cf-ray
81f73d26fdec0a50-AMS
alt-svc
h3=":443"; ma=86400
collect
www.google-analytics.com/j/ 		15 B
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=681257193&t=pageview&_s=1&dl=https%3A%2F%2Fpastelink.net%2F3t5ilv84&ul=en-us&de=UTF-8&dt=10%20Unexpected%20Private%20ADHD%20Diagnosis%20UK%20Tips%20-%20Pastelink.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=544395001&gjid=1881489070&cid=1833405134.1698874225&tid=UA-55088947-2&_gid=159028612.1698874225&_r=1&_slc=1&gtm=45He3au1n8155WHPWQv831407672&gcd=11l1l1l1l1&z=582663286
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
bcdaedbfd60b8d0a8a9eb4b16285345a749068b601c93f494362990f2a3e61f4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		229 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4KDXYD7HFC&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
7cfe9382eafc9511e5e434580ff80104d0875a9700e34d8e5d0d68f2baf7e7e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83052
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 01 Nov 2023 21:30:25 GMT
mulvane.js
go.ezodn.com/parsonsmaize/ 		1002 B
941 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/parsonsmaize/mulvane.js?gcb=195-0&cb=5
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.136.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2e858e11bbfe82d0150dd8fc768dfdb4577415c0ee84435e0d6c51a50e6cb64

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 05 Sep 2023 23:10:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4918780
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=byO%2F4u4epZEK4wGbYSgyPxjqvtzWa7%2F0KJhQ3X894kJmSlAG8BMPM7PFMYNSTz6peuRCwz1%2BZp4ERL6ca08GlUK9A1Es72WF1vwkCjuQVAY5RSbCw4wmdcZreZJ8vLo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
81f73d26fded0a50-AMS
alt-svc
h3=":443"; ma=86400
raleigh.js
go.ezodn.com/detroitchicago/ 		1 KB
981 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/detroitchicago/raleigh.js?gcb=195-0&cb=6
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.136.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30887d75ca7268ceabc93067bca019f8ffe07189630a759407b236736e1f15af

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 08 Aug 2022 18:54:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
576020
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vd22d%2BI7cEwGtWbLrBBy6K8Yt3%2BjrQMR9KDJN7cJVZ52x8VOf8c8KFBgMjzPJGiulJPmOoAaeUOgBJ5b%2F9R%2BaNvC70W47VPQWIQJ2FZ1%2BJKrcgfFr%2B9hrZqRPNPj42s%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
81f73d26fdee0a50-AMS
alt-svc
h3=":443"; ma=86400
vista.js
go.ezodn.com/detroitchicago/ 		821 B
756 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/detroitchicago/vista.js?gcb=195-0&cb=5
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.136.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f511fa7924776077436e0e7c47d96a420282192ee4f9c5dc96def26cb856c709

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 29 Aug 2023 18:02:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4482039
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=66Pve9%2FbiCvczjGs%2B2Coq5esVqZX2jt3suARU8VMb2u1PnQJL4ZKQr%2FyvHp3CZMKb%2FhgJz5gGXDpTBG%2F%2B6X2GbjK2O%2FvBBCEZHLSVq6B8mP6aMp%2Ffnu8bxpdizOKMxg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
81f73d276e400a50-AMS
alt-svc
h3=":443"; ma=86400
tampa.js
go.ezodn.com/detroitchicago/ 		723 B
704 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/detroitchicago/tampa.js?gcb=195-0&cb=5
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.136.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e611f58b19c2ff6aba81588e7b0a148e523d8acbadc40092f8de5f50dca2f93c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 26 Aug 2023 00:50:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
55319
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W9sv2UqtVQOLkK2EYN31VdBwYYwU20FLXf7Fo9LBndzWJi%2BuGrLdf2Cy%2BpNymt9CxcZ8LJl5nlv2ER9GB8vfhFvTB3b%2FoA3xu6jtEDNw3A58XOJRWkb%2BYhe6Bojubls%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
81f73d27ae650a50-AMS
alt-svc
h3=":443"; ma=86400
army.gif
g.ezoic.net/porpoiseant/ 		0
95 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzgwNjE4NDg3MzQ1NzE5IiwiZG9tYWluX2lkIjoiMjUxNzg2IiwidW5pdCI6ImRpdi1ncHQtYWQtcGFzdGVsaW5rX25ldC1ib3gtMy0wIiwidF9lcG9jaCI6MTY5ODg3NDIyNCwiYWRfcG9zaXRpb24iOjExMDUsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJhNjYwNTEyMC01NTE2LTRlNmMtNTUzMi00NzIyOGZlNTE3YWIiLCJjb21wX2lkIjoxLCJkYXRhIjpbeyJuYW1lIjoic3RhdF9zb3VyY2VfaWQiLCJ2YWwiOiI0NCJ9XSwiaXNfb3JpZyI6MH1d
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Wed, 01 Nov 2023 21:30:28 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 31 Oct 2023 21:30:28 GMT
army.gif
g.ezoic.net/porpoiseant/ 		0
62 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzgwNjE4NDg3MzQ1NzE5IiwiZG9tYWluX2lkIjoiMjUxNzg2IiwidW5pdCI6ImRpdi1ncHQtYWQtcGFzdGVsaW5rX25ldC1ib3gtMy0wIiwidF9lcG9jaCI6MTY5ODg3NDIyNCwiYWRfcG9zaXRpb24iOjExMDUsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJhNjYwNTEyMC01NTE2LTRlNmMtNTUzMi00NzIyOGZlNTE3YWIiLCJjb21wX2lkIjoxLCJkYXRhIjpbeyJuYW1lIjoiYWRzZW5zZXR5cGUiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjowfV0=
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Wed, 01 Nov 2023 21:30:26 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 31 Oct 2023 21:30:26 GMT
nmash.js
go.ezodn.com/porpoiseant/ 		66 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/porpoiseant/nmash.js?bv=279
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/porpoiseant/banger.js?cb=195-0&bv=279&v=100&PageSpeed=off
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.136.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d35a435c34e52e98e05cdda07d86d384e983dc8400effc1af4c968375ba3ea4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 27 Oct 2023 22:38:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
427906
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=saL9Z1qGJtzOna3jgYRdlLwjo9MrpRU%2Bz6Bl9SIi87Q1hQEaLbdd9pAFWu63CqeL%2FE2lTwjIwmH%2BesmKCDhBCoJIHw6O40PkKtSfvNR97J8I8NrclnxcDQpxRqXthSw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
81f73d27de980a50-AMS
alt-svc
h3=":443"; ma=86400
/
bshr.ezodn.com/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bshr.ezodn.com/?did=251786&bf=30000&dc=1254144
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/porpoiseant/banger.js?cb=195-0&bv=279&v=100&PageSpeed=off
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.137.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ce113bbf0b3136cbb50dbdde8bb26c3e0d3032620c83b1cd6fd2b9d2beb0225

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-PINGBACK
pingpong
Content-Type
application/json

Response headers

date
Wed, 01 Nov 2023 21:30:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
775101
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Sep 2023 17:42:49 GMT
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
application/json; charset=utf8
access-control-allow-origin
https://pastelink.net
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f7572ACME41b8mqnkhOe0Cbp4zvb2hgQgsIqemTgzzMTNA%2Fg3AaIlotWM%2BB5bKs5pzV1wSAlHSO%2FMVkoGEdpIqkrLRfaVtqB3vbmAp8UFMuNv%2B0P1TdYeT8mfYoO1UysLw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private, max-age=1209600
access-control-allow-credentials
true
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
cf-ray
81f73d2acf546698-AMS
access-control-allow-headers
Content-Type
/
bshr.ezodn.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://bshr.ezodn.com/?did=251786&bf=30000&dc=1254144
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.137.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-pingback
Access-Control-Request-Method
GET
Origin
https://pastelink.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-pingback
access-control-allow-methods
GET, POST, PUT, OPTIONS
access-control-allow-origin
https://pastelink.net
access-control-max-age
1728000
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81f73d2a0e146698-AMS
content-length
0
content-type
text/plain; charset=utf-8
date
Wed, 01 Nov 2023 21:30:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2FmXdWIBYhAvrqvlHuxRriys6lDTen3%2BlihEevRgvwtJ3fFQJCmHZb1ReERV1y6s6nLyBCHH0fEFNW3YiHMW5O32rKa9kJelxd%2BJw%2B6quzQ1uQBEBM%2FG3e6YbOJf4VxUmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-4KDXYD7HFC&gtm=45je3au1v9136110041&_p=681257193&gcd=11l1l1l1l2&ul=en-us&sr=1600x1200&cid=1833405134.1698874225&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fpastelink.net%2F3t5ilv84&dt=10%20Unexpected%20Private%20ADHD%20Diagnosis%20UK%20Tips%20-%20Pastelink.net&sid=1698874225&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4KDXYD7HFC&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
olathe.js
go.ezodn.com/parsonsmaize/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/parsonsmaize/olathe.js?gcb=195-0&cb=23
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.136.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cebc0ded9f2ef3dd4e3c6d6010538dee890c24a070d6ba991e0c93e451d96ccd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 27 Oct 2023 21:36:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
66158
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DdS2H2xrjDhajhOS3YybjsZqOE8ISi946IDpni%2FF8tDpYZQL8uUsLnkJ0M5WAcvEAJpWCauiiJVKUsrziI1roXV2a481c28za4uZhQiyjDpRu0VVrMS1z7viKEPm5YY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
81f73d281eef0a50-AMS
alt-svc
h3=":443"; ma=86400
chanute.js
go.ezodn.com/parsonsmaize/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/parsonsmaize/chanute.js?a=a&cb=7&dcb=195-0&shcb=34
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.136.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cb36489072c0eb085096a47bfcced826b7a973e5f294d5a2b54bf16df3449d9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 12 Oct 2023 15:24:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1749964
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IIXlQebrmySgXVGpsLNMsN3aNqQYkFRLIzn3KNBok2Ik1Zcmr7Z0ZFXEeK0QHbMYHAuYN65cyWinS5VbvRACFEytlAJ0Bk7l8N4h3QQjo6zSG0rHkhY3WhfWA2OEBG0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
81f73d2d7bef0a50-AMS
alt-svc
h3=":443"; ma=86400
vitals.js
go.ezodn.com/tardisrocinante/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/tardisrocinante/vitals.js?gcb=195-0&cb=3
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.136.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d839b193eba1dd4578cc90dfe2fe6edea552e807f65af9e79780a58d0ad9b1bb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 25 Jan 2023 12:08:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
58943
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hgF9vciMv%2Fw2c6SC5I8eQoKKDJn37Rm4pMomfPYt450VTBPvY%2FUaPeRdQ01lJbPqZJORrTwZzz380bvffMOhQ8C9ngNyCZxDL9LsX5FD%2Bj%2FzpSeXtEigUzLaHArNTNU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
81f73d2d7bf10a50-AMS
alt-svc
h3=":443"; ma=86400
localstore.js
script.4dex.io/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8264bf30b0dfc41d19bf53d2c63a8fc9326b427cf3ea9cd9b6be2696fc55b118

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 21:30:27 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 23 Oct 2023 08:11:07 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
821893
ETag
W/"e90435520cec1363a82b67d8298d79a8"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Ae4KyJMQl8RWYlUs1R080vxf%2BXp9KZZjP3fTJJjHq3NG5Pg%2B5XMclUbt8f03FD091P%2BN4UE8w%2BrHyS6yuV4wZJZEeRV%2FsY3FsN%2FbTmvxTTCmxwSHD%2BYo3ugFHDyYPr7"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
81f73d30a91c66a0-AMS
translator
hbopenbid.pubmatic.com/ 		0
111 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Wed, 01 Nov 2023 21:30:25 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
192 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.16.0&cb=41523773296&lsavail=1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Wed, 01 Nov 2023 21:30:26 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
c
prebid.a-mo.net/a/ 		0
275 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Wed, 01 Nov 2023 21:30:25 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
59
server
envoy
vary
origin, Accept-Encoding
prebid-request
onetag-sys.com/ 		59 KB
37 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
5c03b405d14153c087a3dd2bfc3af6083b98a18211513e01bed4c0b021fe2204
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://pastelink.net
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
37855
/
prebid.smilewanted.com/ 		0
307 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 01 Nov 2023 21:30:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
81f73d293aa20a7b-AMS
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
36 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 01 Nov 2023 21:30:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
81f73d293aa70a7b-AMS
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
35 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 01 Nov 2023 21:30:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
81f73d293aa90a7b-AMS
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 01 Nov 2023 21:30:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
81f73d293aa60a7b-AMS
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 01 Nov 2023 21:30:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
81f73d293aaa0a7b-AMS
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 01 Nov 2023 21:30:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
81f73d293aab0a7b-AMS
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
prebid
ads.yieldmo.com/exchange/ 		16 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.16.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-pastelink_net-box-1-0%22%2C%22callback_id%22%3A%2240595ab25e050b5%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%2C%22bidFloor%22%3A0.05%2C%22gpid%22%3A%22div-gpt-ad-pastelink_net-box-1-0%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-pastelink_net-large-billboard-2-0%22%2C%22callback_id%22%3A%2241d6e99b424f206%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%2C%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B336%2C280%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%2C%22bidFloor%22%3A0.05%2C%22gpid%22%3A%22div-gpt-ad-pastelink_net-large-billboard-2-0%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-pastelink_net-box-2-0%22%2C%22callback_id%22%3A%224287d93410d4b5c%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%2C%22bidFloor%22%3A0.05%2C%22gpid%22%3A%22div-gpt-ad-pastelink_net-box-2-0%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-pastelink_net-banner-2-0%22%2C%22callback_id%22%3A%2243e8481172f12d3%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%2C%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B336%2C280%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%2C%22bidFloor%22%3A0.05%2C%22gpid%22%3A%22div-gpt-ad-pastelink_net-banner-2-0%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-pastelink_net-edge-1-0%22%2C%22callback_id%22%3A%22441b9db8e81954f%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%2C%22bidFloor%22%3A0.05%2C%22gpid%22%3A%22div-gpt-ad-pastelink_net-edge-1-0%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-pastelink_net-medrectangle-2-0%22%2C%22callback_id%22%3A%2245ea7e063357ac8%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C90%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%2C%22bidFloor%22%3A0.07%2C%22gpid%22%3A%22div-gpt-ad-pastelink_net-medrectangle-2-0%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-pastelink_net-edge-2-0%22%2C%22callback_id%22%3A%2246820a3ee7d3f1e%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%2C%22bidFloor%22%3A0.05%2C%22gpid%22%3A%22div-gpt-ad-pastelink_net-edge-2-0%22%7D%5D&page_url=https%3A%2F%2Fpastelink.net%2F3t5ilv84&bust=1698874225920&dnt=false&description=Pastelink.net%20-%20Anonymously%20publish%20text%20with%20hyperlinks%20enabled.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=10%20Unexpected%20Private%20ADHD%20Diagnosis%20UK%20Tips%20-%20Pastelink.net&w=1600&h=1200&pubcid=3d3056b2-3a12-424c-862a-8acd4d2bed7c&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22ezoic.ai%22%2C%22sid%22%3A%22d2ef912c0af14feeca45c4b843039186%22%2C%22domain%22%3A%22pastelink.net%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%223d3056b2-3a12-424c-862a-8acd4d2bed7c%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.46.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-46-203.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
cf8d2666fdbdec1c532294446cdfcb17760fae6c0d5f04f0e30e5ee64da6e788

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:26 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
vary
accept-encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://pastelink.net
access-control-allow-credentials
true
access-control-request-headers
Cache-Control, Pragma
v1
btlr.sharethrough.com/universal/ 		811 B
820 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.161.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-161-184.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
07667bd905fa3e586cbbad7cac0b37c350890414f61cb07b7163b54206a392ba

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 01 Nov 2023 21:30:26 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
454
v1
btlr.sharethrough.com/universal/ 		725 B
760 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.161.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-161-184.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a75f39c5757b0cfb77c86b38e0ef416aeb38eacddc3c9158d16ad65869c1f4cf

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 01 Nov 2023 21:30:26 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
394
v1
btlr.sharethrough.com/universal/ 		787 B
814 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.161.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-161-184.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
18d50616a5f5dfd0c239f5f9e46c1038e91c274c0541d7031b175bdccc0d9423

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 01 Nov 2023 21:30:26 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
449
v1
btlr.sharethrough.com/universal/ 		673 B
773 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.161.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-161-184.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
097c42b49b95374a75a87be81c99fbc8cfe0717ae3e90d764eb33693a007bcfe

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 01 Nov 2023 21:30:26 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
406
v1
btlr.sharethrough.com/universal/ 		677 B
743 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.161.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-161-184.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
64281196f4a88ed70ddd5e3007f2ff0346ff3872bbe7f18ab84d3fdb7c49b32f

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 01 Nov 2023 21:30:26 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
377
v1
btlr.sharethrough.com/universal/ 		548 B
657 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.161.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-161-184.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
f54e3223688b13aabdb70b64de73dd290ac5c5a6af29ced4a3677212c94b58ff

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 01 Nov 2023 21:30:26 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
291
v1
btlr.sharethrough.com/universal/ 		560 B
662 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.161.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-161-184.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
2e5f70d2fdc346a476b18e9e53b68feb31e03c5ffad3a96e93d66a65202e12f5

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 01 Nov 2023 21:30:26 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
296
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		1 KB
853 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fpastelink.net%2F3t5ilv84&PageUrl=https%3A%2F%2Fpastelink.net%2F3t5ilv84&PageReferrer=https%3A%2F%2Fpastelink.net%2F3t5ilv84
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.171.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-171-173.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
efea659079a0c30c3a180f1ba8f9acf0b54a1a0033961490179f838dfc6ad247
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 01 Nov 2023 21:30:26 GMT
via
kong/2.8.4
x-content-type-options
nosniff
content-encoding
gzip
x-kong-proxy-latency
1
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
527
pragma
no-cache
access-control-max-age
3600
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://pastelink.net
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
prebid
ib.adnxs.com/ut/v3/ 		475 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
541f6cd48953a57e245ad797db319feebdf348d6e8d6679b87e26ebf472483fc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:26 GMT
an-x-request-uuid
e0982efb-8efd-4421-8105-75b93e8d2b51
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
85.218.70.160; 85.218.70.160; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
475
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
rtb.adxpremium.services/openrtb2/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
f918083d056ed60d25f5f4a01660991185490f91c27b0ea14fe063e6291f205c

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 21:30:26 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://pastelink.net
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1962
Expires
0
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231101
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162833/9311/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2a34e11ebf0ce5dc89f255eaba05379c048b35c2e259f719162caf48ba2fbdc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 01 Nov 2023 21:30:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
19777
x-jsd-version
1.0.1861
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-mad22071-MAD
x-jsd-version-type
version
server
cloudflare
etag
W/"63b-vDp1B9kyqfR0sTbk/GuzmQvMMt8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9MQNh9QivdAwrYEzl43H1aHLvTBabw8LuLhLpD5SYCibTUMG9ji1nUFuenbhUt%2F%2FXGfxXunqLDv7GYs5lJydjT8mAyNDklUK0gaGt2X2h57qO%2FltaWCOc%2FBSJxAi4qPsVgo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
81f73d2b5dec0485-CDG
imp.gif
g.ezoic.net/detroitchicago/ 		43 B
170 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/detroitchicago/imp.gif
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 01 Nov 2023 21:30:32 GMT
content-encoding
br
access-control-max-age
1728000
access-control-allow-methods
HEAD, PUT, POST, GET, OPTIONS
content-type
image/gif
access-control-allow-origin
https://pastelink.net
x-middleton-display
imp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
access-control-allow-headers
Content-Type
content-length
47
expires
Tue, 31 Oct 2023 21:30:32 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/ 		425 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e8cf20f6e98c91ff5a877209649b0839bb06e5751793babfb0dbbbb60a9e811a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 10:36:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
39210
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136288
x-xss-protection
0
server
cafe
etag
17302374607849014435
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 31 Oct 2024 10:36:56 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310260102/ 		398 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310260102/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
2e7c613fa1ab0fccef77c4fa15a81e845cf9ca5cbb96206a846d01d16a8e4890
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138037
x-xss-protection
0
server
cafe
etag
16551855925507591200
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 21:30:26 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231031/r20190131/ Frame 2B3E 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231031/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
26248
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4502
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 14:12:58 GMT
etag
251720774729838433
expires
Wed, 15 Nov 2023 14:12:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
connectId-gpt.js
connectid.analytics.yahoo.com/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connectid.analytics.yahoo.com/connectId-gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-14.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
Security Headers
Name Value
Content-Security-Policy default-src 'self'

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 20:48:17 GMT
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
content-security-policy
default-src 'self'
x-amz-cf-pop
FRA56-P2
age
2532
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
8730
x-amz-expiration
expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified
Tue, 17 Oct 2023 13:17:45 GMT
server
AmazonS3
etag
"c46e30de24d0f12167e302e9e32ff4a5"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
1UIQs9ZLRPCyWRa_-Eqi8kFakzveuMeRMXo0cio3zkvTphFOjg9s-A==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.156.47.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-47-119.lhr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Wed, 01 Nov 2023 05:28:00 GMT
Via
1.1 97d882fdcaf1da316742a0953a5a0564.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
LHR50-P2
Age
57751
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
-IqDTvK78BZc1z-92UOOAg61KCvcfLOSPRnEhlZmdK1upPuv-_-9mQ==
esp.js
cdn.id5-sync.com/api/1.0/ 		143 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fab57543f51269755c854c09e1a361e6a3c04ae97b28b483ae00f13de630e9d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:30 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 24 Oct 2023 08:11:43 GMT
server
cloudflare
x-amz-request-id
C83DCSDHBMNSK089
age
2581
etag
W/"8a9ad568d94062c0186983f6aac0be50"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
81f73d46efea0be0-AMS
x-amz-id-2
nfvrvwhPHNgHDE4sQdrNzUYjIp9TF/8GSB/jrc4m80A5CK5xuO8aafAS2vLs2wg6Kxamvv5SmrQ=
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 12:26:36 GMT
content-encoding
gzip
age
1760634
x-guploader-uploadid
ADPycduBEwOUe4u5SZB_edlycJ8hpfyz7wb0ln9J6f56K7CEuQweAuPCIHg8RO13d4GrsokyvnIZDGKYPuPEj8KlY89KjA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Fri, 11 Oct 2024 12:26:36 GMT
ob.js
cdn-ima.33across.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:30 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 20:31:13 GMT
server
cloudflare
age
171065
etag
W/"65401291-2b7d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
81f73d468a9e2355-ZRH
expires
Sat, 04 Nov 2023 21:30:30 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-a9a7"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Nov 2023 21:30:31 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 05:49:30 GMT
content-encoding
gzip
via
1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
56461
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
ZFsCbgvGmIPdSQD18TExdaECFOaAHivk25pND2GeRuHqfGiTXg8dUg==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:32 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
2232605f941050eaa38d95f4e331ab21
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2564
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-yyz4568-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ctGglouFeaOZzlEZa38Y0xFmPizw0yoTlpEkOfXpSWBBJmgObwD3eeeWlsEyYtfMZVtQMYZDl4RYhP2eMGqz1phKHqVNPCS8SCHSEQDOJm3FUNGWMM6xV%2FgNjXmuNTSX25k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
81f73d509f59f8c9-CDG
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
967 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4190647440363764&correlator=1456865523516185&eid=31079165%2C31079302%2C31078530%2C31079371&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-pixel1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&didk=3466210713&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698874226986&lmt=1698874226&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fpastelink.net%2F3t5ilv84&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1833405134.1698874225&ga_sid=1698874227&ga_hid=681257193&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRih8q3muDFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBii8q3muDFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGKLyrea4MUgAUgIIZBIZCgpwdWJjaWQub3JnGKLyrea4MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRii8q3muDFIAFICCGQSFwoIcnRiaG91c2UYovKt5rgxSABSAghkEhQKBW9wZW54GKLyrea4MUgAUgIIZBIZCgp1aWRhcGkuY29tGKLyrea4MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YovKt5rgxSABSAghk&dlt=1698874223774&idt=3166&prev_scp=ezoic%3D1%26d%3D251786%26avc%3D92%26br1%3D140%26iid1%3D4920978483350591%26reft%3Dn%26eb_br%3Daf063c244089b52ec5a0423a258f1f8e%26tap%3Dpastelink_net-pixel1-4920978483350591%26ap%3D9999%26br2%3D90%26ga%3D2497208%26bvr%3D0%26bra%3Dmod182-c%26al%3D1006%26ic%3D1&adks=2114093675&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
7f56c48a0f946027b414f31bd15e9ea8eb28790eceb091bc6a4d6726c5259b00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:27 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
576
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
49f5040f1a78f8f1412e6eb85e884369.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C4EF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://49f5040f1a78f8f1412e6eb85e884369.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 21:30:28 GMT
expires
Thu, 31 Oct 2024 21:30:28 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl_page_level_ads.js?cb=31079371
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
f7b8af9b735073ec39e38018ae49ba7396286cd7e2cb2c4d457885ff41ad755f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 10:38:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
39127
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13740
x-xss-protection
0
server
cafe
etag
11733316767131186006
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 31 Oct 2024 10:38:24 GMT
cookie.js
partner.googleadservices.com/gampad/ 		393 B
607 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=pastelink.net&callback=_gfp_s_&client=ca-pub-1750856239204414
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310260102/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
6fd12dc3f341d3ecadcee02df70fd7ef4b398b89fd3431a5a000243e96fc2718
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4561 		722 B
580 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750856239204414&output=html&h=250&adk=1204883557&adf=2224284356&w=706&lmt=1698874227&rafmt=12&channel=4987320600&format=706x250&url=https%3A%2F%2Fpastelink.net%2F3t5ilv84&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698874226256&bpp=4&bdt=2482&idt=956&shv=r20231031&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&correlator=4533154427087&frm=20&pv=2&ga_vid=1833405134.1698874225&ga_sid=1698874227&ga_hid=681257193&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=400&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532335%2C44798934%2C44805932%2C44807048%2C44807464%2C31078297&oid=2&pvsid=4190647440363764&tmod=2093918269&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=972
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310260102/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
67e65380e1c5dd66af7f036236903078838c1132fdca4ab62cb4972d6c142649
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
359
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 21:30:27 GMT
expires
Wed, 01 Nov 2023 21:30:27 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
script.js
cadmus.script.ac/dahhc4ozyvjm6/ 		131 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5f3ffbc113e9eaf870fc8aacceae9f84ba5fe2117184cb1432834b5d97ff6a7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:32 GMT
content-encoding
gzip
last-modified
Wed, 01 Nov 2023 20:12:21 GMT
server
cloudflare
age
0
etag
W/"987ef2512a856faf0ed8ceab05031b6d71d1d5b2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray
81f73d4fd9940638-CDG
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caf2558c473f0989ccb9e45da327c56bb9f877da13fe442adc10644d75e2f1d9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 21:30:28 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
46415
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 23 Oct 2023 08:11:06 GMT
Server
cloudflare
ETag
W/"42783f4dfb63346ef86cbdd3594314a1"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SZEECrWOGwCjI386VYJXzh7B0DXn6tsGBdaVcgWM%2FwUccOK41jcVVyqg1ZjIl2M%2FPoqyIX0Rn6ynEh4V0B1P%2FTtJshkYRz%2F6D9JXUHIFNYkmg%2Bwh9%2F5AdRycRqegN%2FHj"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
81f73d39ac8366e4-AMS
publishertag.prebid.js
static.criteo.net/js/ld/ 		96 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-1811e"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Nov 2023 21:30:31 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		627 B
454 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4190647440363764&correlator=1831391554585360&eid=31079165%2C31079302%2C31078530%2C31079371&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-banner-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C336x280%7C160x600%7C300x250%7C300x600&fluid=height&ifi=3&didk=666188455&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698874227940&lmt=1698874227&adxs=1081&adys=987&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fpastelink.net%2F3t5ilv84&vis=1&psz=336x280&msz=336x250&fws=516&ohw=1600&ga_vid=1833405134.1698874225&ga_sid=1698874227&ga_hid=681257193&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRih8q3muDFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBii8q3muDFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGKLyrea4MUgAUgIIZBIZCgpwdWJjaWQub3JnGKLyrea4MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRii8q3muDFIAFICCGQSFwoIcnRiaG91c2UYovKt5rgxSABSAghkEhQKBW9wZW54GKLyrea4MUgAUgIIZBIZCgp1aWRhcGkuY29tGKLyrea4MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YovKt5rgxSABSAghk&cbidsp=CvwCCAESGQoIcHVibWF0aWMQ7wMgAlIIcHVibWF0aWMSFQoGY3JpdGVvEJQEIAJSBmNyaXRlbxIPCgNhbXgQ9QIgAlIDYW14EjsKBm9uZXRhZxCBBBokCg83N2FhOTQ1OGM2ZjU5OTUQx-IEGgNVU0QoAToGCKwCENgEIAFSBm9uZXRhZxIfCgtzbWlsZXdhbnRlZBDQDyADUgtzbWlsZXdhbnRlZBIXCgd5aWVsZG1vENcDIAJSB3lpZWxkbW8SIQoMc2hhcmV0aHJvdWdoEP4CIAJSDHNoYXJldGhyb3VnaBIbCglhZHlvdWxpa2UQ5AYgAlIJYWR5b3VsaWtlEiMKCG9mdG1lZGlhEPkCIAJSCGFwcG5leHVzUghvZnRtZWRpYRIdCgpsdXBvbm1lZGlhEOECIAJSCmx1cG9ubWVkaWEYAiIkM2U5ZTM0OTItODcxZS00YTk1LTk1NDktMmJkNmJlZjBlNWQxKgQIAyAAMgd2OC4xNi4wQNAPSgA.&dlt=1698874223774&idt=3166&prev_scp=a%3D%257C0%257C%26iid1%3D3199110881343318%26eid%3D3199110881343318%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1109%26sap%3D1109%26as%3Drevenue%26plat%3D1%26bra%3Dmod182-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D7%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D31%26al%3D1031%26compid%3D0%26tap%3Dpastelink_net-banner-2-3199110881343318%26eb_br%3Da495ce7dbb4cefcd3e0a722048894f41%26eba%3D1%26ebss%3D10061%26bv%3D11%26bvm%3D0%26bvr%3D1%26avc%3D38%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D100%26br2%3D50%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D77%2C131%2C0%2C192%2C0%2C168%2C132%2C0%2C71%2C197%2C187%2C0%2C901%2C182%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C6293%2C6294%2C6295%26hb_bidder%3Donetag%26hb_adid%3D79653d3a883453f%26hb_format%3Dbanner%26hb_ssid%3D11291%26hb_opt%3D0.06%26hb_rt%3Dclient&adks=2804293402&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
117e59670232ee197c33549c2f0e1320d6a9f37eaed15ecc585be87b82611c01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:28 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
275
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		623 B
448 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4190647440363764&correlator=1831391554585360&eid=31079165%2C31079302%2C31078530%2C31079371&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=4&didk=3113486611&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698874227950&lmt=1698874227&adxs=310&adys=140&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fpastelink.net%2F3t5ilv84&vis=1&psz=728x90&msz=728x90&fws=516&ohw=1600&ga_vid=1833405134.1698874225&ga_sid=1698874227&ga_hid=681257193&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRih8q3muDFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBii8q3muDFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGKLyrea4MUgAUgIIZBIZCgpwdWJjaWQub3JnGKLyrea4MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRii8q3muDFIAFICCGQSFwoIcnRiaG91c2UYovKt5rgxSABSAghkEhQKBW9wZW54GKLyrea4MUgAUgIIZBIZCgp1aWRhcGkuY29tGKLyrea4MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YovKt5rgxSABSAghk&cbidsp=CtYCCAESGQoIcHVibWF0aWMQ7wMgAlIIcHVibWF0aWMSFQoGY3JpdGVvEJQEIAJSBmNyaXRlbxIPCgNhbXgQ9QIgAlIDYW14EhUKBm9uZXRhZxCDBCACUgZvbmV0YWcSHwoLc21pbGV3YW50ZWQQ0A8gA1ILc21pbGV3YW50ZWQSFwoHeWllbGRtbxDXAyACUgd5aWVsZG1vEiEKDHNoYXJldGhyb3VnaBD-AiACUgxzaGFyZXRocm91Z2gSGwoJYWR5b3VsaWtlEOQGIAJSCWFkeW91bGlrZRIjCghvZnRtZWRpYRD5AiACUghhcHBuZXh1c1IIb2Z0bWVkaWESHQoKbHVwb25tZWRpYRDgAiACUgpsdXBvbm1lZGlhGAIiJDJiNWVkNGIzLWJjZGYtNGM2Ni04YzFjLTE0ODFiZmNlNDg3ZCoECAMgADIHdjguMTYuMEDQD0oA&dlt=1698874223774&idt=3166&prev_scp=a%3D%257C0%257C%26iid1%3D8842674643416426%26eid%3D8842674643416426%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1104%26sap%3D1104%26as%3Drevenue%26plat%3D1%26bra%3Dmod182-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D6%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dpastelink_net-box-2-8842674643416426%26eb_br%3Da495ce7dbb4cefcd3e0a722048894f41%26eba%3D1%26ebss%3D10061%26bv%3D11%26bvm%3D0%26bvr%3D1%26avc%3D38%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D100%26br2%3D50%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26icsticky%3D1%26stl%3D157%2C14%2C0%2C4%2C0%2C193%2C142%2C20%2C157%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C760%2C761%2C815%2C816%2C817%2C818%2C899%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3933%2C4184%2C4185%2C4186%2C4604%2C4605%2C5747%2C6293%2C6294%2C6295&adks=3611101832&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
aaca8b3e90f354ceb963d2ce112cd68a2dce76b711d6a802000addf0e7ffbb77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:29 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
270
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		625 B
452 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4190647440363764&correlator=1831391554585360&eid=31079165%2C31079302%2C31078530%2C31079371&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-edge-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600&fluid=height&ifi=5&didk=303732042&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698874227959&lmt=1698874227&adxs=0&adys=300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fpastelink.net%2F3t5ilv84&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=1600&ga_vid=1833405134.1698874225&ga_sid=1698874227&ga_hid=681257193&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRih8q3muDFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBii8q3muDFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGKLyrea4MUgAUgIIZBIZCgpwdWJjaWQub3JnGKLyrea4MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRii8q3muDFIAFICCGQSFwoIcnRiaG91c2UYovKt5rgxSABSAghkEhQKBW9wZW54GKLyrea4MUgAUgIIZBIZCgp1aWRhcGkuY29tGKLyrea4MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YovKt5rgxSABSAghk&cbidsp=CpYCCAESFQoGY3JpdGVvEJQEIAJSBmNyaXRlbxIPCgNhbXgQ9QIgAlIDYW14EhUKBm9uZXRhZxCDBCACUgZvbmV0YWcSHwoLc21pbGV3YW50ZWQQ0A8gA1ILc21pbGV3YW50ZWQSFwoHeWllbGRtbxDXAyACUgd5aWVsZG1vEiEKDHNoYXJldGhyb3VnaBD-AiACUgxzaGFyZXRocm91Z2gSGwoJYWR5b3VsaWtlEOQGIAJSCWFkeW91bGlrZRIdCgpsdXBvbm1lZGlhEOECIAJSCmx1cG9ubWVkaWEYAiIkZGNiZTg1NjAtZTBiYS00YzM3LWJjZTktMDJhMDQ0YjFjOTczKgQIAyAAMgd2OC4xNi4wQNAPSgA.&dlt=1698874223774&idt=3166&prev_scp=a%3D%257C0%257C%26iid1%3D309122679379223%26eid%3D309122679379223%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26as%3Drevenue%26plat%3D1%26bra%3Dmod182-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D38%26al%3D1038%26compid%3D0%26tap%3Dpastelink_net-edge-1-309122679379223%26eb_br%3Da495ce7dbb4cefcd3e0a722048894f41%26eba%3D1%26ebss%3D10061%26bv%3D11%26bvm%3D0%26bvr%3D1%26avc%3D38%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D100%26br2%3D50%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C6293%2C6294%2C6295&adks=2076075791&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
c80f26852c5c3cdf30041c656b2410f4805a7c1c9de9ee54854d0d08ebdce85c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:29 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
273
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		636 B
457 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4190647440363764&correlator=1831391554585360&eid=31079165%2C31079302%2C31078530%2C31079371&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C336x280%7C300x600%7C160x600&fluid=height&ifi=6&didk=3975025521&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698874227966&lmt=1698874227&adxs=1081&adys=730&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fpastelink.net%2F3t5ilv84&vis=1&psz=300x250&msz=300x0&fws=4&ohw=1600&ga_vid=1833405134.1698874225&ga_sid=1698874227&ga_hid=681257193&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRih8q3muDFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBii8q3muDFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGKLyrea4MUgAUgIIZBIZCgpwdWJjaWQub3JnGKLyrea4MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRii8q3muDFIAFICCGQSFwoIcnRiaG91c2UYovKt5rgxSABSAghkEhQKBW9wZW54GKLyrea4MUgAUgIIZBIZCgp1aWRhcGkuY29tGKLyrea4MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YovKt5rgxSABSAghk&cbidsp=CvwCCAESGQoIcHVibWF0aWMQ7wMgAlIIcHVibWF0aWMSFQoGY3JpdGVvEJMEIAJSBmNyaXRlbxIPCgNhbXgQ9QIgAlIDYW14EjsKBm9uZXRhZxCDBBokCg83OTY1M2QzYTg4MzQ1M2YQjugDGgNVU0QoAToGCKwCENgEIAFSBm9uZXRhZxIfCgtzbWlsZXdhbnRlZBDQDyADUgtzbWlsZXdhbnRlZBIXCgd5aWVsZG1vENcDIAJSB3lpZWxkbW8SIQoMc2hhcmV0aHJvdWdoEP4CIAJSDHNoYXJldGhyb3VnaBIbCglhZHlvdWxpa2UQ5AYgAlIJYWR5b3VsaWtlEiMKCG9mdG1lZGlhEPkCIAJSCGFwcG5leHVzUghvZnRtZWRpYRIdCgpsdXBvbm1lZGlhEOACIAJSCmx1cG9ubWVkaWEYAiIkMTlkN2U2YzgtZDg3Mi00OWRiLThmNjMtMWQ5OGE3OTU5ODM0KgQIAyAAMgd2OC4xNi4wQNAPSgA.&dlt=1698874223774&idt=3166&prev_scp=a%3D%257C0%257C%26iid1%3D5694330683411829%26eid%3D5694330683411829%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1108%26sap%3D1108%26as%3Drevenue%26plat%3D1%26bra%3Dmod182-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D5%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D34%26al%3D1034%26compid%3D0%26tap%3Dpastelink_net-large-billboard-2-5694330683411829%26eb_br%3Db355e9227b551c119a30a68852723b62%26eba%3D1%26ebss%3D10061%26bv%3D11%26bvm%3D0%26bvr%3D1%26avc%3D38%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D90%26br2%3D44%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C193%2C0%2C4%2C0%2C193%2C142%2C20%2C157%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D17%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C6293%2C6294%2C6295%26hb_bidder%3Donetag%26hb_adid%3D77aa9458c6f5995%26hb_format%3Dbanner%26hb_ssid%3D11291%26hb_opt%3D0.07%26hb_rt%3Dclient&adks=1940198536&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
7ff5b2007ed12ff3da8b5dd4ba0be0783335f042fc29b63435b3df56dd02180d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:30 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
278
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		632 B
462 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4190647440363764&correlator=1831391554585360&eid=31079165%2C31079302%2C31078530%2C31079371&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ifi=7&didk=4157619326&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698874227978&lmt=1698874227&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fpastelink.net%2F3t5ilv84&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&ga_vid=1833405134.1698874225&ga_sid=1698874227&ga_hid=681257193&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRih8q3muDFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBii8q3muDFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGKLyrea4MUgAUgIIZBIZCgpwdWJjaWQub3JnGKLyrea4MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRii8q3muDFIAFICCGQSFwoIcnRiaG91c2UYovKt5rgxSABSAghkEhQKBW9wZW54GKLyrea4MUgAUgIIZBIZCgp1aWRhcGkuY29tGKLyrea4MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YovKt5rgxSABSAghk&cbidsp=CrECCAESGQoIcHVibWF0aWMQ7wMgAlIIcHVibWF0aWMSFQoGY3JpdGVvEJQEIAJSBmNyaXRlbxIPCgNhbXgQ9QIgAlIDYW14EhUKBm9uZXRhZxCDBCACUgZvbmV0YWcSHwoLc21pbGV3YW50ZWQQ0A8gA1ILc21pbGV3YW50ZWQSFwoHeWllbGRtbxDXAyACUgd5aWVsZG1vEiEKDHNoYXJldGhyb3VnaBD-AiACUgxzaGFyZXRocm91Z2gSGwoJYWR5b3VsaWtlEOQGIAJSCWFkeW91bGlrZRIdCgpsdXBvbm1lZGlhEOECIAJSCmx1cG9ubWVkaWEYAiIkZGU0ZjIzZmEtZjU3NS00MzE5LTk2M2QtZTc3YmQ4MTY3YzE2KgQIAyAAMgd2OC4xNi4wQNAPSgA.&dlt=1698874223774&idt=3166&prev_scp=a%3D%257C0%257C%26iid1%3D789403421351814%26eid%3D789403421351814%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod182-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dpastelink_net-medrectangle-2-789403421351814%26eb_br%3Daf063c244089b52ec5a0423a258f1f8e%26eba%3D1%26ebss%3D10061%26bv%3D12%26bvm%3D0%26bvr%3D2%26avc%3D38%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D140%26br2%3D70%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C193%2C0%2C4%2C0%2C193%2C142%2C20%2C157%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C4605%2C5747%2C6293%2C6294%2C6295&adks=3667244470&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
46741055435fbb7a9c4232d2cd616fac2e3c95a35fd8abee56d1bf4cafcea2f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:29 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
283
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		625 B
449 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4190647440363764&correlator=1831391554585360&eid=31079165%2C31079302%2C31078530%2C31079371&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-edge-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600&fluid=height&ifi=8&didk=303733059&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698874227984&lmt=1698874227&adxs=1440&adys=300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fpastelink.net%2F3t5ilv84&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=1600&ga_vid=1833405134.1698874225&ga_sid=1698874227&ga_hid=681257193&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRih8q3muDFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBii8q3muDFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGKLyrea4MUgAUgIIZBIZCgpwdWJjaWQub3JnGKLyrea4MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRii8q3muDFIAFICCGQSFwoIcnRiaG91c2UYovKt5rgxSABSAghkEhQKBW9wZW54GKLyrea4MUgAUgIIZBIZCgp1aWRhcGkuY29tGKLyrea4MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YovKt5rgxSABSAghk&cbidsp=CpYCCAESFQoGY3JpdGVvEJQEIAJSBmNyaXRlbxIPCgNhbXgQ9QIgAlIDYW14EhUKBm9uZXRhZxCDBCACUgZvbmV0YWcSHwoLc21pbGV3YW50ZWQQ0A8gA1ILc21pbGV3YW50ZWQSFwoHeWllbGRtbxDXAyACUgd5aWVsZG1vEiEKDHNoYXJldGhyb3VnaBD-AiACUgxzaGFyZXRocm91Z2gSGwoJYWR5b3VsaWtlEOQGIAJSCWFkeW91bGlrZRIdCgpsdXBvbm1lZGlhEOECIAJSCmx1cG9ubWVkaWEYAiIkMmY2ZDRlMTktYjJjNy00MDVmLTk0MGUtODcyNTQ3ZDc5MGQ0KgQIAyAAMgd2OC4xNi4wQNAPSgA.&dlt=1698874223774&idt=3166&prev_scp=a%3D%257C0%257C%26iid1%3D517030417358950%26eid%3D517030417358950%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26as%3Drevenue%26plat%3D1%26bra%3Dmod182-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D39%26al%3D1039%26compid%3D0%26tap%3Dpastelink_net-edge-2-517030417358950%26eb_br%3Db355e9227b551c119a30a68852723b62%26eba%3D1%26ebss%3D10061%26bv%3D11%26bvm%3D0%26bvr%3D1%26avc%3D38%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D90%26br2%3D44%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C6293%2C6294%2C6295&adks=3817599677&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
5742fd5f5732b0624b73dd0b75e3254f27006d05a8df9140d46096641ba86174
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:30 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
271
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		624 B
447 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4190647440363764&correlator=1831391554585360&eid=31079165%2C31079302%2C31078530%2C31079371&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=9&didk=3113576587&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698874227997&lmt=1698874227&adxs=1081&adys=473&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fpastelink.net%2F3t5ilv84&vis=1&psz=300x250&msz=300x0&fws=4&ohw=1600&ga_vid=1833405134.1698874225&ga_sid=1698874227&ga_hid=681257193&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRih8q3muDFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBii8q3muDFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGKLyrea4MUgAUgIIZBIZCgpwdWJjaWQub3JnGKLyrea4MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRii8q3muDFIAFICCGQSFwoIcnRiaG91c2UYovKt5rgxSABSAghkEhQKBW9wZW54GKLyrea4MUgAUgIIZBIZCgp1aWRhcGkuY29tGKLyrea4MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YovKt5rgxSABSAghk&cbidsp=CqIDCAESGQoIcHVibWF0aWMQ7wMgAlIIcHVibWF0aWMSFQoGY3JpdGVvEJMEIAJSBmNyaXRlbxIPCgNhbXgQ9QIgAlIDYW14EjsKBm9uZXRhZxCCBBokCg83ODhiYjM1YjA0ZWIyNWQQi5MCGgNVU0QoAToGCKwCEPoBIAFSBm9uZXRhZxIfCgtzbWlsZXdhbnRlZBDQDyADUgtzbWlsZXdhbnRlZBI9Cgd5aWVsZG1vENUDGiQKDzc2YTM1Mjk1ZTJhNmRjNxDhlAUaA1VTRCgBOgYIrAIQ-gEgAVIHeWllbGRtbxIhCgxzaGFyZXRocm91Z2gQ_gIgAlIMc2hhcmV0aHJvdWdoEhsKCWFkeW91bGlrZRDkBiACUglhZHlvdWxpa2USIwoIb2Z0bWVkaWEQ-QIgAlIIYXBwbmV4dXNSCG9mdG1lZGlhEh0KCmx1cG9ubWVkaWEQ4AIgAlIKbHVwb25tZWRpYRgCIiQ1NWJmMDUyNC03NjIwLTQyNjYtODZkMC02MDc1NGJiMTUyZjEqBAgDIAAyB3Y4LjE2LjBA0A9KAA..&dlt=1698874223774&idt=3166&prev_scp=a%3D%257C0%257C%26iid1%3D5454654195382733%26eid%3D5454654195382733%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1106%26sap%3D1106%26as%3Drevenue%26plat%3D1%26bra%3Dmod182-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dpastelink_net-box-1-5454654195382733%26eb_br%3Da495ce7dbb4cefcd3e0a722048894f41%26eba%3D1%26ebss%3D10061%26bv%3D11%26bvm%3D0%26bvr%3D1%26avc%3D38%26shp%3D3%26ftsn%3D12%26ftsng%3D12%26br1%3D100%26br2%3D50%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C193%2C0%2C4%2C0%2C193%2C88%2C20%2C157%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C6293%2C6294%2C6295%26hb_bidder%3Dyieldmo%26hb_adid%3D76a35295e2a6dc7%26hb_format%3Dbanner%26hb_ssid%3D11315%26hb_opt%3D0.08%26hb_rt%3Dclient&adks=2280168990&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
970358058c7a4397d9966980f7668e89c4a87f2619e9fa4d6119af1498c3396b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:30 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
268
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
capi.connatix.com/tr/ 		0
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/tr/si?token=dceed97a-951e-4c47-b565-c2794ffae817&cid=5f049401-746e-4449-8c27-b6b9d8e25882
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
81f73d4e6be90221-ZRH
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
connatix.player.dc.js
cds.connatix.com/p/368057/ Frame 722B
Redirect Chain
  • https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
  • https://cds.connatix.com/p/368057/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882&tier=1
1 MB
296 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/368057/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882&tier=1
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cb2f9d5751adddc5dbb6b84f3acb99d61a76bf394924b8c31ee273d89165770

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:32 GMT
x-amz-version-id
MluEp7s3oUctSkD40wYa.cJqX4f5UGGj
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 01 Nov 2023 14:04:33 GMT
server
cloudflare
etag
W/"3a2f27301e0cab1043d55c42372fbf10"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
81f73d50993701f4-ZRH
access-control-allow-headers
range
expires
Thu, 31 Oct 2024 21:30:32 GMT

Redirect headers

date
Wed, 01 Nov 2023 21:30:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
location
https://cds.connatix.com/p/368057/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882&tier=1
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
81f73d4e5d7701f4-ZRH
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
greenoaks.gif
g.ezoic.net/detroitchicago/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhNjYwNTEyMC01NTE2LTRlNmMtNTUzMi00NzIyOGZlNTE3YWIiLCJkb21haW5faWQiOiIyNTE3ODYiLCJ0X2Vwb2NoIjoxNjk4ODc0MjI0LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYTY2MDUxMjAtNTUxNi00ZTZjLTU1MzItNDcyMjhmZTUxN2FiIiwiZG9tYWluX2lkIjoiMjUxNzg2IiwidF9lcG9jaCI6MTY5ODg3NDIyNCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMTEtMDEifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIyMiJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIzIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii02MCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImE2NjA1MTIwLTU1MTYtNGU2Yy01NTMyLTQ3MjI4ZmU1MTdhYiIsImRvbWFpbl9pZCI6IjI1MTc4NiIsInRfZXBvY2giOjE2OTg4NzQyMjQsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImE2NjA1MTIwLTU1MTYtNGU2Yy01NTMyLTQ3MjI4ZmU1MTdhYiIsImRvbWFpbl9pZCI6IjI1MTc4NiIsInRfZXBvY2giOjE2OTg4NzQyMjQsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYTY2MDUxMjAtNTUxNi00ZTZjLTU1MzItNDcyMjhmZTUxN2FiIiwiZG9tYWluX2lkIjoiMjUxNzg2IiwidF9lcG9jaCI6MTY5ODg3NDIyNCwiZGF0YSI6W3sibmFtZSI6InRpbWVyX2ZpcnN0X2FkX3JlcXVlc3QiLCJ2YWwiOiIzNjU3In1dfV0=
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Wed, 01 Nov 2023 21:30:31 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 31 Oct 2023 21:30:31 GMT
fed
ups.analytics.yahoo.com/ups/58813/ 		0
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&v=1&url=https%3A%2F%2Fpastelink.net%2F3t5ilv84
Requested by
Host: connectid.analytics.yahoo.com
URL: https://connectid.analytics.yahoo.com/connectId-gpt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:29 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
https://pastelink.net
content-type
application/json
access-control-allow-credentials
true
content-length
0
ads
securepubads.g.doubleclick.net/gampad/ 		385 B
442 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4190647440363764&correlator=1875508486646886&eid=31079165%2C31079302%2C31078530%2C31079371&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-edge-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600&fluid=height&ifi=10&didk=303732042&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3Dff2e0ed0d8605e35%3AT%3D1698874228%3ART%3D1698874228%3AS%3DALNI_MaiLXmJRIP3O2hSp9XLZBdB0BfD2w&gpic=UID%3D00000cb10214baa1%3AT%3D1698874228%3ART%3D1698874228%3AS%3DALNI_Mb3VUarezsVYD08yShfFzCJgQEq7g&abxe=1&dt=1698874229525&lmt=1698874229&adxs=0&adys=300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fpastelink.net%2F3t5ilv84&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=1600&psts=AOrYGslq4ncJzW-mR8UwjCiIwrZNWrGxr1KbORdIZNWzOH3l%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1833405134.1698874225&ga_sid=1698874227&ga_hid=681257193&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRipgK7muDFIAFICCG8SHAoNY3J3ZGNudHJsLm5ldBii8q3muDFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGKLyrea4MUgAUgIIZBIZCgpwdWJjaWQub3JnGKLyrea4MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRii8q3muDFIAFICCGQSFwoIcnRiaG91c2UYovKt5rgxSABSAghkEhQKBW9wZW54GKLyrea4MUgAUgIIZBIZCgp1aWRhcGkuY29tGKLyrea4MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YovKt5rgxSABSAghk&dlt=1698874223774&idt=3166&prev_scp=a%3D%257C0%257C%26iid1%3D309122679379223%26eid%3D309122679379223%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26as%3Drevenue%26plat%3D1%26bra%3Dmod182-c%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D38%26al%3D1038%26compid%3D0%26tap%3Dpastelink_net-edge-1-309122679379223%26eb_br%3D3ba982fc4238dd4197b1d51b345478dc%26eba%3D1%26ebss%3D10061%26bv%3D11%26bvm%3D0%26bvr%3D1%26avc%3D38%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D50%26br2%3D50%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C6293%2C6294%2C6295%2C19%2C2688%2C3045%2C4276%26lb%3D100%26reqt%3D1698874229513&adks=2076075791&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
0fe65a17844471485a0e2cee1e8165e69027e88de76a77a3cbe0327743fc1549
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:29 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		387 B
437 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4190647440363764&correlator=4325273897864763&eid=31079165%2C31079302%2C31078530%2C31079371&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-banner-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C336x280%7C160x600%7C300x250%7C300x600&fluid=height&ifi=11&didk=666188455&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3Dff2e0ed0d8605e35%3AT%3D1698874228%3ART%3D1698874228%3AS%3DALNI_MaiLXmJRIP3O2hSp9XLZBdB0BfD2w&gpic=UID%3D00000cb10214baa1%3AT%3D1698874228%3ART%3D1698874228%3AS%3DALNI_Mb3VUarezsVYD08yShfFzCJgQEq7g&abxe=1&dt=1698874229531&lmt=1698874229&adxs=1081&adys=987&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fpastelink.net%2F3t5ilv84&vis=1&psz=336x280&msz=336x250&fws=516&ohw=1600&psts=AOrYGslq4ncJzW-mR8UwjCiIwrZNWrGxr1KbORdIZNWzOH3l%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1833405134.1698874225&ga_sid=1698874227&ga_hid=681257193&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRipgK7muDFIAFICCG8SHAoNY3J3ZGNudHJsLm5ldBii8q3muDFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGKLyrea4MUgAUgIIZBIZCgpwdWJjaWQub3JnGKLyrea4MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRii8q3muDFIAFICCGQSFwoIcnRiaG91c2UYovKt5rgxSABSAghkEhQKBW9wZW54GKLyrea4MUgAUgIIZBIZCgp1aWRhcGkuY29tGKLyrea4MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YovKt5rgxSABSAghk&dlt=1698874223774&idt=3166&prev_scp=a%3D%257C0%257C%26iid1%3D3199110881343318%26eid%3D3199110881343318%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1109%26sap%3D1109%26as%3Drevenue%26plat%3D1%26bra%3Dmod182-c%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D7%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D31%26al%3D1031%26compid%3D0%26tap%3Dpastelink_net-banner-2-3199110881343318%26eb_br%3D3ba982fc4238dd4197b1d51b345478dc%26eba%3D1%26ebss%3D10061%26bv%3D11%26bvm%3D0%26bvr%3D1%26avc%3D38%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D50%26br2%3D50%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D77%2C131%2C0%2C192%2C0%2C168%2C132%2C0%2C71%2C197%2C187%2C0%2C901%2C182%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C6293%2C6294%2C6295%2C19%2C2688%2C3045%2C4276%26hb_bidder%3Donetag%26hb_adid%3D79653d3a883453f%26hb_format%3Dbanner%26hb_ssid%3D11291%26hb_opt%3D0.06%26hb_rt%3Dclient%26lb%3D100%26reqt%3D1698874229517&adks=2804293402&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
8c7865a07da1b9d9eb1256aeda2e62e99fa0de7f5d60498357e6c6cf00bfb367
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:29 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		933 B
735 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4190647440363764&correlator=45502344818566&eid=31079165%2C31079302%2C31078530%2C31079371&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-pixel1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=12&didk=3466210712&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3Dff2e0ed0d8605e35%3AT%3D1698874228%3ART%3D1698874228%3AS%3DALNI_MaiLXmJRIP3O2hSp9XLZBdB0BfD2w&gpic=UID%3D00000cb10214baa1%3AT%3D1698874228%3ART%3D1698874228%3AS%3DALNI_Mb3VUarezsVYD08yShfFzCJgQEq7g&abxe=1&dt=1698874229541&lmt=1698874229&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fpastelink.net%2F3t5ilv84&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1833405134.1698874225&ga_sid=1698874227&ga_hid=681257193&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRipgK7muDFIAFICCG8SHAoNY3J3ZGNudHJsLm5ldBii8q3muDFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGKLyrea4MUgAUgIIZBIZCgpwdWJjaWQub3JnGKLyrea4MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRii8q3muDFIAFICCGQSFwoIcnRiaG91c2UYovKt5rgxSABSAghkEhQKBW9wZW54GKLyrea4MUgAUgIIZBIZCgp1aWRhcGkuY29tGKLyrea4MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YovKt5rgxSABSAghk&dlt=1698874223774&idt=3166&prev_scp=ezoic%3D1%26d%3D251786%26avc%3D92%26br1%3D0%26iid1%3D4920978483350591%26reft%3Dn%26eb_br%3Dzero%26tap%3Dpastelink_net-pixel1-4920978483350591%26ap%3D9999%26br2%3D90%26ga%3D2497208%26bvr%3D0%26bra%3Dmod182-c%26al%3D1006%26ic%3D2%26adxf%3D1%26lb%3D140%26at%3Dbf%26ss38%3D1%26ss9%3D1&adks=2114093674&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
8ce315ab2156a5aace70c98db4dfef7e593bc7c9b32699492587ebf8ec53e052
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:30 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
431
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		383 B
439 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4190647440363764&correlator=36171304706796&eid=31079165%2C31079302%2C31078530%2C31079371&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=13&didk=3113486611&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D957c23cf8e7d0376%3AT%3D1698874228%3ART%3D1698874228%3AS%3DALNI_MaRp-VdvqodsSj5LQZ6ZO5ZahJaZw&gpic=UID%3D00000cb100ad41dc%3AT%3D1698874228%3ART%3D1698874228%3AS%3DALNI_MYIjZ-KJbVA2GUQpVaLfIW9HP7QYA&abxe=1&dt=1698874229562&lmt=1698874229&adxs=310&adys=140&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fpastelink.net%2F3t5ilv84&vis=1&psz=728x90&msz=728x90&fws=516&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1833405134.1698874225&ga_sid=1698874227&ga_hid=681257193&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRipgK7muDFIAFICCG8SHAoNY3J3ZGNudHJsLm5ldBii8q3muDFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGKLyrea4MUgAUgIIZBIZCgpwdWJjaWQub3JnGKLyrea4MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRii8q3muDFIAFICCGQSFwoIcnRiaG91c2UYovKt5rgxSABSAghkEhQKBW9wZW54GKLyrea4MUgAUgIIZBIZCgp1aWRhcGkuY29tGKLyrea4MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YovKt5rgxSABSAghk&dlt=1698874223774&idt=3166&prev_scp=a%3D%257C0%257C%26iid1%3D8842674643416426%26eid%3D8842674643416426%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1104%26sap%3D1104%26as%3Drevenue%26plat%3D1%26bra%3Dmod182-c%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D6%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dpastelink_net-box-2-8842674643416426%26eb_br%3D3ba982fc4238dd4197b1d51b345478dc%26eba%3D1%26ebss%3D10061%26bv%3D11%26bvm%3D0%26bvr%3D1%26avc%3D38%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D50%26br2%3D50%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26icsticky%3D1%26stl%3D157%2C14%2C0%2C4%2C0%2C193%2C142%2C20%2C157%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C760%2C761%2C815%2C816%2C817%2C818%2C899%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3933%2C4184%2C4185%2C4186%2C4604%2C4605%2C5747%2C6293%2C6294%2C6295%2C19%2C2688%2C3045%2C4276%26lb%3D100%26reqt%3D1698874229547&adks=3611101832&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
65c81184188dbad62e30ef303bca3f40738d98a398fe95b39cca95b249c67765
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:29 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		398 B
458 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4190647440363764&correlator=1558314699658724&eid=31079165%2C31079302%2C31078530%2C31079371&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ifi=14&didk=4157619326&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3Dd9acb04ff01b3edb%3AT%3D1698874228%3ART%3D1698874228%3AS%3DALNI_MaOahL4YPKDEcIw_WhuMvMd1MWs0w&gpic=UID%3D00000cb100b23375%3AT%3D1698874228%3ART%3D1698874228%3AS%3DALNI_MbH27wQJuEq2QJ_VuIm-0rJKeNBew&abxe=1&dt=1698874229884&lmt=1698874229&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fpastelink.net%2F3t5ilv84&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1833405134.1698874225&ga_sid=1698874227&ga_hid=681257193&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRipgK7muDFIAFICCG8SHAoNY3J3ZGNudHJsLm5ldBii8q3muDFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGKLyrea4MUgAUgIIZBIZCgpwdWJjaWQub3JnGKLyrea4MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRii8q3muDFIAFICCGQSFwoIcnRiaG91c2UYovKt5rgxSABSAghkEhQKBW9wZW54GKLyrea4MUgAUgIIZBIZCgp1aWRhcGkuY29tGKLyrea4MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YovKt5rgxSABSAghk&dlt=1698874223774&idt=3166&prev_scp=a%3D%257C0%257C%26iid1%3D789403421351814%26eid%3D789403421351814%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod182-c%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dpastelink_net-medrectangle-2-789403421351814%26eb_br%3D527e52c10635ac8136a4c84094ee49a8%26eba%3D1%26ebss%3D10061%26bv%3D12%26bvm%3D0%26bvr%3D2%26avc%3D38%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D70%26br2%3D70%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C193%2C0%2C4%2C0%2C193%2C142%2C20%2C157%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C4605%2C5747%2C6293%2C6294%2C6295%2C19%2C2610%2C2688%2C3045%26lb%3D140%26reqt%3D1698874229881&adks=3667244470&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
2db8a17071a84db871db43c811fff45f70d7c585008ea4c173ba6967eb318642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:30 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
army.gif
g.ezoic.net/porpoiseant/ 		0
62 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDkyMDk3ODQ4MzM1MDU5MSIsImRvbWFpbl9pZCI6IjI1MTc4NiIsInVuaXQiOiJwYXN0ZWxpbmtfbmV0LXBpeGVsMSIsInRfZXBvY2giOjE2OTg4NzQyMjQsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImE2NjA1MTIwLTU1MTYtNGU2Yy01NTMyLTQ3MjI4ZmU1MTdhYiIsImNvbXBfaWQiOm51bGwsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMiJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Wed, 01 Nov 2023 21:30:31 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 31 Oct 2023 21:30:31 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		396 B
220 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4190647440363764&correlator=3379529452683629&eid=31079165%2C31079302%2C31078530%2C31079371&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C336x280%7C300x600%7C160x600&fluid=height&ifi=15&didk=3975025521&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3Df06204d5677ae314%3AT%3D1698874228%3ART%3D1698874228%3AS%3DALNI_MZXiS239y09eOrPbynh6ew221EFuQ&gpic=UID%3D00000cb102362b68%3AT%3D1698874228%3ART%3D1698874228%3AS%3DALNI_MayksNvmVH9dtxIRyxSP-dUCIMYzg&abxe=1&dt=1698874230161&lmt=1698874230&adxs=1081&adys=730&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fpastelink.net%2F3t5ilv84&vis=1&psz=300x250&msz=300x0&fws=4&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslS2Cp0wHjsM8BO_O5FssrnRkjVi_oiPlCW15OFUs3Y&ga_vid=1833405134.1698874225&ga_sid=1698874227&ga_hid=681257193&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRipgK7muDFIAFICCG8SHAoNY3J3ZGNudHJsLm5ldBii8q3muDFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGKLyrea4MUgAUgIIZBIZCgpwdWJjaWQub3JnGKLyrea4MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRii8q3muDFIAFICCGQSFwoIcnRiaG91c2UYovKt5rgxSABSAghkEhQKBW9wZW54GKLyrea4MUgAUgIIZBIZCgp1aWRhcGkuY29tGKLyrea4MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YovKt5rgxSABSAghk&dlt=1698874223774&idt=3166&prev_scp=a%3D%257C0%257C%26iid1%3D5694330683411829%26eid%3D5694330683411829%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1108%26sap%3D1108%26as%3Drevenue%26plat%3D1%26bra%3Dmod182-c%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D5%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D34%26al%3D1034%26compid%3D0%26tap%3Dpastelink_net-large-billboard-2-5694330683411829%26eb_br%3Dfe5b0c99ab7ba15f050582be1301303f%26eba%3D1%26ebss%3D10061%26bv%3D11%26bvm%3D0%26bvr%3D1%26avc%3D38%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D46%26br2%3D44%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C193%2C0%2C4%2C0%2C193%2C142%2C20%2C157%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D17%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C6293%2C6294%2C6295%2C2693%2C3045%2C4276%26hb_bidder%3Donetag%26hb_adid%3D77aa9458c6f5995%26hb_format%3Dbanner%26hb_ssid%3D11291%26hb_opt%3D0.07%26hb_rt%3Dclient%26lb%3D90%26reqt%3D1698874230158&adks=1940198536&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
97f44af88ef007d4448a88be4dbb10ef5174255be2dfb30d653ea18fd79751f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:30 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
143
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		391 B
221 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4190647440363764&correlator=282641360252487&eid=31079165%2C31079302%2C31078530%2C31079371&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-edge-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600&fluid=height&ifi=16&didk=303733059&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3De4c1a5be2bad0ae0%3AT%3D1698874228%3ART%3D1698874228%3AS%3DALNI_MYWH-qWDiRlH9_svJvZlu7R2Ct0CA&gpic=UID%3D00000cb100a95613%3AT%3D1698874228%3ART%3D1698874228%3AS%3DALNI_MZR3Lx2YlaRt_rz9Z-nWV4FkfNYgw&abxe=1&dt=1698874230404&lmt=1698874230&adxs=1440&adys=300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fpastelink.net%2F3t5ilv84&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslS2Cp0wHjsM8BO_O5FssrnRkjVi_oiPlCW15OFUs3Y&ga_vid=1833405134.1698874225&ga_sid=1698874227&ga_hid=681257193&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRipgK7muDFIAFICCG8SHAoNY3J3ZGNudHJsLm5ldBii8q3muDFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGKLyrea4MUgAUgIIZBIZCgpwdWJjaWQub3JnGKLyrea4MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRii8q3muDFIAFICCGQSFwoIcnRiaG91c2UYovKt5rgxSABSAghkEhQKBW9wZW54GKLyrea4MUgAUgIIZBIZCgp1aWRhcGkuY29tGKLyrea4MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YovKt5rgxSABSAghk&dlt=1698874223774&idt=3166&prev_scp=a%3D%257C0%257C%26iid1%3D517030417358950%26eid%3D517030417358950%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26as%3Drevenue%26plat%3D1%26bra%3Dmod182-c%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D39%26al%3D1039%26compid%3D0%26tap%3Dpastelink_net-edge-2-517030417358950%26eb_br%3Dfe5b0c99ab7ba15f050582be1301303f%26eba%3D1%26ebss%3D10061%26bv%3D11%26bvm%3D0%26bvr%3D1%26avc%3D38%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D46%26br2%3D44%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C6293%2C6294%2C6295%2C2693%2C3045%2C4276%26lb%3D90%26reqt%3D1698874230400&adks=3817599677&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
4791b946c38fb7a1b5312cdda6648ebf26545b66ab5442ca55e8e5b3fbc30745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:30 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
144
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		390 B
216 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4190647440363764&correlator=222848418480262&eid=31079165%2C31079302%2C31078530%2C31079371&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=17&didk=3113576587&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3Dfba99a7232a66101%3AT%3D1698874228%3ART%3D1698874228%3AS%3DALNI_MY8n8m-YLz8RXr1tshiw0lvvLjb1w&gpic=UID%3D00000cb101e21ccf%3AT%3D1698874228%3ART%3D1698874228%3AS%3DALNI_MbZgk5tXHrda4k3l-TdZen-fsgnSQ&abxe=1&dt=1698874230664&lmt=1698874230&adxs=1081&adys=473&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fpastelink.net%2F3t5ilv84&vis=1&psz=300x250&msz=300x0&fws=4&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslS2Cp0wHjsM8BO_O5FssrnRkjVi_oiPlCW15OFUs3Y&ga_vid=1833405134.1698874225&ga_sid=1698874227&ga_hid=681257193&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRipgK7muDFIAFICCG8SHAoNY3J3ZGNudHJsLm5ldBii8q3muDFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGKLyrea4MUgAUgIIZBIZCgpwdWJjaWQub3JnGKLyrea4MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRii8q3muDFIAFICCGQSFwoIcnRiaG91c2UYovKt5rgxSABSAghkEhQKBW9wZW54GKLyrea4MUgAUgIIZBIZCgp1aWRhcGkuY29tGKLyrea4MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YovKt5rgxSABSAghk&dlt=1698874223774&idt=3166&prev_scp=a%3D%257C0%257C%26iid1%3D5454654195382733%26eid%3D5454654195382733%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1106%26sap%3D1106%26as%3Drevenue%26plat%3D1%26bra%3Dmod182-c%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dpastelink_net-box-1-5454654195382733%26eb_br%3D3ba982fc4238dd4197b1d51b345478dc%26eba%3D1%26ebss%3D10061%26bv%3D11%26bvm%3D0%26bvr%3D1%26avc%3D38%26shp%3D3%26ftsn%3D12%26ftsng%3D12%26br1%3D50%26br2%3D50%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C193%2C0%2C4%2C0%2C193%2C88%2C20%2C157%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C6293%2C6294%2C6295%2C19%2C2688%2C3045%2C4276%26hb_bidder%3Dyieldmo%26hb_adid%3D76a35295e2a6dc7%26hb_format%3Dbanner%26hb_ssid%3D11315%26hb_opt%3D0.08%26hb_rt%3Dclient%26lb%3D100%26reqt%3D1698874230659&adks=2280168990&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
39596e30c50151227833090f7ad2aabb5046c4a4ae5e326a6735e6c97f0727f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:31 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
143
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fpastelink.net%2F3t5ilv84&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fpastelink.net%2F3t5ilv84&rid=esp&cc=1
85 B
193 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fpastelink.net%2F3t5ilv84&rid=esp&cc=1
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
afcd7eae5d0720a264f530e379454b66d413ceb9c11c333da026a8cc2c1cb54d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:31 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-CAXoe0TUmZ0jf/rHdFKI53DLOeU"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Wed, 01 Nov 2023 21:30:31 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://pastelink.net
location
/esp?url=https%3A%2F%2Fpastelink.net%2F3t5ilv84&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpastelink.net%2F&domain=pastelink.net&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://pastelink.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 01 Nov 2023 21:30:31 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
191459
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
/
id.a-mx.com/sync/ 		0
0
fed
ups.analytics.yahoo.com/ups/58713/ 		0
210 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58713/fed?v=1&1p=0&gdpr=0&gdpr_consent=&us_privacy=&url=https://pastelink.net/3t5ilv84&pixelId=58713
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 01 Nov 2023 21:30:30 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
https://pastelink.net
content-type
application/json
access-control-allow-credentials
true
content-length
0
json
gum.criteo.com/sid/ 		2 B
372 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpastelink.net%2F&domain=pastelink.net&cw=1&lsw=1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:31 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
207629
expires
0
pbhid
id.hadron.ad.gt/api/v1/ 		227 B
349 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=524&_it=prebid
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f9d6e081cf4d79d85207e094fb7a4c2e56eec4439d36f2a9192e7fafacfb1e4

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 01 Nov 2023 21:30:31 GMT
content-encoding
gzip
server
cloudflare
allow
POST, OPTIONS, GET
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
81f73d4c6ce66728-AMS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
prebid
id5-sync.com/api/config/ 		135 B
414 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
e6cead609d342bd202f23b8fa86aff54f2503372d68ae63acca87e7dca2bec15
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Wed, 01 Nov 2023 21:30:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ 		152 B
902 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-99-225.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
d76a32c0f67bc0afd51c84000c98148846f284257b7ed16c437b0a21f3ac44c4

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:31 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://pastelink.net
cache-control
no-cache
x-server
10.45.10.149
access-control-allow-credentials
true
content-length
152
expires
0
pbcas
ads.yieldmo.com/ Frame E079 		908 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.46.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-46-203.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ea91280f0bd697d996db882b3b493fddcd2870c0bf2f2b0c24f382249eb48a96

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Wed, 01 Nov 2023 21:30:30 GMT
pragma
no-cache
vary
accept-encoding
isync
visitor.omnitagjs.com/visitor/ Frame 1E5B 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.171.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-171-173.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
85e0cee6200391ca019396a438c1c3d4886d0416015acc2d276d815726c39ed0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1486
content-type
text/html; charset=UTF-8
date
Wed, 01 Nov 2023 21:30:31 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
vary
Accept-Encoding
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
1
x-kong-upstream-latency
9
async_usersync.html
acdn.adnxs.com/dmp/ Frame 61DF 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
41654
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 01 Nov 2023 21:30:31 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 19 Oct 2023 09:55:51 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
3027, 356053
X-Served-By
cache-lga13626-LGA, cache-ams21055-AMS
X-Timer
S1698874231.151281,VS0,VE0
sync-all.html
adxbid.info/ Frame 3BCB 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.98.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be16dce573945b7bbc66dd1eb20fa5949d17d6585f48b2f1ccfa6e7db7240dc6

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81f73d4c5e6f1ca6-AMS
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 01 Nov 2023 21:30:31 GMT
last-modified
Thu, 26 Jan 2023 09:50:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QLZMa3BWU1dzPgGSkMafkLAC%2BqmrDrw7tTlCpRc4jJ6vljy5NxyS3Pnw%2B9YujeQzfL1vokIPMrfiSyeH3BD0cNGPdlWWkZHwJIfssFD%2Fk7P%2BTjNjSYdkpGFwjZ%2FxFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7246 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.96.187 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-96-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=65643
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 01 Nov 2023 21:30:30 GMT
expires
Thu, 02 Nov 2023 15:44:33 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 21BF 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1698874226426
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
048cb71d60d734592926adfb473a3ea744471ff77aa8dfbb03a3a242fbbe3318
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1407
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
isyn
prebid.a-mo.net/ Frame F1A8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Wed, 01 Nov 2023 21:30:30 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
/
csync.smilewanted.com/ Frame 8C1B 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15c5ab257f685e66dbabf646aeb10b4e616dc155b17d8e1b170aa5c1cd8fe32b

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81f73d478bae0a7b-AMS
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 01 Nov 2023 21:30:31 GMT
server
cloudflare
vary
Accept-Encoding
c.gif
c.bing.com/ 		42 B
699 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?Red3=STMS_pd&uid=a7f5f8eb-4037-4c33-8fd6-62c0189e5fad&gpp=&gpp_sid=
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:31 GMT
last-modified
Wed, 30 Aug 2023 19:01:41 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 71F883921A89426D8D38D9397931D8B2 Ref B: AMS04EDGE1411 Ref C: 2023-11-01T21:30:32Z
etag
"8d59566974dbd91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
sync
ssbsync.smartadserver.com/api/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=47&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generic
match.adsrvr.org/track/cmf/ 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:31 GMT
server
Kestrel
content-length
70
content-type
image/gif
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LOG9UQG6-5-KAQ8&gdpr=0
0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LOG9UQG6-5-KAQ8&gdpr=0
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Server
18.194.76.100 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-76-100.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:32 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LOG9UQG6-5-KAQ8&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
402fba8a82f093def2459220061c8d31
Expires
0
usersync.aspx
dis.criteo.com/dis/ 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=41&p=244&cp=sharethrough&cu=1&gdpr=0&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D7658cb1d77a660882b48db06%26source_user_id%3D%40%40CRITEO_USERID%40%40&gpp=&gpp_sid=
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:31 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
209593
expires
Wed, 01 Nov 2023 00:00:00 GMT
increment
id5-sync.com/api/esp/ 		0
228 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Wed, 01 Nov 2023 21:30:31 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
img
sync.mathtag.com/sync/ Frame 21BF 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698874226426
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1075 283b7e3 master zrh zrh-pixel-x27 config_version:"1369" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 21:30:31 GMT
Server
MT3 1075 283b7e3 master zrh zrh-pixel-x27 config_version:"1369"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Wed, 01 Nov 2023 21:30:30 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 21BF 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698874226426
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 21BF
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2393881630050333936
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2393881630050333936
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698874226426
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:31 GMT
an-x-request-uuid
e00902b5-4b46-4b23-a3f7-bf997bfc404c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2393881630050333936
x-proxy-origin
85.218.70.160; 85.218.70.160; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame 21BF
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=319e643acfc0d19b31ebccfe6c174&gdpr_consent=&gdpr=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=319e643acfc0d19b31ebccfe6c174&gdpr_consent=&gdpr=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698874226426
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 21:30:31 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=319e643acfc0d19b31ebccfe6c174&gdpr_consent=&gdpr=1
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1698874231331037-582
Expires
Wed, 01 Nov 2023 21:30:31 GMT
tap.php
pixel.rubiconproject.com/ Frame 21BF 		42 B
775 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=ZVLyMR0Dr3roIgIAg8pgNZ_YvfhvsGFiE0OIxai4wxU
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698874226426
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
402fba8a82f093def2459220061c8d31
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 21BF
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi4zLiOz0Azf5r7jgnQZra-c3_ZqlyuAXSQ
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi4zLiOz0Azf5r7jgnQZra-c3_ZqlyuAXSQ
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698874226426
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi4zLiOz0Azf5r7jgnQZra-c3_ZqlyuAXSQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame 21BF 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698874226426
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:31 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame 21BF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698874226426
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame 21BF
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=kGMBuMzSWhyP5gCYC9ZEXzlwBVAa5Cva2OCnSg0F5jQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=kGMBuMzSWhyP5gCYC9ZEXzlwBVAa5Cva2OCnSg0F5jQ
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698874226426
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 21:30:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WPX8ZVDTM6VXK5YFBVBD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=kGMBuMzSWhyP5gCYC9ZEXzlwBVAa5Cva2OCnSg0F5jQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame 21BF 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698874226426
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:30 GMT
content-length
0
/
onetag-sys.com/match/ Frame 21BF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGIxpgxsnM_tw_mTjRTB17o&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGIxpgxsnM_tw_mTjRTB17o&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698874226426
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGIxpgxsnM_tw_mTjRTB17o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame 21BF 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698874226426
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:31 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 21BF 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698874226426
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:31 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
x.bidswitch.net/ Frame 21BF 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698874226426
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.92.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-92-77.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
sync
ads.yieldmo.com/ Frame E079
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=yieldmo
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LOG9UQC7-1Q-A58P
43 B
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=rc&id=LOG9UQC7-1Q-A58P
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
52.19.46.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-46-203.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:31 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.yieldmo.com/sync?pn_id=rc&id=LOG9UQC7-1Q-A58P
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
Expires
0
sync
ads.yieldmo.com/v000/ Frame E079
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c
  • https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEBfh1feXl-D_ce87VgqLDh4&google_cver=1
43 B
635 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEBfh1feXl-D_ce87VgqLDh4&google_cver=1
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
52.19.46.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-46-203.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:31 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEBfh1feXl-D_ce87VgqLDh4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
299
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame E079 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=3FE9___OOM_49ltyyzsb
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:31 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
ads.yieldmo.com/v000/ Frame E079
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=561118&ev=1&rurl=https%3a%2f%2fads.yieldmo.com/v000/sync?userid=%%VGUID%%&pn_id=pp&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=
  • https://ads.yieldmo.com/v000/sync?userid=ujBaf8EMJnl3&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0
43 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?userid=ujBaf8EMJnl3&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
52.19.46.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-46-203.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:31 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://ads.yieldmo.com/v000/sync?userid=ujBaf8EMJnl3&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-59d47cf7f8-7hdhf
expires
-1
RX-18b3309c-1213-4463-ae3b-59c8e198f501-003
csync.smilewanted.com/set_partner_userid_get/unruly/ Frame E079
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&zcc=1&cb=1698874231284
  • https://ad.turn.com/r/cs?pid=45&rndcb=1225412530
  • https://sync.1rx.io/usersync/turn/9119690413696387230?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-18b3309c-1213-4463-ae3b-59c8e198f501-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-18b3309c-1213-4463-ae3b-59c...
  • https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-18b3309c-1213-4463-ae3b-59c8e198f501-003
0
566 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-18b3309c-1213-4463-ae3b-59c8e198f501-003
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:34 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-credentials
true
cf-ray
81f73d561edf0a7b-AMS
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

Redirect headers

location
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-18b3309c-1213-4463-ae3b-59c8e198f501-003
date
Wed, 01 Nov 2023 21:30:33 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX18b3309c12134463ae3b59c8e198f501003
content-type
text/html
PugMaster
image6.pubmatic.com/AdServer/ Frame 7246 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=99695644&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
a8a0693d95e59016bded7bcb8e9e16448cf6cad486358cf9d46df952e75e6e2d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 01 Nov 2023 21:30:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
map
bcp.crwdcntrl.net/6/ 		235 B
610 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.54.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-54-88.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
38d24b8ee4fa72b4dfa7c973ce582e199058011a870cfbb2b302713b43cc9a7d

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:31 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://pastelink.net
cache-control
no-cache
x-server
10.45.6.27
access-control-allow-credentials
true
content-length
235
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4190647440363764&correlator=2001360792713590&eid=31079165%2C31079302%2C31078530%2C31079371&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-banner-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C336x280%7C160x600%7C300x250%7C300x600&fluid=height&ifi=18&didk=666188455&sfv=1-0-40&rcs=2&eri=1&sc=1&cookie=ID%3Dfba99a7232a66101%3AT%3D1698874228%3ART%3D1698874228%3AS%3DALNI_MY8n8m-YLz8RXr1tshiw0lvvLjb1w&gpic=UID%3D00000cb101e21ccf%3AT%3D1698874228%3ART%3D1698874228%3AS%3DALNI_MbZgk5tXHrda4k3l-TdZen-fsgnSQ&abxe=1&dt=1698874231057&lmt=1698874231&adxs=1081&adys=987&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fpastelink.net%2F3t5ilv84&vis=1&psz=336x280&msz=336x250&fws=516&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslS2Cp0wHjsM8BO_O5FssrnRkjVi_oiPlCW15OFUs3Y&ga_vid=1833405134.1698874225&ga_sid=1698874227&ga_hid=681257193&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYovKt5rgxSABSAghkEhsKDDMzYWNyb3NzLmNvbRii8q3muDFIAFICCGQSGQoKcHViY2lkLm9yZxii8q3muDFIAFICCGQSGAoJeWFob28uY29tGKmArua4MUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRii8q3muDFIAFICCGQSFwoIcnRiaG91c2UYovKt5rgxSABSAghkEhQKBW9wZW54GKLyrea4MUgAUgIIZBIZCgp1aWRhcGkuY29tGKLyrea4MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YovKt5rgxSABSAghk&dlt=1698874223774&idt=3166&prev_scp=a%3D%257C0%257C%26iid1%3D3199110881343318%26eid%3D3199110881343318%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1109%26sap%3D1109%26as%3Drevenue%26plat%3D1%26bra%3Dmod182-c%26ic%3D3%26at%3Dbf%26adr%3D399%26ezosn%3D7%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D31%26al%3D1031%26compid%3D0%26tap%3Dpastelink_net-banner-2-3199110881343318%26eb_br%3D33dd523f8e4dda158f0aa99686dda7f2%26eba%3D1%26ebss%3D10061%26bv%3D11%26bvm%3D0%26bvr%3D1%26avc%3D38%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D6%26br2%3D50%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D77%2C131%2C0%2C192%2C0%2C168%2C132%2C0%2C71%2C197%2C187%2C0%2C901%2C182%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C6293%2C6294%2C6295%2C19%2C2688%2C3045%2C4276%2C18%2C19%2C1428%2C2688%2C2693%2C3045%2C3052%2C3053%2C3856%2C4276%26hb_bidder%3Donetag%26hb_adid%3D79653d3a883453f%26hb_format%3Dbanner%26hb_ssid%3D11291%26hb_opt%3D0.06%26hb_rt%3Dclient%26lb%3D50%26reqt%3D1698874230038%26adxf%3D1%26nam%3D1%26ss38%3D1%26ss9%3D1&adks=2804293402&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
707ddb43b139bb8c34f6815e1aa134629f7776ca24aa1e63b25af3db9c29191d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:31 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11989
x-xss-protection
0
google-lineitem-id
5728075597
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138354426964
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		391 B
217 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4190647440363764&correlator=4463202977377768&eid=31079165%2C31079302%2C31078530%2C31079371&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-edge-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600&fluid=height&ifi=19&didk=303732042&sfv=1-0-40&rcs=2&eri=1&sc=1&cookie=ID%3Dfba99a7232a66101%3AT%3D1698874228%3ART%3D1698874228%3AS%3DALNI_MY8n8m-YLz8RXr1tshiw0lvvLjb1w&gpic=UID%3D00000cb101e21ccf%3AT%3D1698874228%3ART%3D1698874228%3AS%3DALNI_MbZgk5tXHrda4k3l-TdZen-fsgnSQ&abxe=1&dt=1698874231063&lmt=1698874231&adxs=0&adys=300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fpastelink.net%2F3t5ilv84&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslS2Cp0wHjsM8BO_O5FssrnRkjVi_oiPlCW15OFUs3Y&ga_vid=1833405134.1698874225&ga_sid=1698874227&ga_hid=681257193&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYovKt5rgxSABSAghkEhsKDDMzYWNyb3NzLmNvbRii8q3muDFIAFICCGQSGQoKcHViY2lkLm9yZxii8q3muDFIAFICCGQSGAoJeWFob28uY29tGKmArua4MUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRii8q3muDFIAFICCGQSFwoIcnRiaG91c2UYovKt5rgxSABSAghkEhQKBW9wZW54GKLyrea4MUgAUgIIZBIZCgp1aWRhcGkuY29tGKLyrea4MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YovKt5rgxSABSAghk&dlt=1698874223774&idt=3166&prev_scp=a%3D%257C0%257C%26iid1%3D309122679379223%26eid%3D309122679379223%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26as%3Drevenue%26plat%3D1%26bra%3Dmod182-c%26ic%3D3%26at%3Dbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D38%26al%3D1038%26compid%3D0%26tap%3Dpastelink_net-edge-1-309122679379223%26eb_br%3Dzero%26eba%3D1%26ebss%3D10061%26bv%3D11%26bvm%3D0%26bvr%3D1%26avc%3D38%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D0%26br2%3D50%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C6293%2C6294%2C6295%2C19%2C2688%2C3045%2C4276%2C18%2C19%2C1428%2C2688%2C2693%2C3045%2C3052%2C3053%2C3856%2C4276%26lb%3D50%26reqt%3D1698874230030%26adxf%3D1%26ss38%3D1%26ss9%3D1&adks=2076075791&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
bb370110f64dfcaf5d851a20e610037840980ee2627b4507b3427cf8a2e37124
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:31 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
144
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
visitor-eu-west-1.omnitagjs.com/visitor/ Frame 1E5B
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-eu-west-1.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%2...
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=2393881630050333936&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
49 B
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=2393881630050333936&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H2
Server
3.248.171.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-171-173.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:31 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
9
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:31 GMT
an-x-request-uuid
8b8a4b87-d548-496e-a84f-96d8198605ba
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=2393881630050333936&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
x-proxy-origin
85.218.70.160; 85.218.70.160; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
visitor-eu-west-1.omnitagjs.com/visitor/ Frame 1E5B
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-eu-west-1.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a0...
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=2393881630050333936&gdpr=0&gdpr_consent=&gdpr=0&gd...
49 B
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=2393881630050333936&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H2
Server
3.248.171.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-171-173.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:31 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
5
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:31 GMT
an-x-request-uuid
d26b2fff-a6d8-4763-a8f5-5328726afe57
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=2393881630050333936&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
x-proxy-origin
85.218.70.160; 85.218.70.160; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 1E5B
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=0&gdpr_consent=&tc=1
  • https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=UqIsYjPXXLk7C02d2KjJ&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=&tc=1
49 B
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=UqIsYjPXXLk7C02d2KjJ&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=&tc=1
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H2
Server
3.248.171.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-171-173.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:32 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
1
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=UqIsYjPXXLk7C02d2KjJ&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=&tc=1
pragma
no-cache
date
Wed, 01 Nov 2023 21:30:31 GMT, Wed, 01 Nov 2023 21:30:31 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 1E5B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=adyoulike&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=adyoulike&ssp_user_id=9a5353ba-e71e-4f61-9897-398e51822172&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-sBgcdfhE2pl.llV5fnzobKhOTnC5Q0KhghGQ0Q--~A&expires=5&ssp=adyoulike
  • https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=9a5353ba-e71e-4f61-9897-398e51822172&name=BIDSWITCH&gdpr=&gdpr_consent=
49 B
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=9a5353ba-e71e-4f61-9897-398e51822172&name=BIDSWITCH&gdpr=&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H2
Server
3.248.171.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-171-173.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:32 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
8
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
//visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=9a5353ba-e71e-4f61-9897-398e51822172&name=BIDSWITCH&gdpr=&gdpr_consent=
date
Wed, 01 Nov 2023 21:30:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
ayl_pixel
api-2-0.spot.im/pixels/ Frame 1E5B 		0
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-2-0.spot.im/pixels/ayl_pixel?ayl_id=30a0d0a5b0d2fda97ba91eee36d9525e
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-48.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:31 GMT
via
1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P7
x-amz-cf-id
O0Rch12CH7zGU951_mnAj-x5De-C-Pj6BgMRF5vSnnZd4zumtgnP9Q==
x-cache
Miss from cloudfront
sync
visitor.omnitagjs.com/visitor/ Frame 1E5B
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/aul
  • https://match.prod.bidr.io/cookie-sync/aul?_bee_ppp=1
  • https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AAENY07KhYcAABg2xplsjQ&name=BEESWAX
49 B
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AAENY07KhYcAABg2xplsjQ&name=BEESWAX
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H2
Server
3.248.171.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-171-173.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:32 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
8
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AAENY07KhYcAABg2xplsjQ&name=BEESWAX
Date
Wed, 01 Nov 2023 21:30:32 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
sync
visitor-eu-west-1.omnitagjs.com/visitor/ Frame 1E5B
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=openrtb&zoneCode=openrtb_adyoulike&redirect=https%3A%2F%2Fvisitor-eu-west-1.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSMILE_WANTED%26ttl%3D720%26uid%3De770...
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=SMILE_WANTED&ttl=720&uid=e77031af9e62c4ae76bee5b9517c4ef4&visitor=18a17799546f92b1f52d3755048e88d2&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=SMILE_WANTED&ttl=720&uid=e77031af9e62c4ae76bee5b9517c4ef4&visitor=18a17799546f92b1f52d3755048e88d2&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H2
Server
3.248.171.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-171-173.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:31 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
13
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

date
Wed, 01 Nov 2023 21:30:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
location
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=SMILE_WANTED&ttl=720&uid=e77031af9e62c4ae76bee5b9517c4ef4&visitor=18a17799546f92b1f52d3755048e88d2&gdpr=0&gdpr_consent=
access-control-allow-credentials
true
cf-ray
81f73d48bd320a7b-AMS
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
generic
match.adsrvr.org/track/cmf/ Frame 1E5B 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:31 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
csync.loopme.me/ Frame 1E5B 		0
0
sync
visitor-eu-west-1.omnitagjs.com/visitor/ Frame 1E5B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-eu-west-1.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26v...
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=&gdpr=0&gdpr_consent=&gdpr=0
49 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H2
Server
3.248.171.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-171-173.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:32 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
content-type
image/gif
x-kong-upstream-latency
0
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Location
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=&gdpr=0&gdpr_consent=&gdpr=0
Pragma
no-cache
Date
Wed, 01 Nov 2023 21:30:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
205
Content-Type
text/html; charset=utf-8
sync
visitor-eu-west-1.omnitagjs.com/visitor/ Frame 1E5B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-eu-west-1.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_BANNER%26ttl%3D720%26uid%3Dbdef6bd95b7450b4e62a32db8c7d8c9d%26visit...
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=&gdpr=0&gdpr_consent=&gdpr=0
49 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H2
Server
3.248.171.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-171-173.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:32 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
content-type
image/gif
x-kong-upstream-latency
3
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Location
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=&gdpr=0&gdpr_consent=&gdpr=0
Pragma
no-cache
Date
Wed, 01 Nov 2023 21:30:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
201
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame 1E5B
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&pu=https%3A%2F%2Fvisitor-eu-west-1.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DPUBMATIC%26ttl%3D720%26uid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26visi...
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2393881630050333936
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2393881630050333936
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 01 Nov 2023 21:30:32 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:32 GMT
an-x-request-uuid
21ed92a8-ef6a-4276-a89c-5ee250e70ab0
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2393881630050333936
x-proxy-origin
85.218.70.160; 85.218.70.160; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
adyoulike
sync.adotmob.com/cookie/ Frame 1E5B 		0
0
sync
visitor.omnitagjs.com/visitor/ Frame 1E5B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=33&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-ed123e2f-fa20-58ba-40a8-5af76122dbc9$ip$85.218.70.160&name=STACKADAPT&gdpr=0&gdpr_consent=
49 B
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-ed123e2f-fa20-58ba-40a8-5af76122dbc9$ip$85.218.70.160&name=STACKADAPT&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H2
Server
3.248.171.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-171-173.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:32 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
8
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Location
https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-ed123e2f-fa20-58ba-40a8-5af76122dbc9$ip$85.218.70.160&name=STACKADAPT&gdpr=0&gdpr_consent=
Date
Wed, 01 Nov 2023 21:30:32 GMT
Connection
keep-alive
Content-Length
219
Content-Type
text/html; charset=utf-8
101967
jadserve.postrelease.com/suid/ Frame 1E5B 		43 B
534 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/101967?ntv_r=https%3A%2F%2Fvisitor-eu-west-1.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DNATIVO%26ttl%3D720%26uid%3D0544850a0778385701c6899403bef718%26visitor%3DNTV_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.26.105.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-26-105-189.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:32 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 1E5B
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEEN...
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEEN...
  • https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=6ba0b4a4-fbcf-5432-8913-f696ec5135ee&name=BETWEENX&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=6ba0b4a4-fbcf-5432-8913-f696ec5135ee&name=BETWEENX&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H2
Server
3.248.171.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-171-173.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:33 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
10
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=6ba0b4a4-fbcf-5432-8913-f696ec5135ee&name=BETWEENX&gdpr=0&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
sync
visitor-eu-west-1.omnitagjs.com/visitor/ Frame 1E5B
Redirect Chain
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5E789729-1E92-41CA-8B4F-987C6EDAE9FE&rurl=https%3A%2F%2Fvisitor-eu-west-1.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADMIXER%26ttl%3D720%26uid%3D0f4b0fcde45...
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=3b230d7754c34b8dab8f1c175ec68a62&gdpr=0&gdpr_consent=
49 B
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=3b230d7754c34b8dab8f1c175ec68a62&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H2
Server
3.248.171.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-171-173.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:32 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

date
Wed, 01 Nov 2023 21:30:32 GMT
server
nginx
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
*
location
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=3b230d7754c34b8dab8f1c175ec68a62&gdpr=0&gdpr_consent=
access-control-allow-credentials
true
keep-alive
timeout=25
content-length
0
x-xss-protection
0
pixel
ap.lijit.com/ Frame 1E5B 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvisitor-eu-west-1.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSOVRN%26ttl%3D720%26uid%3D4b30a0b1f289a261ab592e1e53c126eb%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 01 Nov 2023 21:30:32 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
cookiesync
bttrack.com/pixel/ Frame 1E5B 		35 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.69 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
NET-33-132-192.69.bidtellect.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-servername
Track004-iad
pragma
no-cache
date
Wed, 01 Nov 2023 21:29:44 GMT
strict-transport-security
max-age=31536000;
content-type
image/gif
cache-control
private,no-cache
content-length
35
expires
-1
711333.gif
id.rlcdn.com/ Frame 1E5B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711333.gif?&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
usync.html
eus.rubiconproject.com/ Frame 3DD9
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 01 Nov 2023 21:30:31 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 01 Nov 2023 21:30:31 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
server
AkamaiGHost
usync.html
eus.rubiconproject.com/ Frame B93B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 01 Nov 2023 21:30:32 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 01 Nov 2023 21:30:31 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame D0AA 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
6ddc26cc39b8b285a3802dc9fd6fbb5487d8f426f0aa2ac53006bf3a3421e9c1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1462
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame DF7D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 01 Nov 2023 21:30:31 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 01 Nov 2023 21:30:31 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
server
AkamaiGHost
sync
ssbsync.smartadserver.com/api/ Frame A7CB 		890 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
fa23132735379ba3a4e870aa325f80c4792f1be7d1ac9ab1b4563ef3d9702816

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
890
content-type
text/html
date
Wed, 01 Nov 2023 21:30:31 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		389 B
218 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4190647440363764&correlator=2888869175896744&eid=31079165%2C31079302%2C31078530%2C31079371&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=20&didk=3113486611&sfv=1-0-40&rcs=2&eri=1&sc=1&cookie=ID%3Dfba99a7232a66101%3AT%3D1698874228%3ART%3D1698874228%3AS%3DALNI_MY8n8m-YLz8RXr1tshiw0lvvLjb1w&gpic=UID%3D00000cb101e21ccf%3AT%3D1698874228%3ART%3D1698874228%3AS%3DALNI_MbZgk5tXHrda4k3l-TdZen-fsgnSQ&abxe=1&dt=1698874231128&lmt=1698874231&adxs=310&adys=140&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fpastelink.net%2F3t5ilv84&vis=1&psz=728x90&msz=728x90&fws=516&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslS2Cp0wHjsM8BO_O5FssrnRkjVi_oiPlCW15OFUs3Y&ga_vid=1833405134.1698874225&ga_sid=1698874227&ga_hid=681257193&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYovKt5rgxSABSAghkEhsKDDMzYWNyb3NzLmNvbRii8q3muDFIAFICCGQSGQoKcHViY2lkLm9yZxii8q3muDFIAFICCGQSGAoJeWFob28uY29tGKmArua4MUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRii8q3muDFIAFICCGQSFwoIcnRiaG91c2UYovKt5rgxSABSAghkEhQKBW9wZW54GKLyrea4MUgAUgIIZBIZCgp1aWRhcGkuY29tGKLyrea4MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YovKt5rgxSABSAghk&dlt=1698874223774&idt=3166&prev_scp=a%3D%257C0%257C%26iid1%3D8842674643416426%26eid%3D8842674643416426%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1104%26sap%3D1104%26as%3Drevenue%26plat%3D1%26bra%3Dmod182-c%26ic%3D3%26at%3Dbf%26adr%3D399%26ezosn%3D6%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dpastelink_net-box-2-8842674643416426%26eb_br%3Dzero%26eba%3D1%26ebss%3D10061%26bv%3D11%26bvm%3D0%26bvr%3D1%26avc%3D38%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D0%26br2%3D50%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26icsticky%3D1%26stl%3D157%2C14%2C0%2C4%2C0%2C193%2C142%2C20%2C157%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C760%2C761%2C815%2C816%2C817%2C818%2C899%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3933%2C4184%2C4185%2C4186%2C4604%2C4605%2C5747%2C6293%2C6294%2C6295%2C19%2C2688%2C3045%2C4276%2C18%2C19%2C1428%2C2688%2C2693%2C3045%2C3052%2C3053%2C3856%2C4276%26lb%3D50%26reqt%3D1698874230065%26adxf%3D1%26ss38%3D1%26ss9%3D1&adks=3611101832&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
6d989a137e0bcaf45b9249baa60d31eaa581c044a08b5e21f813f3fd0f3c8a2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:31 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
142
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
607c66d6b4faa9b281256002781e328f532d10ffb5b6ee85fdb1bd62bee24f08
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Wed, 01 Nov 2023 21:30:31 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame D0AA
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi4zLiglhBCFbYIOHml4yVK-boqAQXTCf5w
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi4zLiglhBCFbYIOHml4yVK-boqAQXTCf5w
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi4zLiglhBCFbYIOHml4yVK-boqAQXTCf5w
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
711916.gif
id.rlcdn.com/ Frame D0AA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
onetag-sys.com/match/ Frame D0AA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGIxpgxsnM_tw_mTjRTB17o&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGIxpgxsnM_tw_mTjRTB17o&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGIxpgxsnM_tw_mTjRTB17o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
sync.mathtag.com/sync/ Frame D0AA 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1075 283b7e3 master zrh zrh-pixel-x25 config_version:"1369" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 21:30:31 GMT
Server
MT3 1075 283b7e3 master zrh zrh-pixel-x25 config_version:"1369"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Wed, 01 Nov 2023 21:30:30 GMT
/
onetag-sys.com/match/ Frame D0AA
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LOG9UQF5-U-I57A&gdpr=0
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LOG9UQF5-U-I57A&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LOG9UQF5-U-I57A&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
Expires
0
/
onetag-sys.com/match/ Frame D0AA
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2393881630050333936
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2393881630050333936
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:31 GMT
an-x-request-uuid
37a867f2-bda0-4163-ba1d-147fe4d3a8b2
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2393881630050333936
x-proxy-origin
85.218.70.160; 85.218.70.160; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame D0AA
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=47de23d1df628a2c2fd3b055dda898ca&gdpr_consent=&gdpr=0
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=47de23d1df628a2c2fd3b055dda898ca&gdpr_consent=&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 21:30:31 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=47de23d1df628a2c2fd3b055dda898ca&gdpr_consent=&gdpr=0
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1698874231685025-587
Expires
Wed, 01 Nov 2023 21:30:31 GMT
tap.php
pixel.rubiconproject.com/ Frame D0AA 		42 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=tXWjGLATfItW3x2YwXPc_L_Ju9Sz_LVAkvCJV64mBdY
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
402fba8a82f093def2459220061c8d31
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame D0AA
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=4620150274202798648
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=4620150274202798648
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=4620150274202798648
date
Wed, 01 Nov 2023 21:30:31 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame D0AA
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=kGMBuMzSWhyP5gCYC9ZEXzlwBVAa5Cva2OCnSg0F5jQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=kGMBuMzSWhyP5gCYC9ZEXzlwBVAa5Cva2OCnSg0F5jQ
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 21:30:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WEX5TD79M8KGJM8HH5C1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=kGMBuMzSWhyP5gCYC9ZEXzlwBVAa5Cva2OCnSg0F5jQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
Pug
simage2.pubmatic.com/AdServer/ Frame D0AA
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2393881630050333936
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2393881630050333936
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 01 Nov 2023 21:30:32 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:32 GMT
an-x-request-uuid
85742be6-b48b-4d29-888c-e487b0bd5093
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2393881630050333936
x-proxy-origin
85.218.70.160; 85.218.70.160; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame D0AA
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-2RM.RndE2uHNQelEy.NdvN.v7Aqj0uompIy9nrQ-~A
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-2RM.RndE2uHNQelEy.NdvN.v7Aqj0uompIy9nrQ-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-2RM.RndE2uHNQelEy.NdvN.v7Aqj0uompIy9nrQ-~A
date
Wed, 01 Nov 2023 21:30:31 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame D0AA 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:31 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
onetag-sys.com/match/ Frame D0AA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=onetag&ssp_user_id=9a5353ba-e71e-4f61-9897-398e51822172&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-sBgcdfhE2pl.llV5fnzobKhOTnC5Q0KhghGQ0Q--~A&expires=5&ssp=onetag
  • https://onetag-sys.com/match/?int_id=30&uid=9a5353ba-e71e-4f61-9897-398e51822172&gdpr=&gdpr_consent=&us_privacy=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=9a5353ba-e71e-4f61-9897-398e51822172&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
//onetag-sys.com/match/?int_id=30&uid=9a5353ba-e71e-4f61-9897-398e51822172&gdpr=&gdpr_consent=&us_privacy=
date
Wed, 01 Nov 2023 21:30:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sync
visitor.omnitagjs.com/visitor/ Frame D0AA 		49 B
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=f04f5c55f88ffea7a3ce5b2d908a6e71&visitor=tXWjGLATfItW3x2YwXPc_L_Ju9Sz_LVAkvCJV64mBdY
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.171.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-171-173.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:31 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 8C1B 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
1692548
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
81f73d49cec70a7b-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
async_usersync
ib.adnxs.com/ Frame 61DF 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:31 GMT
an-x-request-uuid
daf405dd-b554-4d04-bcb8-3072f21abf7b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
85.218.70.160; 85.218.70.160; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
syncframe
gum.criteo.com/ Frame C343 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=pastelink.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 21:30:31 GMT
server
Kestrel
server-processing-duration-in-ticks
311514
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
ads
securepubads.g.doubleclick.net/gampad/ 		398 B
231 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4190647440363764&correlator=4492869276270790&eid=31079165%2C31079302%2C31078530%2C31079371&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ifi=21&didk=4157619326&sfv=1-0-40&rcs=2&eri=1&sc=1&cookie=ID%3Dfba99a7232a66101%3AT%3D1698874228%3ART%3D1698874228%3AS%3DALNI_MY8n8m-YLz8RXr1tshiw0lvvLjb1w&gpic=UID%3D00000cb101e21ccf%3AT%3D1698874228%3ART%3D1698874228%3AS%3DALNI_MbZgk5tXHrda4k3l-TdZen-fsgnSQ&abxe=1&dt=1698874231521&lmt=1698874231&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fpastelink.net%2F3t5ilv84&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslS2Cp0wHjsM8BO_O5FssrnRkjVi_oiPlCW15OFUs3Y&ga_vid=1833405134.1698874225&ga_sid=1698874227&ga_hid=681257193&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQDgyNmI5NmYzY2FlODQyMjI1YmFkNDY5MGRmY2JlMzIyNDZiMGU2NDM5Mzk3YjllM2MyY2IwNDg0OGIwNzQyMWQY1ZWu5rgxSAASGwoMMzNhY3Jvc3MuY29tGKLyrea4MUgAUgIIZBIZCgpwdWJjaWQub3JnGKLyrea4MUgAUgIIZBIYCgl5YWhvby5jb20YqYCu5rgxSABSAghvEh0KDmVzcC5jcml0ZW8uY29tGKLyrea4MUgAUgIIZBIXCghydGJob3VzZRii8q3muDFIAFICCGQSFAoFb3BlbngYovKt5rgxSABSAghkEhkKCnVpZGFwaS5jb20YovKt5rgxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjvkq7muDFIAFICCGo.&dlt=1698874223774&idt=3166&prev_scp=a%3D%257C0%257C%26iid1%3D789403421351814%26eid%3D789403421351814%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod182-c%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dpastelink_net-medrectangle-2-789403421351814%26eb_br%3D33dd523f8e4dda158f0aa99686dda7f2%26eba%3D1%26ebss%3D10061%26bv%3D12%26bvm%3D0%26bvr%3D2%26avc%3D38%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D6%26br2%3D70%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C193%2C0%2C4%2C0%2C193%2C142%2C20%2C157%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C4605%2C5747%2C6293%2C6294%2C6295%2C19%2C2610%2C2688%2C3045%2C18%2C19%2C1428%2C2610%2C2688%2C2693%2C3045%2C3052%2C3053%2C3856%2C4276%26lb%3D70%26reqt%3D1698874230388&adks=3667244470&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
641722c8b7f9d9505d23675a925c474d4384dd24889195c0366a9d60aec0362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:32 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
154
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame A7CB 		49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=9276a8c8d010b77af50144c60047b781&visitor=4620150274202798648&name=SMARTADSERVER&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.171.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-171-173.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:31 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
10
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0
/
rtb-csync.smartadserver.com/redir/ Frame A7CB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=smartadserver
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=7RI-L_ogWLpAqFr3YSLbyVXaRqA&user_group=1&ssp=smartadserver&gdpr=0
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=9a5353ba-e71e-4f61-9897-398e51822172&gdpr=0&gdpr_consent=
43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=9a5353ba-e71e-4f61-9897-398e51822172&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
185.86.138.152 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 01 Nov 2023 21:30:31 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
//rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=9a5353ba-e71e-4f61-9897-398e51822172&gdpr=0&gdpr_consent=
date
Wed, 01 Nov 2023 21:30:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame A7CB
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NDYyMDE1MDI3NDIwMjc5ODY0OA==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NDYyMDE1MDI3NDIwMjc5ODY0OA==&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NDYyMDE1MDI3NDIwMjc5ODY0OA==&gdpr=0&gdpr_consent=
pragma
no-cache
date
Wed, 01 Nov 2023 21:30:31 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
generic
match.adsrvr.org/track/cmf/ Frame A7CB 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:31 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
rtb-csync.smartadserver.com/redir/ Frame A7CB
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=NDYyMDE1MDI3NDIwMjc5ODY0OA==&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEKxoeb6cmVTBzI8qKATbNWs&gdpr=0&gdpr_consent=&google_cver=1
43 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEKxoeb6cmVTBzI8qKATbNWs&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
185.86.138.152 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 01 Nov 2023 21:30:31 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEKxoeb6cmVTBzI8qKATbNWs&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame A588 		572 B
805 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
3cb2998606348bb67bb449d2d66d401316b1bd4dcf2d9305591e76a32a65c989

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
379
content-type
text/html
date
Wed, 01 Nov 2023 21:30:32 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usersync.aspx
dis.criteo.com/dis/ Frame 0443 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 21:30:31 GMT
expires
Wed, 01 Nov 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
203913
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame AE61
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=B3ABD658-6510-47A0-8543-FE669B89DF5B&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=B3ABD658-6510-47A0-8543-FE669B89DF5B&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=B3ABD658-6510-47A0-8543-FE669B89DF5B&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 01 Nov 2023 21:30:32 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
FPBXMHAYKMTEB28T6XH9

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Wed, 01 Nov 2023 21:30:32 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=B3ABD658-6510-47A0-8543-FE669B89DF5B&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
CKC934EJAF8NY0745K98
sync
visitor-eu-west-1.omnitagjs.com/visitor/ Frame ADA9
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=wyojXpYsIFTYKyAIzCw6XJd-IFnYeScPwi_wLMRb
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
49 B
383 B 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.171.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-171-173.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
49
content-type
image/gif
date
Wed, 01 Nov 2023 21:30:32 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
vary
Accept-Encoding
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
x-kong-upstream-latency
7

Redirect headers

cache-control
private,max-age=86400
content-length
220
content-type
text/html; charset=utf-8
date
Wed, 01 Nov 2023 21:30:31 GMT
location
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 3DAE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2393881630050333936&gdpr=0&gdpr_consent=
42 B
447 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2393881630050333936&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 01 Nov 2023 21:30:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
368bb049-1fa9-4128-9c22-c67509b51ea7
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 01 Nov 2023 21:30:31 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2393881630050333936&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
85.218.70.160; 85.218.70.160; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
sync
visitor-eu-west-1.omnitagjs.com/visitor/ Frame B476
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7296609266459408536&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
49 B
383 B 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.171.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-171-173.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
49
content-type
image/gif
date
Wed, 01 Nov 2023 21:30:32 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
vary
Accept-Encoding
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
x-kong-upstream-latency
3

Redirect headers

cache-control
private,max-age=86400
content-length
220
content-type
text/html; charset=utf-8
date
Wed, 01 Nov 2023 21:30:31 GMT
location
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame 800B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=9a5353ba-e71e-4f61-9897-398e51822172&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_ad34fc1b-3f75-4745-8107-dec66bbd9587&bsw_param=9a5353ba-e71e-4f61-9897-398e51822172&expires=10&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9a5353ba-e71e-4f61-9897-398e51822172&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Wed, 01 Nov 2023 21:30:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Wed, 01 Nov 2023 21:30:32 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
sync
visitor-eu-west-1.omnitagjs.com/visitor/ Frame ABBE
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=7RI-L_ogWLpAqFr3YSLbyVXaRqA&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
49 B
383 B 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.171.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-171-173.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
49
content-type
image/gif
date
Wed, 01 Nov 2023 21:30:32 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
vary
Accept-Encoding
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
x-kong-upstream-latency
6

Redirect headers

cache-control
private,max-age=86400
content-length
220
content-type
text/html; charset=utf-8
date
Wed, 01 Nov 2023 21:30:32 GMT
location
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
csync.loopme.me/ Frame CFFB 		0
0
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 4907
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZULDeAAAArVjVAAU
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Wed, 01 Nov 2023 21:30:32 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-ams21045-AMS
x-timer
S1698874232.267806,VS0,VE90

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Wed, 01 Nov 2023 21:30:32 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZULDeAAAArVjVAAU
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-ams21045-AMS
x-timer
S1698874232.088916,VS0,VE90
/
onetag-sys.com/match/ Frame 846B
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFNGhFN0toWWNBQUJqN2h0UU91QQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAE4hE7KhYcAABj7htQOuA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=4620150274202798648&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AAE4hE7KhYcAABj7htQOuA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D4620150274202798648%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=4620150274202798648&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAE4hE7...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAE4hE7KhYcAABj7htQOuA&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=B3ABD658-6510-47A0-8543-FE669B89DF5B
0
291 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=B3ABD658-6510-47A0-8543-FE669B89DF5B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

cache-control
private,max-age=86400
content-length
157
content-type
text/html; charset=utf-8
date
Wed, 01 Nov 2023 21:30:33 GMT
location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=B3ABD658-6510-47A0-8543-FE669B89DF5B
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
visitor-eu-west-1.omnitagjs.com/visitor/ Frame 1B91
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUadfb157e88884077b43e7bb06bc044f5
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
49 B
384 B 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.171.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-171-173.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
49
content-type
image/gif
date
Wed, 01 Nov 2023 21:30:32 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
vary
Accept-Encoding
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
x-kong-upstream-latency
14

Redirect headers

cache-control
private,max-age=86400
content-length
220
content-type
text/html; charset=utf-8
date
Wed, 01 Nov 2023 21:30:30 GMT
location
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
visitor-eu-west-1.omnitagjs.com/visitor/ Frame 27F3
Redirect Chain
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
49 B
384 B 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.171.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-171-173.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
49
content-type
image/gif
date
Wed, 01 Nov 2023 21:30:32 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
vary
Accept-Encoding
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
x-kong-upstream-latency
15

Redirect headers

cache-control
private,max-age=86400
content-length
220
content-type
text/html; charset=utf-8
date
Wed, 01 Nov 2023 21:30:30 GMT
location
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
bridge
cm.adgrx.com/ Frame B403 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.245.179 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Wed, 01 Nov 2023 21:30:32 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-7
cm
ipac.ctnsnet.com/int/ Frame 725D 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Wed, 01 Nov 2023 21:30:31 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
sync
visitor-eu-west-1.omnitagjs.com/visitor/ Frame 2E9C
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8317966665527016768
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
49 B
384 B 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.171.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-171-173.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
49
content-type
image/gif
date
Wed, 01 Nov 2023 21:30:32 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
vary
Accept-Encoding
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
x-kong-upstream-latency
10

Redirect headers

cache-control
private,max-age=86400
content-length
220
content-type
text/html; charset=utf-8
date
Wed, 01 Nov 2023 21:30:32 GMT
location
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
visitor-eu-west-1.omnitagjs.com/visitor/ Frame 6022
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322329301776830
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
49 B
383 B 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.171.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-171-173.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
49
content-type
image/gif
date
Wed, 01 Nov 2023 21:30:32 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
vary
Accept-Encoding
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
x-kong-upstream-latency
7

Redirect headers

cache-control
private,max-age=86400
content-length
220
content-type
text/html; charset=utf-8
date
Wed, 01 Nov 2023 21:30:32 GMT
location
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cookiesync
core.iprom.net/ Frame 181B 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Wed, 01 Nov 2023 21:30:32 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-c45d02156b9e@version_1.575
X-core-time
0ms
X-server-arch
v2
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame E9C1 		0
0
i.match
s.tribalfusion.com/z/ Frame 61E0
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
419 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
81f73d522967f0f8-CDG
content-length
43
content-type
image/gif; charset=utf-8
date
Wed, 01 Nov 2023 21:30:32 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
81f73d509ed9f0f8-CDG
content-type
text/html
date
Wed, 01 Nov 2023 21:30:32 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
187
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7246
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=s6vWWGUQR6CFQ_5mm4nfWw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Server
2.18.96.187 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-96-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:32 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=65641
accept-ranges
bytes
content-length
5606
expires
Thu, 02 Nov 2023 15:44:33 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 7246 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.54.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-54-88.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:31 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.5.62
content-length
49
expires
0
cr
cr.frontend.weborama.fr/ Frame 7246
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=382873761
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=382873761
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Server
34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.129.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:31 GMT
via
1.1 google
last-modified
Wed, 01 Nov 2023 21:30:32 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:31 GMT
via
1.1 google
last-modified
Wed, 01 Nov 2023 21:30:32 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=382873761
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
match
a.audrte.com/ Frame 7246 		0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=B3ABD658-6510-47A0-8543-FE669B89DF5B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.152.141.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-152-141-210.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
sync
visitor-eu-west-1.omnitagjs.com/visitor/ Frame 7246
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjNBQkQ2NTgtNjUxMC00N0EwLTg1NDMtRkU2NjlCODlERjVC&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
49 B
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Server
3.248.171.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-171-173.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:32 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
5
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
date
Wed, 01 Nov 2023 21:30:32 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
220
content-type
text/html; charset=utf-8
sync
visitor-eu-west-1.omnitagjs.com/visitor/ Frame 7246
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEI30_bqJ34ZRup-FmkQa_Bg&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
49 B
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Server
3.248.171.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-171-173.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:32 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
1
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
date
Wed, 01 Nov 2023 21:30:31 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
220
content-type
text/html; charset=utf-8
pubmatic
um.simpli.fi/ Frame 7246 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:32 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 31 Oct 2023 21:30:32 GMT
sync
visitor-eu-west-1.omnitagjs.com/visitor/ Frame 7246
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=770273705208909224
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
49 B
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Server
3.248.171.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-171-173.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:32 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
3
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
date
Wed, 01 Nov 2023 21:30:32 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
220
content-type
text/html; charset=utf-8
generic
match.adsrvr.org/track/cmf/ Frame 7246 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:31 GMT
server
Kestrel
content-length
70
content-type
image/gif
B3ABD658-6510-47A0-8543-FE669B89DF5B
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 7246 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/B3ABD658-6510-47A0-8543-FE669B89DF5B?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.22.214 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-22-214.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 7246
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B3ABD658-6510-47A0-8543-FE669B89DF5B&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-87Nwz51E2uXImq2foVdP44m_dWAOsSQ-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-87Nwz51E2uXImq2foVdP44m_dWAOsSQ-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:31 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-87Nwz51E2uXImq2foVdP44m_dWAOsSQ-~A&gdpr=0
date
Wed, 01 Nov 2023 21:30:31 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
visitor-eu-west-1.omnitagjs.com/visitor/ Frame 7246
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=24381f8a-062e-473d-bf9e-cc834db2ecca-6542c378-4348&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Server
3.248.171.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-171-173.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:32 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
16
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
date
Wed, 01 Nov 2023 21:30:32 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
220
content-type
text/html; charset=utf-8
ImgSync
image8.pubmatic.com/AdServer/ Frame 7246
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9191748007734315166&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:32 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Wed, 01 Nov 2023 21:30:32 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 7246
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=16ef43cb3931931&is_secure=true&networkId=17100&version=1&nuid=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIDD6btsPpUgMCuWDgAAAAAAA&expiration=1698960632&nuid=B3ABD658-6510-47A0-8543-FE669B89DF5B&...
42 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIDD6btsPpUgMCuWDgAAAAAAA&expiration=1698960632&nuid=B3ABD658-6510-47A0-8543-FE669B89DF5B&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 01 Nov 2023 21:30:32 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:32 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIDD6btsPpUgMCuWDgAAAAAAA&expiration=1698960632&nuid=B3ABD658-6510-47A0-8543-FE669B89DF5B&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sync
visitor-eu-west-1.omnitagjs.com/visitor/ Frame 7246
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:52e6de76-f6f2-4f38-927e-3e58c737e32f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
49 B
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Server
3.248.171.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-171-173.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:32 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
9
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B3ABD658-6510-47A0-8543-FE669B89DF5B&gdpr=0&gdpr_consent=
date
Wed, 01 Nov 2023 21:30:32 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
220
content-type
text/html; charset=utf-8
view
securepubads.g.doubleclick.net/pcs/ Frame 3F1C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstliCe0VQ3A36S6p4NcGbjP548kktS7ZH_Lp3AeMN_6QW_6ovKQsNZlqhXnZ0iepO0PKGBTDh6jHSFgZ_L44ihiBVtwbbwoB9MZ1q6fOwVFcgzuOU4ErWjuMx7IqdtdjbQigsIciJArn24qyXu6KWbdXRf5EVmFGCLC4KivCDivTYL-or4FTWlFSK26XlgfUN_BgtMtQQwykFg1QvxkwawX8VrA1KJRYrBUvpAgZ5by05C22G3XKdo28s7CEylIBDHomHNasFtjGnUQADWDSk88aXjgBgcJ0UhYeWY9CPpZAtE2cacqYpSu-TZg02Bka76WwPtakwppygLbWsJL_0b1OilhKdGQ-o74VeJtPPOZ3Q&sai=AMfl-YRS99wbxV0syntDM7AzsUtocFjt5ohLznRYHw2tXX5XAmqJchRS5UNHHYygJWZdNDLYdSzR3lc6JDyUxdijrvm58CiO2ESseO0na9ACkq1Zcvgg0WH53kJwde2Zr_o&sig=Cg0ArKJSzL4IvQGq7VKXEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
BannerAdBannerPlacement.js
onetag-sys.com/static/ Frame 3F1C 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/static/BannerAdBannerPlacement.js?v=0.3.23
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
d8a73607bb37cfd6ada8a3bcdd55aa671988b829b76e9d15833885b8a94f7bf9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Mon, 01 Jan 2046 12:34:56 GMT
strict-transport-security
max-age=15552000
cache-control
public, max-age=2628000, immutable
content-encoding
gzip
content-length
8618
vary
accept-encoding
content-type
application/javascript
army.gif
g.ezoic.net/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzE5OTExMDg4MTM0MzMxOCIsImRvbWFpbl9pZCI6IjI1MTc4NiIsInVuaXQiOiJkaXYtZ3B0LWFkLXBhc3RlbGlua19uZXQtYmFubmVyLTItMCIsInRfZXBvY2giOjE2OTg4NzQyMjQsInJldmVudWUiOjAuMDAwMDYyNDc3NjQxNzk5OTk5OTksImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwOSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMDYyNDc3NjQxNzk5OTk5OTksImJpZF9mbG9vcl9wcmV2Ijo2LCJzdGF0X3NvdXJjZV9pZCI6MTEyOTEsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJhNjYwNTEyMC01NTE2LTRlNmMtNTUzMi00NzIyOGZlNTE3YWIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoic3RhdF9zb3VyY2VfaWQiLCJ2YWwiOiIxMTI5MSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzE5OTExMDg4MTM0MzMxOCIsImRvbWFpbl9pZCI6IjI1MTc4NiIsInVuaXQiOiJkaXYtZ3B0LWFkLXBhc3RlbGlua19uZXQtYmFubmVyLTItMCIsInRfZXBvY2giOjE2OTg4NzQyMjQsInJldmVudWUiOjAuMDAwMDYyNDc3NjQxNzk5OTk5OTksImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwOSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMDYyNDc3NjQxNzk5OTk5OTksImJpZF9mbG9vcl9wcmV2Ijo2LCJzdGF0X3NvdXJjZV9pZCI6MTEyOTEsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJhNjYwNTEyMC01NTE2LTRlNmMtNTUzMi00NzIyOGZlNTE3YWIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzE5OTExMDg4MTM0MzMxOCIsImRvbWFpbl9pZCI6IjI1MTc4NiIsInVuaXQiOiJkaXYtZ3B0LWFkLXBhc3RlbGlua19uZXQtYmFubmVyLTItMCIsInRfZXBvY2giOjE2OTg4NzQyMjQsImFkX3Bvc2l0aW9uIjoxMTA5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImE2NjA1MTIwLTU1MTYtNGU2Yy01NTMyLTQ3MjI4ZmU1MTdhYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiIzM2RkNTIzZjhlNGRkYTE1OGYwYWE5OTY4NmRkYTdmMiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzE5OTExMDg4MTM0MzMxOCIsImRvbWFpbl9pZCI6IjI1MTc4NiIsInVuaXQiOiJkaXYtZ3B0LWFkLXBhc3RlbGlua19uZXQtYmFubmVyLTItMCIsInRfZXBvY2giOjE2OTg4NzQyMjQsImFkX3Bvc2l0aW9uIjoxMTA5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImE2NjA1MTIwLTU1MTYtNGU2Yy01NTMyLTQ3MjI4ZmU1MTdhYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJtZWRpYV90eXBlIiwidmFsIjoiYmFubmVyIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIzMTk5MTEwODgxMzQzMzE4IiwiZG9tYWluX2lkIjoiMjUxNzg2IiwidW5pdCI6ImRpdi1ncHQtYWQtcGFzdGVsaW5rX25ldC1iYW5uZXItMi0wIiwidF9lcG9jaCI6MTY5ODg3NDIyNCwiYWRfcG9zaXRpb24iOjExMDksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYTY2MDUxMjAtNTUxNi00ZTZjLTU1MzItNDcyMjhmZTUxN2FiIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InByZWJpZF9zb3VyY2UiLCJ2YWwiOiJjbGllbnQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Wed, 01 Nov 2023 21:30:32 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 31 Oct 2023 21:30:32 GMT
army.gif
g.ezoic.net/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzE5OTExMDg4MTM0MzMxOCIsImRvbWFpbl9pZCI6IjI1MTc4NiIsInVuaXQiOiJkaXYtZ3B0LWFkLXBhc3RlbGlua19uZXQtYmFubmVyLTItMCIsInRfZXBvY2giOjE2OTg4NzQyMjQsImFkX3Bvc2l0aW9uIjoxMTA5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImE2NjA1MTIwLTU1MTYtNGU2Yy01NTMyLTQ3MjI4ZmU1MTdhYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMyJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Wed, 01 Nov 2023 21:30:31 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 31 Oct 2023 21:30:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3F1C 		188 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60393
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698666127188353"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Nov 2023 21:30:32 GMT
ping
onetag-sys.com/v2/ Frame 3F1C 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/v2/ping?data=hZtrnkzv_CQvcR6h967m6zaFwC3ApiZ3wTbLKsBajimtQTcFZIIgtVLv0pKoGfi59nhiVB3kT5G36MAgSKebaNnfXEGapyCwBv8HkZm7NBy8jDvi2iMCtDv0nZO23LwZSGlzDfq3W94nEnJOgbrIah2HO9O3q_SG8W9DDMN-hnchcjoOc1GwNcNY8beq6EoXiZClPM0xnYHc6ArDLnp9o_hywxzOXX_RwHdt9oHV072sXBYWRVRYSYQWX-uRxCQcHngD9ynr7IQbYQKiApRdm3FeugzSdEJKgWCQGnq67FTp1VGbZVj4-sROmnw3yO2VYK18UyFtK0940Cj2gIRXWvm3R2ZYSjt0hnxPNOLXCe8Iv-1Tm5aTvxPruAGFRAsWcnIrd2KZKJ0_vqHuVdWQpz76edlpyrmvxrMpRDRODD81EPmOAR-aX8oae_otDOoD4149IlqEYxbl57I3PTHyrox-VE_H3p-hsTKh1UcoilxMLjfHaEMRcPzXhnR7bCAWU7SPjkfL5CK4-L7qiMtvFo6fCGVYGMb3SNayhW5IKcqB8UANi5LXLmMko0apDLMlFE9v9VcZR_tn87aHTy8tmUHvmTrKeJfwjtnEhiSMFb25hNfp4rU9n41n3RbJiEkcWHY1j-Osdxp3bBswx1SfImu-0GAOMoFje-4zg84IvnYuf2m1NwuXyeXfMYyXlU_pMOXhgOlj5nYbm3Mq7OFl1g&event=115&price=&click=
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
greenoaks.gif
g.ezoic.net/detroitchicago/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhNjYwNTEyMC01NTE2LTRlNmMtNTUzMi00NzIyOGZlNTE3YWIiLCJkb21haW5faWQiOiIyNTE3ODYiLCJ0X2Vwb2NoIjoxNjk4ODc0MjI0LCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfbG9hZCIsInZhbCI6IjY5MTMifV19XQ==
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Wed, 01 Nov 2023 21:30:32 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 31 Oct 2023 21:30:32 GMT
ezadfilled.js
go.ezodn.com/porpoiseant/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/porpoiseant/ezadfilled.js?gcb=195-0&cb=126
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.136.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adbd4855a8c8b406e9f528883f91e4cad19d3051400f5bdba7dadf446a8d6815

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 Nov 2023 02:07:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
69793
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tW%2FqQLPzOxg%2BBrR2wuTMRbd2zZ%2Bq0s37PjFqz%2B5DP4K5HRhmX6D0BjLqIFurn96Cmt2ySXZ%2BvlVFwy%2FS13fcW2KAGSpKzmK5JA337KZ%2F04X%2F2LTM0Ho41w5urhn4KYA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
81f73d4e4cf80a50-AMS
alt-svc
h3=":443"; ma=86400
army.gif
g.ezoic.net/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzE5OTExMDg4MTM0MzMxOCIsImRvbWFpbl9pZCI6IjI1MTc4NiIsInVuaXQiOiJkaXYtZ3B0LWFkLXBhc3RlbGlua19uZXQtYmFubmVyLTItMCIsInRfZXBvY2giOjE2OTg4NzQyMjQsImFkX3Bvc2l0aW9uIjoxMTA5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImE2NjA1MTIwLTU1MTYtNGU2Yy01NTMyLTQ3MjI4ZmU1MTdhYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NTcyODA3NTU5NywiY3JlYXRpdmVfaWQiOjEzODM1NDQyNjk2NCwiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzU0NDI2OTY0In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIzMTk5MTEwODgxMzQzMzE4IiwiZG9tYWluX2lkIjoiMjUxNzg2IiwidW5pdCI6ImRpdi1ncHQtYWQtcGFzdGVsaW5rX25ldC1iYW5uZXItMi0wIiwidF9lcG9jaCI6MTY5ODg3NDIyNCwiYWRfcG9zaXRpb24iOjExMDksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYTY2MDUxMjAtNTUxNi00ZTZjLTU1MzItNDcyMjhmZTUxN2FiIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo1NzI4MDc1NTk3LCJjcmVhdGl2ZV9pZCI6MTM4MzU0NDI2OTY0LCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiI1NzI4MDc1NTk3In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Wed, 01 Nov 2023 21:30:32 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 31 Oct 2023 21:30:32 GMT
5728075597
go.ezodn.com/dac/ 		0
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/dac/5728075597
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/porpoiseant/banger.js?cb=195-0&bv=279&v=100&PageSpeed=off
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.137.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1071
alt-svc
h3=":443"; ma=86400
content-length
0
last-modified
Wed, 01 Nov 2023 21:11:29 GMT
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
text/plain
access-control-allow-origin
https://pastelink.net
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1GNSks8t5epe%2Bqs36d1Hv0rThO1jxJ0SCDWemPAIbnJkv1hQYm3ztXXAo%2F3Cao%2FjHPsVp%2Bn5YsBR%2BareajXgF71X2BrPI%2FBKlxO6vlt%2Bd3lV%2FoEP5BQpqG1Q6oqcV0Q%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
access-control-allow-credentials
true
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
accept-ranges
bytes
cf-ray
81f73d4e686d6698-AMS
access-control-allow-headers
Content-Type
army.gif
g.ezoic.net/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzE5OTExMDg4MTM0MzMxOCIsImRvbWFpbl9pZCI6IjI1MTc4NiIsInVuaXQiOiJkaXYtZ3B0LWFkLXBhc3RlbGlua19uZXQtYmFubmVyLTItMCIsInRfZXBvY2giOjE2OTg4NzQyMjQsImFkX3Bvc2l0aW9uIjoxMTA5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImE2NjA1MTIwLTU1MTYtNGU2Yy01NTMyLTQ3MjI4ZmU1MTdhYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NTcyODA3NTU5NywiY3JlYXRpdmVfaWQiOjEzODM1NDQyNjk2NCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMTEtMDEifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIyMiJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIzIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii02MCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Wed, 01 Nov 2023 21:30:33 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 31 Oct 2023 21:30:33 GMT
army.gif
g.ezoic.net/porpoiseant/ 		0
62 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMzE5OTExMDg4MTM0MzMxOCIsImRvbWFpbl9pZCI6IjI1MTc4NiIsInVuaXQiOiJkaXYtZ3B0LWFkLXBhc3RlbGlua19uZXQtYmFubmVyLTItMCIsInRfZXBvY2giOjE2OTg4NzQyMjQsImF1Y3Rpb25fZXBvY2giOjE2OTg4NzQyMzIsImFkX3Bvc2l0aW9uIjoxMTA5LCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYTY2MDUxMjAtNTUxNi00ZTZjLTU1MzItNDcyMjhmZTUxN2FiIiwiYmlkX2Zsb29yX2luaXRpYWwiOjEwMCwiYmlkX2Zsb29yX3ByZXYiOjUwLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJhdWN0aW9uX2NvdW50IjozLCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo4MzEsIm11bHRpX2FkX3VuaXQiOjAsIm11bHRpX2FkX2NvdW50IjowLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6NTcyODA3NTU5N31d
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Wed, 01 Nov 2023 21:30:33 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 31 Oct 2023 21:30:33 GMT
army.gif
g.ezoic.net/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzA5MTIyNjc5Mzc5MjIzIiwiZG9tYWluX2lkIjoiMjUxNzg2IiwidW5pdCI6ImRpdi1ncHQtYWQtcGFzdGVsaW5rX25ldC1lZGdlLTEtMCIsInRfZXBvY2giOjE2OTg4NzQyMjQsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImE2NjA1MTIwLTU1MTYtNGU2Yy01NTMyLTQ3MjI4ZmU1MTdhYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMyJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Wed, 01 Nov 2023 21:30:32 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 31 Oct 2023 21:30:32 GMT
army.gif
g.ezoic.net/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODg0MjY3NDY0MzQxNjQyNiIsImRvbWFpbl9pZCI6IjI1MTc4NiIsInVuaXQiOiJkaXYtZ3B0LWFkLXBhc3RlbGlua19uZXQtYm94LTItMCIsInRfZXBvY2giOjE2OTg4NzQyMjQsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwNCwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImE2NjA1MTIwLTU1MTYtNGU2Yy01NTMyLTQ3MjI4ZmU1MTdhYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMyJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Wed, 01 Nov 2023 21:30:32 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 31 Oct 2023 21:30:32 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame A68E 		0
349 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81f73d4e6ce80a7b-AMS
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 01 Nov 2023 21:30:32 GMT
server
cloudflare
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame DF7D 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6aad608c392bc7481be6731e6c486c32916ec8070612373d0628247c1545f5f6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 21:30:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Nov 2023 04:17:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=24388
Connection
keep-alive
Content-Length
11104
Expires
Thu, 02 Nov 2023 04:17:00 GMT
usync.js
eus.rubiconproject.com/ Frame 3DD9 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6aad608c392bc7481be6731e6c486c32916ec8070612373d0628247c1545f5f6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 21:30:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Nov 2023 04:17:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=24388
Connection
keep-alive
Content-Length
11104
Expires
Thu, 02 Nov 2023 04:17:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4190647440363764&correlator=4174304091660842&eid=31079165%2C31079302%2C31078530%2C31079371&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C336x280%7C300x600%7C160x600&fluid=height&ifi=22&didk=3975025521&sfv=1-0-40&rcs=2&eri=1&sc=1&cookie=ID%3Dfba99a7232a66101%3AT%3D1698874228%3ART%3D1698874228%3AS%3DALNI_MY8n8m-YLz8RXr1tshiw0lvvLjb1w&gpic=UID%3D00000cb101e21ccf%3AT%3D1698874228%3ART%3D1698874228%3AS%3DALNI_MbZgk5tXHrda4k3l-TdZen-fsgnSQ&abxe=1&dt=1698874232045&lmt=1698874232&adxs=1081&adys=730&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fpastelink.net%2F3t5ilv84&vis=1&psz=300x250&msz=300x0&fws=4&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGskpwxyPl0juW41j1rkrlLUQcvXvzA5mH222Y6atNDpOrr8h3eAFatle8b9o_FK8xUYBsoAICPC98x-_%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslS2Cp0wHjsM8BO_O5FssrnRkjVi_oiPlCW15OFUs3Y&ga_vid=1833405134.1698874225&ga_sid=1698874227&ga_hid=681257193&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQDgyNmI5NmYzY2FlODQyMjI1YmFkNDY5MGRmY2JlMzIyNDZiMGU2NDM5Mzk3YjllM2MyY2IwNDg0OGIwNzQyMWQY1ZWu5rgxSAASGwoMMzNhY3Jvc3MuY29tGKLyrea4MUgAUgIIZBIZCgpwdWJjaWQub3JnGKLyrea4MUgAUgIIZBIYCgl5YWhvby5jb20YqYCu5rgxSABSAghvEh0KDmVzcC5jcml0ZW8uY29tGKLyrea4MUgAUgIIZBIXCghydGJob3VzZRii8q3muDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pZGxwNlpqWjVOV3BUYUVkS2JVUlRZWFJMVlV3d1VUMDlJbjA9GISWrua4MUgAEhkKCnVpZGFwaS5jb20YovKt5rgxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjvkq7muDFIAFICCGo.&dlt=1698874223774&idt=3166&prev_scp=a%3D%257C0%257C%26iid1%3D5694330683411829%26eid%3D5694330683411829%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1108%26sap%3D1108%26as%3Drevenue%26plat%3D1%26bra%3Dmod182-c%26ic%3D3%26at%3Dbf%26adr%3D399%26ezosn%3D5%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D34%26al%3D1034%26compid%3D0%26tap%3Dpastelink_net-large-billboard-2-5694330683411829%26eb_br%3D33dd523f8e4dda158f0aa99686dda7f2%26eba%3D1%26ebss%3D10061%26bv%3D11%26bvm%3D0%26bvr%3D1%26avc%3D38%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D6%26br2%3D44%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C193%2C0%2C4%2C0%2C193%2C142%2C20%2C157%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D17%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C6293%2C6294%2C6295%2C2693%2C3045%2C4276%2C18%2C1428%2C2693%2C3045%2C3052%2C3053%2C3856%2C4276%26hb_bidder%3Donetag%26hb_adid%3D77aa9458c6f5995%26hb_format%3Dbanner%26hb_ssid%3D11291%26hb_opt%3D0.07%26hb_rt%3Dclient%26lb%3D46%26reqt%3D1698874230684%26adxf%3D1%26nam%3D1%26ss38%3D1%26ss9%3D1&adks=1940198536&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
a938a2150d786d29c45dce07f3ba0b81eb04ca3f9da2d7688d06058509ba2c5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:32 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11984
x-xss-protection
0
google-lineitem-id
5728075597
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138354426988
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/usync/ Frame 1DBC 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
d851b241b34cdb2839594f11db847375c382c26c2a5bb38e5229cca93f178ed2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1451
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
pixel
ap.lijit.com/ Frame 7026 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Wed, 01 Nov 2023 21:30:32 GMT
X-Sovrn-Pod
ad_ap6ams1
getuid
eb2.3lift.com/ Frame 3BCB 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/getuid?limit=50&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
pixel
googleads.g.doubleclick.net/xbbe/ Frame 82CE 		281 B
253 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvJWxDB5IUBGP3EuPkBMAE&v=APEucNXnV3v_uUcF-QanxUNJOhh-KPb5EEamvzhdVb1uC_2N1mAG6FRX8xM0lYW8vdkh3RZimyESi3PoDWc5vLLBrSH0TjUN961VJbVVtXaxjR3jX_SPAQ4
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/static/BannerAdBannerPlacement.js?v=0.3.23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
a0f95dcad4811c2b85289326687f5e63764a1a24b5f8bd2d4ad59da3858f7992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
104
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 21:30:32 GMT
expires
Wed, 01 Nov 2023 21:30:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 9024 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/static/BannerAdBannerPlacement.js?v=0.3.23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 21:30:32 GMT
adview
adx.g.doubleclick.net/pagead/ Frame 9024
Redirect Chain
  • https://ghent-aws-fr.bidswitch.net/imp/0.112908/BSWhttps_A_B_Badx.g.doubleclick.net_Bpagead_Badview_Cai_RCo79VcsNCZbbaBda5nsEPh-OA0AO7x529c5yq-IH2EZEvEAEgg__3mH2D17ceB1ASgAYKpsYkDyAEJqQKa2VsA7m2yPq...
  • https://adx.g.doubleclick.net/pagead/adview?ai=Co79VcsNCZbbaBda5nsEPh-OA0AO7x529c5yq-IH2EZEvEAEgg_3mH2D17ceB1ASgAYKpsYkDyAEJqQKa2VsA7m2yPqgDAcgDmwSqBJICT9D-Ad-VahThHmjiA_0iKrfOPAJ879vn3Nw49MKvPkyQ3...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adx.g.doubleclick.net/pagead/adview?ai=Co79VcsNCZbbaBda5nsEPh-OA0AO7x529c5yq-IH2EZEvEAEgg_3mH2D17ceB1ASgAYKpsYkDyAEJqQKa2VsA7m2yPqgDAcgDmwSqBJICT9D-Ad-VahThHmjiA_0iKrfOPAJ879vn3Nw49MKvPkyQ3bq8MKQmeiaYb6PwyfW4Y6jMlR4oFasjaJcoPPFA0z-6J2YHaPYyOYLHIM4VAiF0xcjHRehwvAXKjB5jCKt8B2wdIUMeo65_9mlCgkQjzc1QrlDpllKO7kgyh93SzNDohUevKGD0IUKDTe-LuHloPaxvJ5qE48BAQk1XLfe9BjKssKXyT1gRw-NZ8ouvJsc9LF8jFoDqPcHcwvRqyklcMeMfcfBrIXfnqQ2R4zPCxfBpnq09X_F91bdDysIImO5rRi42chRDtLnVqins-uDxRUj-6lxmepBWVElEaZhXjrJMozh1lvQnl6-ZZyv1mfrP2cAEz8K10MAE4AQDiAWxtu7yTJIFBggDEAEYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGTIAH5tbOdqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKELmNBxj9xLj5AdIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggUYmlkZGVyLW9uZXRhZ18xODQ3MjGACgTICwGiDAwqCgoI5LSxAu61sQLaDBEKCxCglvbP_ryXtLUBEgIBA7ATyMSsFcgTlJvu4wPYEwqIFAXYFAHQFQGAFwGyFwgKBggAEgAYAOgXAQ&sigh=CJ3Jmb7YXkE&uach_m=[UACH]&ase=2&nis=4&pr=38:0.1129&cid=CAQSMgDICaaNV7xRmxTd6Lfzh9qLfk_fjTwQ3flJg7dSlUM7crEeCEjh2fl-rMlA3VgOHvHsGAE
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Location
https://adx.g.doubleclick.net/pagead/adview?ai=Co79VcsNCZbbaBda5nsEPh-OA0AO7x529c5yq-IH2EZEvEAEgg_3mH2D17ceB1ASgAYKpsYkDyAEJqQKa2VsA7m2yPqgDAcgDmwSqBJICT9D-Ad-VahThHmjiA_0iKrfOPAJ879vn3Nw49MKvPkyQ3bq8MKQmeiaYb6PwyfW4Y6jMlR4oFasjaJcoPPFA0z-6J2YHaPYyOYLHIM4VAiF0xcjHRehwvAXKjB5jCKt8B2wdIUMeo65_9mlCgkQjzc1QrlDpllKO7kgyh93SzNDohUevKGD0IUKDTe-LuHloPaxvJ5qE48BAQk1XLfe9BjKssKXyT1gRw-NZ8ouvJsc9LF8jFoDqPcHcwvRqyklcMeMfcfBrIXfnqQ2R4zPCxfBpnq09X_F91bdDysIImO5rRi42chRDtLnVqins-uDxRUj-6lxmepBWVElEaZhXjrJMozh1lvQnl6-ZZyv1mfrP2cAEz8K10MAE4AQDiAWxtu7yTJIFBggDEAEYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGTIAH5tbOdqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKELmNBxj9xLj5AdIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggUYmlkZGVyLW9uZXRhZ18xODQ3MjGACgTICwGiDAwqCgoI5LSxAu61sQLaDBEKCxCglvbP_ryXtLUBEgIBA7ATyMSsFcgTlJvu4wPYEwqIFAXYFAHQFQGAFwGyFwgKBggAEgAYAOgXAQ&sigh=CJ3Jmb7YXkE&uach_m=[UACH]&ase=2&nis=4&pr=38:0.1129&cid=CAQSMgDICaaNV7xRmxTd6Lfzh9qLfk_fjTwQ3flJg7dSlUM7crEeCEjh2fl-rMlA3VgOHvHsGAE
Date
Wed, 01 Nov 2023 21:30:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
/
onetag-sys.com/match/ Frame 9024
Redirect Chain
  • https://aws-fr-sync.bidswitch.net/sync?ssp=onetag&dsp_id=16&imp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=onetag&bsw_param=9a5353ba-e71e-4f61-9897-398e51822172&google_hm=OWE1MzUzYmEtZTcxZS00ZjYxLTk4OTctMzk4ZTUxODIyMTcy
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEAiOi5kFrbi1eFbIyJLOLEY&google_cver=1&ssp=onetag&bsw_param=9a5353ba-e71e-4f61-9897-398e51822172
  • https://onetag-sys.com/match/?int_id=30&uid=9a5353ba-e71e-4f61-9897-398e51822172&gdpr=&gdpr_consent=&us_privacy=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=9a5353ba-e71e-4f61-9897-398e51822172&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
//onetag-sys.com/match/?int_id=30&uid=9a5353ba-e71e-4f61-9897-398e51822172&gdpr=&gdpr_consent=&us_privacy=
date
Wed, 01 Nov 2023 21:30:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9024 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DyIO2jgwDMim-aRsyn29IbiI5ykDyUeBFrQ_WMcLVsB7cKsIbVldKZ1GK1U3javu4rMO7_IAxLX2HrKdJWQL0WnOQZ2vjwYWcPpI5osjQxNoi-dOM
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/static/BannerAdBannerPlacement.js?v=0.3.23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9024 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6058340457851914895&x=38&ct=76
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/static/BannerAdBannerPlacement.js?v=0.3.23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/analytics/ Frame 3F1C 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/analytics/
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/static/BannerAdBannerPlacement.js?v=0.3.23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://pastelink.net
strict-transport-security
max-age=15552000
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin, Referer, User-Agent, x-ak-clientip
content-length
0
/
onetag-sys.com/usync/ Frame 173F 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
29e62e3f4ac6ff8f0c0f77a4831f50c8b5f5b0fbf4e15fac20706403f18e77af
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1409
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
457.json
id5-sync.com/g/v2/ 		276 B
555 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/457.json
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
7383584b3df6b07b89f08428bdff19f3fad4c441b050086bc749120c61437c04
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Wed, 01 Nov 2023 21:30:31 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
usync.js
eus.rubiconproject.com/ Frame B93B 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6aad608c392bc7481be6731e6c486c32916ec8070612373d0628247c1545f5f6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 21:30:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Nov 2023 04:17:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=24388
Connection
keep-alive
Content-Length
11104
Expires
Thu, 02 Nov 2023 04:17:00 GMT
/
sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/ Frame AC0E
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F&rd=1
  • https://x.bidswitch.net/sync?ssp=richaudience&gdpr=0&gdpr_consent=&user_id=65a64357-3c42-402f-b9e1-1zz1698874221
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Drichaudience%26expires%3D3...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=6ba0b4a4-fbcf-5432-8913-f696ec5135ee&ssp=richaudience&expires=30&user_group=1&gdpr=0&gdpr_consent=
  • https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=9a5353ba-e71e-4f61-9897-398e51822172&gdpr=0&gdpr_consent=&us_ps=
95 B
377 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=9a5353ba-e71e-4f61-9897-398e51822172&gdpr=0&gdpr_consent=&us_ps=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.201.8.249 Ergolding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.8.201.138.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
image/png
date
Wed, 01 Nov 2023 21:30:22 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Wed, 01 Nov 2023 21:30:33 GMT
location
//sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=9a5353ba-e71e-4f61-9897-398e51822172&gdpr=0&gdpr_consent=&us_ps=
publishertag.prebid.144.js
static.criteo.net/js/ld/ 		96 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.144.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-1811e"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Nov 2023 21:30:32 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		391 B
220 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4190647440363764&correlator=2206685436008754&eid=31079165%2C31079302%2C31078530%2C31079371&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-edge-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600&fluid=height&ifi=23&didk=303733059&sfv=1-0-40&rcs=2&eri=1&sc=1&cookie=ID%3Dfba99a7232a66101%3AT%3D1698874228%3ART%3D1698874228%3AS%3DALNI_MY8n8m-YLz8RXr1tshiw0lvvLjb1w&gpic=UID%3D00000cb101e21ccf%3AT%3D1698874228%3ART%3D1698874228%3AS%3DALNI_MbZgk5tXHrda4k3l-TdZen-fsgnSQ&abxe=1&dt=1698874232197&lmt=1698874232&adxs=1440&adys=300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fpastelink.net%2F3t5ilv84&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGskpwxyPl0juW41j1rkrlLUQcvXvzA5mH222Y6atNDpOrr8h3eAFatle8b9o_FK8xUYBsoAICPC98x-_%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslS2Cp0wHjsM8BO_O5FssrnRkjVi_oiPlCW15OFUs3Y&ga_vid=1833405134.1698874225&ga_sid=1698874227&ga_hid=681257193&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQDgyNmI5NmYzY2FlODQyMjI1YmFkNDY5MGRmY2JlMzIyNDZiMGU2NDM5Mzk3YjllM2MyY2IwNDg0OGIwNzQyMWQY1ZWu5rgxSAASGwoMMzNhY3Jvc3MuY29tGKLyrea4MUgAUgIIZBIZCgpwdWJjaWQub3JnGKLyrea4MUgAUgIIZBIYCgl5YWhvby5jb20YqYCu5rgxSABSAghvEh0KDmVzcC5jcml0ZW8uY29tGKLyrea4MUgAUgIIZBIXCghydGJob3VzZRii8q3muDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pZGxwNlpqWjVOV3BUYUVkS2JVUlRZWFJMVlV3d1VUMDlJbjA9GISWrua4MUgAEhkKCnVpZGFwaS5jb20YovKt5rgxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjvkq7muDFIAFICCGo.&dlt=1698874223774&idt=3166&prev_scp=a%3D%257C0%257C%26iid1%3D517030417358950%26eid%3D517030417358950%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26as%3Drevenue%26plat%3D1%26bra%3Dmod182-c%26ic%3D3%26at%3Dbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D39%26al%3D1039%26compid%3D0%26tap%3Dpastelink_net-edge-2-517030417358950%26eb_br%3Dzero%26eba%3D1%26ebss%3D10061%26bv%3D11%26bvm%3D0%26bvr%3D1%26avc%3D38%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D0%26br2%3D44%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C6293%2C6294%2C6295%2C2693%2C3045%2C4276%2C18%2C1428%2C2693%2C3045%2C3052%2C3053%2C3856%2C4276%26lb%3D46%26reqt%3D1698874230926%26adxf%3D1%26ss38%3D1%26ss9%3D1&adks=3817599677&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
17f55b608b39e787cbd579ea79f451a8990ebb001424c188c1d9ba60b6f98584
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:32 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
144
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
RX-18b3309c-1213-4463-ae3b-59c8e198f501-003
sync.targeting.unrulymedia.com/csync/ Frame 8199
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://ad.turn.com/r/cs?pid=45&rndcb=5568543680
  • https://sync.1rx.io/usersync/turn/8975575225620531358?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-18b3309c-1213-4463-ae3b-59c8e198f501-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-18b3309c-1213-4463-ae3b-59c...
0
0
sd
eu-u.openx.net/w/1.0/ Frame A588
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6652614731716365000
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6652614731716365000
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:32 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6652614731716365000
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame A588 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=36e69ccf-9b4e-ce1c-1340-7ee5b8b1f3cc
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 21:30:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
P9VNJ1J5PEPAAC2J613R
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame A588 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=6e30e0b2-87e4-75e6-d34e-fc72d082382c&gdpr=0
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:32 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame A588 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDI1ZjMzNzgtNGU5My0yYjQyLWM2YWUtYTZjYjFhNjBmNjRj
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A588
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELxZ2ilGoM17QNAiuiL7PDo&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELxZ2ilGoM17QNAiuiL7PDo&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:32 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELxZ2ilGoM17QNAiuiL7PDo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6ba0b4a4-fbcf-5432-8913-f696ec5135ee
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame 5D7C
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=7719749994456075456
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/6ba0b4a4-fbcf-5432-8913-f696ec5135ee
0
602 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/6ba0b4a4-fbcf-5432-8913-f696ec5135ee
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81f73d56cfb00a7b-AMS
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 01 Nov 2023 21:30:33 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/betweenx/6ba0b4a4-fbcf-5432-8913-f696ec5135ee
khaos.json
token.rubiconproject.com/ Frame DF7D 		7 B
861 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
Expires
0
khaos.json
token.rubiconproject.com/ Frame 3DD9 		7 B
861 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
Expires
0
json
gum.criteo.com/sid/ Frame C343 		427 B
550 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertagids&domain=pastelink.net&sn=ChromeSyncframe&so=0&topUrl=pastelink.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=pastelink.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9fd9d2223b7b0b163d5872d630cc68ea05daa105e19c3a8de5981f20358b681c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=pastelink.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:32 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1447024
expires
0
img
sync.mathtag.com/sync/ Frame 1DBC 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1075 283b7e3 master zrh zrh-pixel-x30 config_version:"1369" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 21:30:32 GMT
Server
MT3 1075 283b7e3 master zrh zrh-pixel-x30 config_version:"1369"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Wed, 01 Nov 2023 21:30:31 GMT
pixel
cm.g.doubleclick.net/ Frame 1DBC
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi4zLjnFDG3v46ergPCXF70sONJMsuW9grg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi4zLjnFDG3v46ergPCXF70sONJMsuW9grg
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi4zLjnFDG3v46ergPCXF70sONJMsuW9grg
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ecm3
s.amazon-adsystem.com/ Frame 1DBC
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=pVPX59otmqzDVhQhObPKoLfUd06oqFIykmMUb0lopjk
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=pVPX59otmqzDVhQhObPKoLfUd06oqFIykmMUb0lopjk
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 21:30:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VWREDCX6TRQ60EGFFZ2J
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=pVPX59otmqzDVhQhObPKoLfUd06oqFIykmMUb0lopjk
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
generic
match.adsrvr.org/track/cmf/ Frame 1DBC 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:32 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
x.bidswitch.net/ Frame 1DBC 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.92.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-92-77.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 1DBC 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 1DBC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2393881630050333936
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2393881630050333936
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:32 GMT
an-x-request-uuid
59550b8a-2a2d-46ed-88fc-f577a529abd6
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2393881630050333936
x-proxy-origin
85.218.70.160; 85.218.70.160; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame 1DBC
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=47de23d1df628a2c2fd3b055dda898ca&gdpr_consent=&gdpr=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=47de23d1df628a2c2fd3b055dda898ca&gdpr_consent=&gdpr=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 21:30:32 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=47de23d1df628a2c2fd3b055dda898ca&gdpr_consent=&gdpr=1
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1698874232398045-520
Expires
Wed, 01 Nov 2023 21:30:32 GMT
tap.php
pixel.rubiconproject.com/ Frame 1DBC 		42 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=kGMBuMzSWhyP5gCYC9ZEXzlwBVAa5Cva2OCnSg0F5jQ
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
402fba8a82f093def2459220061c8d31
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ssbsync-global.smartadserver.com/api/ Frame 1DBC 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:31 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame 1DBC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ImgSync
image8.pubmatic.com/AdServer/ Frame 1DBC 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:31 GMT
content-length
0
/
onetag-sys.com/match/ Frame 1DBC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGIxpgxsnM_tw_mTjRTB17o&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGIxpgxsnM_tw_mTjRTB17o&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGIxpgxsnM_tw_mTjRTB17o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame 1DBC 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:32 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
kGMBuMzSWhyP5gCYC9ZEXzlwBVAa5Cva2OCnSg0F5jQ&gdpr=1&gdpr_consent=&us_privacy=
csync.smilewanted.com/set_partner_userid_get/onetag/ Frame 1DBC 		0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.smilewanted.com/set_partner_userid_get/onetag/kGMBuMzSWhyP5gCYC9ZEXzlwBVAa5Cva2OCnSg0F5jQ&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:32 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-credentials
true
cf-ray
81f73d5128860a7b-AMS
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
98b55351aa3a0461d6e279612aaee3346077920089d56b56a94757fdd4482976
csync.smilewanted.com/set_partner_userid_get/bizzclick/ Frame 03B1
Redirect Chain
  • https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
  • https://csync.smilewanted.com/set_partner_userid_get/bizzclick/98b55351aa3a0461d6e279612aaee3346077920089d56b56a94757fdd4482976
0
579 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/98b55351aa3a0461d6e279612aaee3346077920089d56b56a94757fdd4482976
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81f73d55be630a7b-AMS
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 01 Nov 2023 21:30:33 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Wed, 01 Nov 2023 21:30:33 GMT
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/98b55351aa3a0461d6e279612aaee3346077920089d56b56a94757fdd4482976
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
gen_204
pagead2.googlesyndication.com/pagead/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=cmpMet&pvsid=4190647440363764&vrg=202310310101&nw_id=1254144%5C%2C22405481091&nslots=9&eid=31079165%2C31079302%2C31078530%2C31079371&pub_url=https%3A%2F%2Fpastelink.net%2F3t5ilv84&fc=0&tcfv1=0&tcfv2=0&usp=0&ptt=17
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 3F1C 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4211a7606f8c484f8b30ecd2ce63912647fd7171afdc560d29b86be14ce2299a

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
6652614731716365000
csync.smilewanted.com/set_partner_userid_get/adform/ Frame 7960
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/6652614731716365000
0
448 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/6652614731716365000
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81f73d556df90a7b-AMS
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 01 Nov 2023 21:30:33 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Wed, 01 Nov 2023 21:30:33 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/6652614731716365000
server
nginx
async_usersync
ib.adnxs.com/ Frame 61DF 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:32 GMT
an-x-request-uuid
f2fb5dbd-c3c6-4a9a-934e-6a7a15ed01aa
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
85.218.70.160; 85.218.70.160; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
ads.smartstream.tv/cm/ Frame 82CE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm&gdpr=0
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&gdpr=0&google_gid=CAESEIeEeGsOqWH5bm_u2vwASkU&google_cver=1
0
0
pixel
cm.g.doubleclick.net/ Frame 82CE 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvJWxDB5IUBGP3EuPkBMAE&v=APEucNXnV3v_uUcF-QanxUNJOhh-KPb5EEamvzhdVb1uC_2N1mAG6FRX8xM0lYW8vdkh3RZimyESi3PoDWc5vLLBrSH0TjUN961VJbVVtXaxjR3jX_SPAQ4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
redirect
ssp-sync.criteo.com/user-sync/ Frame 7B3F 		0
0
getuid
cookiesync.api.bliink.io/ Frame 266B 		24 B
174 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cookiesync.api.bliink.io/getuid?url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbliink%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.205.65.172 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
172.65.205.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
80bd9f4f42e2a8fc72c3c71dbe5d2ae87241ec44d78689b5210018be6d3717cd

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-length
48
content-type
application/json
date
Wed, 01 Nov 2023 21:30:33 GMT
server
istio-envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
1
47de23d1df628a2c2fd3b055dda898ca
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame DA8E
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/47de23d1df628a2c2fd3b055dda898ca?gdpr_consent=&gdpr=0
0
678 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/47de23d1df628a2c2fd3b055dda898ca?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81f73d52eaa90a7b-AMS
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 01 Nov 2023 21:30:33 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Wed, 01 Nov 2023 21:30:32 GMT
Expires
Wed, 01 Nov 2023 21:30:32 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/47de23d1df628a2c2fd3b055dda898ca?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1698874232677039-522
ads
securepubads.g.doubleclick.net/gampad/ 		390 B
226 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4190647440363764&correlator=1342778464162524&eid=31079165%2C31079302%2C31078530%2C31079371&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-box-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=24&didk=3113487578&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dfba99a7232a66101%3AT%3D1698874228%3ART%3D1698874228%3AS%3DALNI_MY8n8m-YLz8RXr1tshiw0lvvLjb1w&gpic=UID%3D00000cb101e21ccf%3AT%3D1698874228%3ART%3D1698874228%3AS%3DALNI_MbZgk5tXHrda4k3l-TdZen-fsgnSQ&abxe=1&dt=1698874232682&lmt=1698874232&adxs=310&adys=556&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fpastelink.net%2F3t5ilv84&vis=1&psz=705x500&msz=705x500&fws=516&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGskpwxyPl0juW41j1rkrlLUQcvXvzA5mH222Y6atNDpOrr8h3eAFatle8b9o_FK8xUYBsoAICPC98x-_%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslS2Cp0wHjsM8BO_O5FssrnRkjVi_oiPlCW15OFUs3Y&ga_vid=1833405134.1698874225&ga_sid=1698874227&ga_hid=681257193&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQDgyNmI5NmYzY2FlODQyMjI1YmFkNDY5MGRmY2JlMzIyNDZiMGU2NDM5Mzk3YjllM2MyY2IwNDg0OGIwNzQyMWQY1ZWu5rgxSAASGwoMMzNhY3Jvc3MuY29tGKLyrea4MUgAUgIIZBIZCgpwdWJjaWQub3JnGKLyrea4MUgAUgIIZBIYCgl5YWhvby5jb20YqYCu5rgxSABSAghvEh0KDmVzcC5jcml0ZW8uY29tGKLyrea4MUgAUgIIZBIXCghydGJob3VzZRjBnq7muDFIAFICCGoSPgoFb3BlbngSLGV5SnBJam9pZGxwNlpqWjVOV3BUYUVkS2JVUlRZWFJMVlV3d1VUMDlJbjA9GISWrua4MUgAEhkKCnVpZGFwaS5jb20YovKt5rgxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjvkq7muDFIAFICCGo.&dlt=1698874223774&idt=3166&prev_scp=a%3D%257C0%257C%26iid1%3D780618487345719%26eid%3D780618487345719%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26as%3Drevenue%26plat%3D1%26bra%3Dmod182-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dt%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D2%26al%3D1002%26compid%3D0%26tap%3Dpastelink_net-box-3-780618487345719%26eb_br%3D3ba982fc4238dd4197b1d51b345478dc%26eba%3D1%26ebss%3D10061%26bv%3D11%26bvm%3D0%26bvr%3D1%26avc%3D38%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D50%26br2%3D50%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26icsticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3915%2C3919%2C3933%2C4184%2C4185%2C4186%2C4604%2C4605%2C5747%2C6044%2C6293%2C6294%2C6295%26nocompoverride%3D1%26bkfl%3D1&adks=1692205609&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
0e8dd856a2666594078acc102ef6f3066a059827c353c51cb7625331a41b1678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:33 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4190647440363764&correlator=2768591840661089&eid=31079165%2C31079302%2C31078530%2C31079371&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=25&didk=3113576587&sfv=1-0-40&rcs=2&eri=1&sc=1&cookie=ID%3Dfba99a7232a66101%3AT%3D1698874228%3ART%3D1698874228%3AS%3DALNI_MY8n8m-YLz8RXr1tshiw0lvvLjb1w&gpic=UID%3D00000cb101e21ccf%3AT%3D1698874228%3ART%3D1698874228%3AS%3DALNI_MbZgk5tXHrda4k3l-TdZen-fsgnSQ&abxe=1&dt=1698874232699&lmt=1698874232&adxs=1081&adys=473&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fpastelink.net%2F3t5ilv84&vis=1&psz=300x250&msz=300x0&fws=4&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGskpwxyPl0juW41j1rkrlLUQcvXvzA5mH222Y6atNDpOrr8h3eAFatle8b9o_FK8xUYBsoAICPC98x-_%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslS2Cp0wHjsM8BO_O5FssrnRkjVi_oiPlCW15OFUs3Y&ga_vid=1833405134.1698874225&ga_sid=1698874227&ga_hid=681257193&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQDgyNmI5NmYzY2FlODQyMjI1YmFkNDY5MGRmY2JlMzIyNDZiMGU2NDM5Mzk3YjllM2MyY2IwNDg0OGIwNzQyMWQY1ZWu5rgxSAASGwoMMzNhY3Jvc3MuY29tGKLyrea4MUgAUgIIZBIZCgpwdWJjaWQub3JnGKLyrea4MUgAUgIIZBIYCgl5YWhvby5jb20YqYCu5rgxSABSAghvEh0KDmVzcC5jcml0ZW8uY29tGKLyrea4MUgAUgIIZBIXCghydGJob3VzZRjBnq7muDFIAFICCGoSPgoFb3BlbngSLGV5SnBJam9pZGxwNlpqWjVOV3BUYUVkS2JVUlRZWFJMVlV3d1VUMDlJbjA9GISWrua4MUgAEhkKCnVpZGFwaS5jb20YovKt5rgxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjvkq7muDFIAFICCGo.&dlt=1698874223774&idt=3166&prev_scp=a%3D%257C0%257C%26iid1%3D5454654195382733%26eid%3D5454654195382733%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1106%26sap%3D1106%26as%3Drevenue%26plat%3D1%26bra%3Dmod182-c%26ic%3D3%26at%3Dbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dpastelink_net-box-1-5454654195382733%26eb_br%3D2e8b8c60843e52e5aaa1e3a52287a2bb%26eba%3D1%26ebss%3D10061%26bv%3D11%26bvm%3D0%26bvr%3D1%26avc%3D38%26shp%3D3%26ftsn%3D12%26ftsng%3D12%26br1%3D8%26br2%3D50%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C193%2C0%2C4%2C0%2C193%2C88%2C20%2C157%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C6293%2C6294%2C6295%2C19%2C2688%2C3045%2C4276%2C18%2C19%2C1428%2C2688%2C2693%2C3045%2C3052%2C3053%2C3856%2C4276%26hb_bidder%3Dyieldmo%26hb_adid%3D76a35295e2a6dc7%26hb_format%3Dbanner%26hb_ssid%3D11315%26hb_opt%3D0.08%26hb_rt%3Dclient%26lb%3D50%26reqt%3D1698874231225%26adxf%3D1%26nam%3D1%26ss38%3D1%26ss9%3D1&adks=2280168990&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
99f54e6bf6e29a540c9186a2be62d944f3df2619a4ade0da0aadd4ad0f4fcaf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:33 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11954
x-xss-protection
0
google-lineitem-id
5728075597
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138354426952
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid.gif
as.ck-ie.com/ Frame 3BCB 		0
0
khaos.json
token.rubiconproject.com/ Frame B93B 		7 B
861 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
Expires
0
img
sync.mathtag.com/sync/ Frame 173F 		43 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1075 283b7e3 master zrh zrh-pixel-x1 config_version:"1369" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 21:30:33 GMT
Server
MT3 1075 283b7e3 master zrh zrh-pixel-x1 config_version:"1369"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Wed, 01 Nov 2023 21:30:32 GMT
pixel
cm.g.doubleclick.net/ Frame 173F
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi4zLkO9NQVWUTrwyrrIOz1-bKl00huQI-g
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi4zLkO9NQVWUTrwyrrIOz1-bKl00huQI-g
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi4zLkO9NQVWUTrwyrrIOz1-bKl00huQI-g
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ecm3
s.amazon-adsystem.com/ Frame 173F
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=pVPX59otmqzDVhQhObPKoLfUd06oqFIykmMUb0lopjk
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=pVPX59otmqzDVhQhObPKoLfUd06oqFIykmMUb0lopjk
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 21:30:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XTMK4ZJABKZFX00D153A
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=pVPX59otmqzDVhQhObPKoLfUd06oqFIykmMUb0lopjk
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 173F
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=B3ABD658-6510-47A0-8543-FE669B89DF5B
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=B3ABD658-6510-47A0-8543-FE669B89DF5B
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=B3ABD658-6510-47A0-8543-FE669B89DF5B
date
Wed, 01 Nov 2023 21:30:32 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
generic
match.adsrvr.org/track/cmf/ Frame 173F 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:33 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
onetag-sys.com/match/ Frame 173F
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LOG9UQG6-5-KAQ8&gdpr=0
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LOG9UQG6-5-KAQ8&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LOG9UQG6-5-KAQ8&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
Expires
0
/
onetag-sys.com/match/ Frame 173F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2393881630050333936
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2393881630050333936
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:33 GMT
an-x-request-uuid
47e91224-7921-4136-98fa-1a8e85f8036d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2393881630050333936
x-proxy-origin
85.218.70.160; 85.218.70.160; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame 173F
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=47de23d1df628a2c2fd3b055dda898ca&gdpr_consent=&gdpr=0
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=47de23d1df628a2c2fd3b055dda898ca&gdpr_consent=&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 21:30:33 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=47de23d1df628a2c2fd3b055dda898ca&gdpr_consent=&gdpr=0
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1698874232986022-505
Expires
Wed, 01 Nov 2023 21:30:33 GMT
tap.php
pixel.rubiconproject.com/ Frame 173F 		42 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=dKCPGFN8wbZ5AAkhfU8eqlfXaZkxd4tV_v3DL8lFdEQ
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
402fba8a82f093def2459220061c8d31
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 173F
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=4620150274202798648
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=4620150274202798648
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=4620150274202798648
date
Wed, 01 Nov 2023 21:30:32 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame 173F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
onetag-sys.com/match/ Frame 173F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGIxpgxsnM_tw_mTjRTB17o&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGIxpgxsnM_tw_mTjRTB17o&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGIxpgxsnM_tw_mTjRTB17o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 173F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-2RM.RndE2uHNQelEy.NdvN.v7Aqj0uompIy9nrQ-~A
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-2RM.RndE2uHNQelEy.NdvN.v7Aqj0uompIy9nrQ-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-2RM.RndE2uHNQelEy.NdvN.v7Aqj0uompIy9nrQ-~A
date
Wed, 01 Nov 2023 21:30:33 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 173F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=onetag&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=onetag&gdpr=0&user_id=E2ImqUZkJaMIYyX_HGQ_q0c2Ja4IMSL4EmeQexhC
  • https://onetag-sys.com/match/?int_id=30&uid=9a5353ba-e71e-4f61-9897-398e51822172&gdpr=0&gdpr_consent=&us_privacy=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=9a5353ba-e71e-4f61-9897-398e51822172&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
//onetag-sys.com/match/?int_id=30&uid=9a5353ba-e71e-4f61-9897-398e51822172&gdpr=0&gdpr_consent=&us_privacy=
date
Wed, 01 Nov 2023 21:30:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
ping
onetag-sys.com/v2/ Frame 3F1C 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/v2/ping?data=hZtrnkzv_CQvcR6h967m6zaFwC3ApiZ3wTbLKsBajimtQTcFZIIgtVLv0pKoGfi59nhiVB3kT5G36MAgSKebaNnfXEGapyCwBv8HkZm7NBy8jDvi2iMCtDv0nZO23LwZSGlzDfq3W94nEnJOgbrIah2HO9O3q_SG8W9DDMN-hnchcjoOc1GwNcNY8beq6EoXiZClPM0xnYHc6ArDLnp9o_hywxzOXX_RwHdt9oHV072sXBYWRVRYSYQWX-uRxCQcHngD9ynr7IQbYQKiApRdm3FeugzSdEJKgWCQGnq67FTp1VGbZVj4-sROmnw3yO2VYK18UyFtK0940Cj2gIRXWvm3R2ZYSjt0hnxPNOLXCe8Iv-1Tm5aTvxPruAGFRAsWcnIrd2KZKJ0_vqHuVdWQpz76edlpyrmvxrMpRDRODD81EPmOAR-aX8oae_otDOoD4149IlqEYxbl57I3PTHyrox-VE_H3p-hsTKh1UcoilxMLjfHaEMRcPzXhnR7bCAWU7SPjkfL5CK4-L7qiMtvFo6fCGVYGMb3SNayhW5IKcqB8UANi5LXLmMko0apDLMlFE9v9VcZR_tn87aHTy8tmUHvmTrKeJfwjtnEhiSMFb25hNfp4rU9n41n3RbJiEkcWHY1j-Osdxp3bBswx1SfImu-0GAOMoFje-4zg84IvnYuf2m1NwuXyeXfMYyXlU_pMOXhgOlj5nYbm3Mq7OFl1g&event=1&price=&click=
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
ping
onetag-sys.com/v2/ Frame 3F1C 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/v2/ping?data=hZtrnkzv_CQvcR6h967m6zaFwC3ApiZ3wTbLKsBajimtQTcFZIIgtVLv0pKoGfi59nhiVB3kT5G36MAgSKebaNnfXEGapyCwBv8HkZm7NBy8jDvi2iMCtDv0nZO23LwZSGlzDfq3W94nEnJOgbrIah2HO9O3q_SG8W9DDMN-hnchcjoOc1GwNcNY8beq6EoXiZClPM0xnYHc6ArDLnp9o_hywxzOXX_RwHdt9oHV072sXBYWRVRYSYQWX-uRxCQcHngD9ynr7IQbYQKiApRdm3FeugzSdEJKgWCQGnq67FTp1VGbZVj4-sROmnw3yO2VYK18UyFtK0940Cj2gIRXWvm3R2ZYSjt0hnxPNOLXCe8Iv-1Tm5aTvxPruAGFRAsWcnIrd2KZKJ0_vqHuVdWQpz76edlpyrmvxrMpRDRODD81EPmOAR-aX8oae_otDOoD4149IlqEYxbl57I3PTHyrox-VE_H3p-hsTKh1UcoilxMLjfHaEMRcPzXhnR7bCAWU7SPjkfL5CK4-L7qiMtvFo6fCGVYGMb3SNayhW5IKcqB8UANi5LXLmMko0apDLMlFE9v9VcZR_tn87aHTy8tmUHvmTrKeJfwjtnEhiSMFb25hNfp4rU9n41n3RbJiEkcWHY1j-Osdxp3bBswx1SfImu-0GAOMoFje-4zg84IvnYuf2m1NwuXyeXfMYyXlU_pMOXhgOlj5nYbm3Mq7OFl1g&event=287&price=&click=
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9024 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9074846921229&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9024 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9074846921229&version=m202309260101&ct=76&x=38&cor=6058340457851915000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 9024 		90 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DXW_oWM8GnWTeFH2KYjz-uwDCWxSNhZ3AcmT22q64F2YhnZgvYZC1QW4vuI0qgqS_G9IWv1N6is6wdp14h0ijvsVu_luyoynhJc7rgFmmuE-23ZHDt3vIxoKXIHeg8-Qu60seTmTva2JSehj68o0uZLeH8sewUFzRaarHNjf0xIy734AQ&dbm_d=AKAmf-BnwMbyoEZw2enQqwQ29odNGoHBrD-1JJsq0YCPHQP6R4dbJfh96uwfaVorZEFYdwdo2yth-MH6iry0CgS1MSwJPSxyEEW4S9qfMkCxzskYt0MZgGEFQOKQ2VcdxPY7A4YFj7UoEIRZa1rAUVk9s_BbHgVhf9SRJEsyown1lg8l9L-HW3Q-GGHeuCQCnSMo3Pl6NSKWjOdOXr4nUJqWlVvngZKXO_U9navKH6MgX40axHGHrbRhU4C5ReK-mj95W-KQWzH2uc3ukYKNTINPvR4Zaj4y4vTWczxrMzWtuDCnOh-mVmo94ZueZlKXinaKn8PsE_oBbmWvJVq5XtoCyzPQEYeYekxXcQ0V4YLoqMOsPe9eFn2qzu2l73jf8oqv6eumW3VKvZ1IgbW0wyq-BxC9iLJofUoSFS0Bn9H3fIDfTGVISIHnsDmY98qxpdy3pYzFR_N3AmeFYn5oeGcDK2tDrAafvhuoVmOCxRmnvsAQjj43GnpjLn9U5JzxK3VA6Bw2i9_szOAud5mpEoIZueLhW9eJX_w5nGvXsY5Sn2e4rnFAjZQaX1SEIbX1YX1WFLxhApF6oKDlDishe9C93jjfn_ZGf8r2MX3d1KpgRF7X75ew32fKmA9v4DKVxCdlL6pX_7ONsaU4TY_KfnhYnIcoFvXMcipGdh4KTe_QWK5bNOcH710c4FcdMDhHzhcj1kUYhVF2wfsfHVccvSsiq461OaQcNB8oZQaRk2Kl7ICRMboyOMN5pbGYSNqXAQ9rK5-RxKMQYDoU0dQZS2acOPQWmN691ff2tOYo0b1amTK6gvKyY0cmQO6PNA8iocl3UKCa4hBLmS13E55b7ff6avvXZQ1ZJMLD4TaVkWLe3U6KeeI8y4jDV_rIarzH5tF-9CisV733KY3hFDgjozE9dNPo24PO9n6lRVvLQnFwHcY5E0FOEvBf2rSI3m--gJI5ip27NN-sQaTmCJ_jCGCu3Vo7UZIF5UyLVsTR5k8gSbX54x2bsn7LCXGfs3UOJabeX_gct8Q-hk-bnh0_UetQgK96eVamTOElT_iAY_uKLx_lHY51p0q6w1gOGurCXIDkZzSgDYcvEwmrWzlAM3JO69XKWwexapfyWlrj9Yb7pc2hhcPIyNKG41uvE8bST5aRpLCaoY9CNPBW5VWe7ZO4UZRZB0yB513_QE8fQHIxGbVkrxVbwPca_yyxMVE3ExEZ4hRsG0RjFO6KmolRVrkpKQZHhf-J9xmdmsHOcuBWML3c0bFsUALkit86OCoXaxaK7uZqSzRQo7RcYLL4eQIQBnM9FFEpi8l35Ud9ssBcP5pmJ0B4UG8OE3ubBEIR3BfDxrA9cYP4BrCvEzgc-qNV0XwICx7wbqmZlLdIlToEoyTENRAaPqyuLtT0aD8Ln6Cw_jF5k9l4dJnBriFWKJLt1wWdkiI0sV9p5Dp5BPatoMhAGKTuFRn4DHVHPhDkf5lhBAvgNyL_aRLbY9pRC9kvdQWmc0GTvwX-wyTwOPJlXjrjdDUt3ywPmXi9V1XUlfcVvlDtUvfnODhLZGAaKAJ2bLRNwdcdDeCiv5hwppeZSnM6d-buIw9EVB8HXzavpEbfmtxVkeLygJY4SHwYlP8k5OupGirFtcOFFBFVorTjB2Vxna9ooWqYtVoOyEGFbhAspGLGiZfLL7Qwtt-XFVgafAKrCDlHp0LEnDTEQEkmDShOjfW3-ddp9_tfGrH_7IEXtRBAQz6_RtCvTI9yop_3nVZzAe3taxoqgs4mIPYPSfl-NN_pHzxBbDMz90pdxP7JX5lSpYju-JEACZ8CO9ymyHhW2Y0oG7tgfRmdY8KL0WPsXktY8Zsm6yHdIwfxkoliuyIdeK-K1PPMRfMlMnyOz3pgXWFQ6tXTJFypA6TeQNQfAFroiFO2L0w3ieym2qlAmwX4JYYb52ZJ2UPRlLGWIvDc9rBARbC7RtBUzUQcQs2ohBf6BBVPRijUDtfPKKHEv0EY2PD_k_S2P7ItNzp7sVYWsq-4FCars9FbfBYmV4VPfBrdmrTY69ZYvCicwumS9yp7jhczd86TGhKW116V0OjKU3xzdSTTlC_vxhfGnOsaojpfN6gmP4U3-KdTxU2pG6xncM3MIMCaxg-bJnLpMtzzeTkhb9wYbaT3CnwQpqBDKvvscuW98vL5vog4m3LCuDhET8-TQUBkDU27vvkmBrvvcOs6XP-gX160kL2iNjiW4Zea211v45a3iLe28hqBvvthXNSb7GXaok6UcLlNSxHmnctv0YtXsMa3dfAgcKnogE5m1EK7V5WpupRU2TpbeopkVDVIxOoePDT05kocg3qPzfyyQaqaBeUqRkqWK043Z7dCKHTgJfVop8zhBhaOY3eekfhxOyWHXE1UxhfTahfYAZW7vIaxl56KSn2Gluoys81Kk9TYz_lJ59FKEKfz2FrU-O14f4gAxaL-qoiPhoi_6pic_r2e-eNcANPm38xHYycD2UoyZVs4glBGw3j-Bt6Y5n8q1qpXNatzAM86Vn4YNUQyT28eVrtypaJCi5e8g1A8VHnXNs6cdLFu7ITTS99a-21WF7w4ds9G1khB1WLLuuPSLLRn765LfoD-jZcttZ2Y2faBX92fX0YgVEbk9r18Ir6s1Z4i-gXvzbLPoPePXXGSfLFb4ej_pWYJHBzDPlk-munJLOquTRHTiI_SNqw4nGRHcApxCwKx3CSzOrSp41bw3WiY54iwijXPxOjd0nZy4-qTpmLCFZS_a_hHQhjWp3vOmD-x1P8zkBYYNYftUsq6VulOobdgtqiiqkaVrpuhqWLRrwuLdjD78vnurhrDH4OjGd11yGTHBaXytnacwtDhgVX9RG7kH4gft79ZEjIWpeWL0IAdQTDLeq4TLjuKzSe7LCFbfyDsZlnOg-tH4MxREhm-aBusrJyZ1NZ0LgBmmG89MsI8SbnIjUSzVbQdqQ1eMTMbybGLu2PITlFwqtaVUN4eYMhgS1dew2MQt_I4xbHjhyqPT6GeLgpcVgqeiU9G-UBe1vce69pbvJLyaKpN9RkDZ2AlU8PIxmOctmSMlmyrkJAR_aEQcn4FeYgpDbe55smlX5wxNShuVcIzt0oshBpcl52P4K4i9nJ4qwXJ2snogJn2CEHhJRVQejHIbHq5k2L_3hp102qTkcCPPxZ3Iw1jrHGs6P1BFT_RCv2eeYXHIAssjo7XQTtgIxRRWkN8nI6_9l-AKfYxGSiQBlfcV2qgPqnK2BCgIRxxAuqeZM8SyNd41qJS_cdRLN9xh7Z1WdiJdU3uThWlfOrZS0sng1pAXwF371wud-CJM-kF9SWJ4WIRX9O2-paf4GxKob977wpgz1Z14Mzz0gWm3aAGN8NAaRQWDD5PecumUsavKB3Cwv06GEesbeJopCWxD9kFFeL41ppJMooAezPzRllYxtQyMetMge-Bj0NASlKvUGnaP0YHu-0wBsrPaDS_7ZSTe0QsFe_UxMHyl9l0aXtZoaV39bQQc-k4vCVbfctjtUrgFzKFnEnQEgfniYWCXLOXX0dm7UBiJWNIjq62ar52i70SO897uSN0I0JAUrvjwSSKxyySLFZrJ5qxp9R41eXaxw_Nw6bFLUbDoyf9xGpdPXXiT6kVfoHp3XSNLeii6SSGAD07hc2KmiP4zgyA6QdeFkMQoOo5jokn8VY1xpcEKlrmk2oId8y2ocKlWK1yfp_dARoz-rw-f569N7QsOzvlIIb1FmoHvvj-sBL_6m-ndfNt90H-dTLpv_Ep8soUqsM&cid=CAQSMgDICaaNV7xRmxTd6Lfzh9qLfk_fjTwQ3flJg7dSlUM7crEeCEjh2fl-rMlA3VgOHvHsGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fpastelink.net%2F3t5ilv84&ds=l&xdt=0&iif=1&cor=6058340457851915000&adk=3471343377&idt=231&cac=0&dtd=399
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
1f6ee50b8a05156cb9a14189cf2062108df86b13b92c1abf1e466dda6a16c42b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38400
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 3DD9
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr=0&gdpr_consent=&gdpr=0&khaos=LOG9UQG6-5-KAQ8
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LOG9UQG6-5-KAQ8&name=RUBICON&gdpr=0
49 B
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LOG9UQG6-5-KAQ8&name=RUBICON&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H2
Server
3.248.171.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-171-173.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:33 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
8
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LOG9UQG6-5-KAQ8&name=RUBICON&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
Expires
0
army.gif
g.ezoic.net/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTE3MDMwNDE3MzU4OTUwIiwiZG9tYWluX2lkIjoiMjUxNzg2IiwidW5pdCI6ImRpdi1ncHQtYWQtcGFzdGVsaW5rX25ldC1lZGdlLTItMCIsInRfZXBvY2giOjE2OTg4NzQyMjQsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImE2NjA1MTIwLTU1MTYtNGU2Yy01NTMyLTQ3MjI4ZmU1MTdhYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMyJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Wed, 01 Nov 2023 21:30:33 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 31 Oct 2023 21:30:33 GMT
sync
vid.vidoomy.com/ Frame A480 		0
0
ads
securepubads.g.doubleclick.net/gampad/ 		398 B
229 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4190647440363764&correlator=536641555947957&eid=31079165%2C31079302%2C31078530%2C31079371&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ifi=26&didk=4157619326&sfv=1-0-40&rcs=3&eri=1&sc=1&cookie=ID%3Dfba99a7232a66101%3AT%3D1698874228%3ART%3D1698874228%3AS%3DALNI_MY8n8m-YLz8RXr1tshiw0lvvLjb1w&gpic=UID%3D00000cb101e21ccf%3AT%3D1698874228%3ART%3D1698874228%3AS%3DALNI_MbZgk5tXHrda4k3l-TdZen-fsgnSQ&abxe=1&dt=1698874233440&lmt=1698874233&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fpastelink.net%2F3t5ilv84&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsnk7un_BIWKc6VjP8oA-vcGPK5z9CAZMQpoMP3vUx0CZ7oWipRIruDJa3Ze5Up463nyEH_N2VlbvLb4%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGskpwxyPl0juW41j1rkrlLUQcvXvzA5mH222Y6atNDpOrr8h3eAFatle8b9o_FK8xUYBsoAICPC98x-_%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslS2Cp0wHjsM8BO_O5FssrnRkjVi_oiPlCW15OFUs3Y&ga_vid=1833405134.1698874225&ga_sid=1698874227&ga_hid=681257193&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQDgyNmI5NmYzY2FlODQyMjI1YmFkNDY5MGRmY2JlMzIyNDZiMGU2NDM5Mzk3YjllM2MyY2IwNDg0OGIwNzQyMWQY1ZWu5rgxSAASGwoMMzNhY3Jvc3MuY29tGKLyrea4MUgAUgIIZBIZCgpwdWJjaWQub3JnGKLyrea4MUgAUgIIZBIYCgl5YWhvby5jb20YqYCu5rgxSABSAghvEh0KDmVzcC5jcml0ZW8uY29tGKLyrea4MUgAUgIIZBIXCghydGJob3VzZRjBnq7muDFIAFICCGoSPgoFb3BlbngSLGV5SnBJam9pZGxwNlpqWjVOV3BUYUVkS2JVUlRZWFJMVlV3d1VUMDlJbjA9GISWrua4MUgAEhkKCnVpZGFwaS5jb20YovKt5rgxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjvkq7muDFIAFICCGo.&dlt=1698874223774&idt=3166&prev_scp=a%3D%257C0%257C%26iid1%3D789403421351814%26eid%3D789403421351814%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod182-c%26ic%3D4%26at%3Dbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dpastelink_net-medrectangle-2-789403421351814%26eb_br%3Dzero%26eba%3D1%26ebss%3D10061%26bv%3D12%26bvm%3D0%26bvr%3D2%26avc%3D38%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D0%26br2%3D70%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C193%2C0%2C4%2C0%2C193%2C142%2C20%2C157%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C4605%2C5747%2C6293%2C6294%2C6295%2C19%2C2610%2C2688%2C3045%2C18%2C19%2C1428%2C2610%2C2688%2C2693%2C3045%2C3052%2C3053%2C3856%2C4276%2C18%2C19%2C1428%2C2610%2C2688%2C2693%2C3045%2C3052%2C3053%2C3856%2C4276%26lb%3D6%26reqt%3D1698874233263%26adxf%3D1%26ss38%3D1%26ss9%3D1&adks=3667244470&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9c1bfcfd90e51667dd83611f66654ea832bf5833b32abecc5501ec19c39b5993
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:33 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4BBD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZrX5NPT6Hk2hC2KjThY2Q37lxXQlY5yzDKtHPCfi2uU6dDc-CSUGE56_LvqirYt9PLCgqTTKG3nGARm6DNT8o2CODGDVaC8CrfQW_-Tr9lk0ZP_aQf0Jk2BcKyqPc19QNMCfSD14bXtHRduPiRhU7tx6Uy_1ts327rjW2EbB-zhnh76MIt1ETHygeYd8xTFKAmitjmAvU_eJ1bJYo4JalhHeB1RvpguH55q15FywlH00mb5aOjDYINc0sEz7iCYn_m3hWR9r-zqmIt-pS2JeGJSrA0PZbqtqy7wahbmegBtZJpDWxrNWctS5jXzjuuK7y7BYScX2_R5vHERcRJj77D-rWI9hNqCPuEBhiMq9ESaOv9dXMb85jQg&sai=AMfl-YQ-IDC5aKRbbo4vFQkeo9PHzSmha_XTWcG438brTphCjmmVDCec3Gf9dsITvmg6dc0McvETD-A6YN0r3o4IGjqJlEZTb7iQ0AcUOgYYw6ahjBY4Wo2qC0i5o_B_hBo&sig=Cg0ArKJSzC2eq6NHLc63EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
BannerAdBannerPlacement.js
onetag-sys.com/static/ Frame 4BBD 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/static/BannerAdBannerPlacement.js?v=0.3.23
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
d8a73607bb37cfd6ada8a3bcdd55aa671988b829b76e9d15833885b8a94f7bf9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Mon, 01 Jan 2046 12:34:56 GMT
strict-transport-security
max-age=15552000
cache-control
public, max-age=2628000, immutable
content-encoding
gzip
content-length
8618
vary
accept-encoding
content-type
application/javascript
army.gif
g.ezoic.net/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTY5NDMzMDY4MzQxMTgyOSIsImRvbWFpbl9pZCI6IjI1MTc4NiIsInVuaXQiOiJkaXYtZ3B0LWFkLXBhc3RlbGlua19uZXQtbGFyZ2UtYmlsbGJvYXJkLTItMCIsInRfZXBvY2giOjE2OTg4NzQyMjQsInJldmVudWUiOjAuMDAwMDc4MTUwNzI3MiwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTA4LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDAwNzgxNTA3MjcyLCJiaWRfZmxvb3JfcHJldiI6Niwic3RhdF9zb3VyY2VfaWQiOjExMjkxLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYTY2MDUxMjAtNTUxNi00ZTZjLTU1MzItNDcyMjhmZTUxN2FiIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InN0YXRfc291cmNlX2lkIiwidmFsIjoiMTEyOTEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjU2OTQzMzA2ODM0MTE4MjkiLCJkb21haW5faWQiOiIyNTE3ODYiLCJ1bml0IjoiZGl2LWdwdC1hZC1wYXN0ZWxpbmtfbmV0LWxhcmdlLWJpbGxib2FyZC0yLTAiLCJ0X2Vwb2NoIjoxNjk4ODc0MjI0LCJyZXZlbnVlIjowLjAwMDA3ODE1MDcyNzIsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwOCwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMDc4MTUwNzI3MiwiYmlkX2Zsb29yX3ByZXYiOjYsInN0YXRfc291cmNlX2lkIjoxMTI5MSwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImE2NjA1MTIwLTU1MTYtNGU2Yy01NTMyLTQ3MjI4ZmU1MTdhYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI1Njk0MzMwNjgzNDExODI5IiwiZG9tYWluX2lkIjoiMjUxNzg2IiwidW5pdCI6ImRpdi1ncHQtYWQtcGFzdGVsaW5rX25ldC1sYXJnZS1iaWxsYm9hcmQtMi0wIiwidF9lcG9jaCI6MTY5ODg3NDIyNCwiYWRfcG9zaXRpb24iOjExMDgsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYTY2MDUxMjAtNTUxNi00ZTZjLTU1MzItNDcyMjhmZTUxN2FiIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6IjMzZGQ1MjNmOGU0ZGRhMTU4ZjBhYTk5Njg2ZGRhN2YyIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI1Njk0MzMwNjgzNDExODI5IiwiZG9tYWluX2lkIjoiMjUxNzg2IiwidW5pdCI6ImRpdi1ncHQtYWQtcGFzdGVsaW5rX25ldC1sYXJnZS1iaWxsYm9hcmQtMi0wIiwidF9lcG9jaCI6MTY5ODg3NDIyNCwiYWRfcG9zaXRpb24iOjExMDgsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYTY2MDUxMjAtNTUxNi00ZTZjLTU1MzItNDcyMjhmZTUxN2FiIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6Im1lZGlhX3R5cGUiLCJ2YWwiOiJiYW5uZXIifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjU2OTQzMzA2ODM0MTE4MjkiLCJkb21haW5faWQiOiIyNTE3ODYiLCJ1bml0IjoiZGl2LWdwdC1hZC1wYXN0ZWxpbmtfbmV0LWxhcmdlLWJpbGxib2FyZC0yLTAiLCJ0X2Vwb2NoIjoxNjk4ODc0MjI0LCJhZF9wb3NpdGlvbiI6MTEwOCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJhNjYwNTEyMC01NTE2LTRlNmMtNTUzMi00NzIyOGZlNTE3YWIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicHJlYmlkX3NvdXJjZSIsInZhbCI6ImNsaWVudCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Wed, 01 Nov 2023 21:30:34 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 31 Oct 2023 21:30:34 GMT
army.gif
g.ezoic.net/porpoiseant/ 		0
62 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTY5NDMzMDY4MzQxMTgyOSIsImRvbWFpbl9pZCI6IjI1MTc4NiIsInVuaXQiOiJkaXYtZ3B0LWFkLXBhc3RlbGlua19uZXQtbGFyZ2UtYmlsbGJvYXJkLTItMCIsInRfZXBvY2giOjE2OTg4NzQyMjQsImFkX3Bvc2l0aW9uIjoxMTA4LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImE2NjA1MTIwLTU1MTYtNGU2Yy01NTMyLTQ3MjI4ZmU1MTdhYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMyJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Wed, 01 Nov 2023 21:30:34 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 31 Oct 2023 21:30:34 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4BBD 		188 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60393
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698666127188353"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Nov 2023 21:30:33 GMT
ping
onetag-sys.com/v2/ Frame 4BBD 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/v2/ping?data=hZtrnkzv_CQvcR6h967m6zaFwC3ApiZ3wTbLKsBajimtQTcFZIIgtVLv0pKoGfi59nhiVB3kT5G36MAgSKebaNnfXEGapyCwBv8HkZm7NBy8jDvi2iMCtDv0nZO23LwZSGlzDfq3W94nEnJOgbrIah2HO9O3q_SG8W9DDMN-hneKwdzzBts134s3MBK8j6MfcN5B1qHKja-vx8H355iaDSBj7B3jupGeRp2Gqu0PoeZgdHN_GF5Uou6Yv5UKexSwq1v5b-gcrg1eehBCNnRVkvqBmpq8R1_ExL5AoxBrJYsxi7t2kfDAUaENP_4CzdCxbbDKQRhFAfLgqKNmrFLYe5-CBrTYBO6mLcjmAEN4juORFy2I44xienuWN_D59atlcnIrd2KZKJ0_vqHuVdWQpz76edlpyrmvxrMpRDRODD9aD5LupCxe8-6MSZchcWIkqSStOMlJrce4F4Cl4OTLTQyUEJIHl3efHBc8zHf1mFJHNVTb-Von9l_f7ccORBSC-GPS4VdFd3gpns7-AG5nrzL3GDK4IjQWBF9_fo0uDwccSDRvsTkQyyDVj7-VmzwdUniX2Y1OuRAWg3ECBSbKJqoGdnkawT5PFwF5HzNLHatJEwuwmNOo42Cx4qQdQNV1PGPlJqBDicy4b6RVpgJdj-o0hKWcTIblHCIPaLICU8TKkConJuNJDNdfa0vygOXtVd7UasMcRdmmfnS20rMpBw&event=115&price=&click=
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
army.gif
g.ezoic.net/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTY5NDMzMDY4MzQxMTgyOSIsImRvbWFpbl9pZCI6IjI1MTc4NiIsInVuaXQiOiJkaXYtZ3B0LWFkLXBhc3RlbGlua19uZXQtbGFyZ2UtYmlsbGJvYXJkLTItMCIsInRfZXBvY2giOjE2OTg4NzQyMjQsImFkX3Bvc2l0aW9uIjoxMTA4LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImE2NjA1MTIwLTU1MTYtNGU2Yy01NTMyLTQ3MjI4ZmU1MTdhYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NTcyODA3NTU5NywiY3JlYXRpdmVfaWQiOjEzODM1NDQyNjk4OCwiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzU0NDI2OTg4In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI1Njk0MzMwNjgzNDExODI5IiwiZG9tYWluX2lkIjoiMjUxNzg2IiwidW5pdCI6ImRpdi1ncHQtYWQtcGFzdGVsaW5rX25ldC1sYXJnZS1iaWxsYm9hcmQtMi0wIiwidF9lcG9jaCI6MTY5ODg3NDIyNCwiYWRfcG9zaXRpb24iOjExMDgsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYTY2MDUxMjAtNTUxNi00ZTZjLTU1MzItNDcyMjhmZTUxN2FiIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo1NzI4MDc1NTk3LCJjcmVhdGl2ZV9pZCI6MTM4MzU0NDI2OTg4LCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiI1NzI4MDc1NTk3In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Wed, 01 Nov 2023 21:30:33 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 31 Oct 2023 21:30:33 GMT
5728075597
go.ezodn.com/dac/ 		0
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/dac/5728075597
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/porpoiseant/banger.js?cb=195-0&bv=279&v=100&PageSpeed=off
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.137.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1072
alt-svc
h3=":443"; ma=86400
content-length
0
last-modified
Wed, 01 Nov 2023 21:11:29 GMT
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
text/plain
access-control-allow-origin
https://pastelink.net
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XT42sHPqi9WjBMdOIiWkMnwuUo9bxoh%2BM6f52Z%2BELkN4mqrsM4fNctP57FHsDHHHWF28rxqKTic4gHSv4UEsnKS0dN2%2FmNsyhbwBHJYAbE452SKoQDC9EHfTq21i6PA%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
access-control-allow-credentials
true
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
accept-ranges
bytes
cf-ray
81f73d574ed36698-AMS
access-control-allow-headers
Content-Type
army.gif
g.ezoic.net/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTY5NDMzMDY4MzQxMTgyOSIsImRvbWFpbl9pZCI6IjI1MTc4NiIsInVuaXQiOiJkaXYtZ3B0LWFkLXBhc3RlbGlua19uZXQtbGFyZ2UtYmlsbGJvYXJkLTItMCIsInRfZXBvY2giOjE2OTg4NzQyMjQsImFkX3Bvc2l0aW9uIjoxMTA4LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImE2NjA1MTIwLTU1MTYtNGU2Yy01NTMyLTQ3MjI4ZmU1MTdhYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NTcyODA3NTU5NywiY3JlYXRpdmVfaWQiOjEzODM1NDQyNjk4OCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMTEtMDEifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIyMiJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIzIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii02MCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Wed, 01 Nov 2023 21:30:34 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 31 Oct 2023 21:30:34 GMT
army.gif
g.ezoic.net/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNTY5NDMzMDY4MzQxMTgyOSIsImRvbWFpbl9pZCI6IjI1MTc4NiIsInVuaXQiOiJkaXYtZ3B0LWFkLXBhc3RlbGlua19uZXQtbGFyZ2UtYmlsbGJvYXJkLTItMCIsInRfZXBvY2giOjE2OTg4NzQyMjQsImF1Y3Rpb25fZXBvY2giOjE2OTg4NzQyMzMsImFkX3Bvc2l0aW9uIjoxMTA4LCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYTY2MDUxMjAtNTUxNi00ZTZjLTU1MzItNDcyMjhmZTUxN2FiIiwiYmlkX2Zsb29yX2luaXRpYWwiOjkwLCJiaWRfZmxvb3JfcHJldiI6NDYsImJpZF9mbG9vcl9maWxsZWQiOjAsImF1Y3Rpb25fY291bnQiOjMsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjE0MTcsIm11bHRpX2FkX3VuaXQiOjAsIm11bHRpX2FkX2NvdW50IjowLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6NTcyODA3NTU5N31d
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Wed, 01 Nov 2023 21:30:34 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 31 Oct 2023 21:30:34 GMT
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pastelink.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Wed, 01 Nov 2023 21:30:33 GMT
server
nginx/1.21.6
via
1.1 google
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 01 Nov 2023 21:30:33 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
greenoaks.gif
g.ezoic.net/detroitchicago/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhNjYwNTEyMC01NTE2LTRlNmMtNTUzMi00NzIyOGZlNTE3YWIiLCJkb21haW5faWQiOiIyNTE3ODYiLCJ0X2Vwb2NoIjoxNjk4ODc0MjI0LCJkYXRhIjpbeyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX3ZpZXdwb3J0X2NvdW50IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjAifSx7Im5hbWUiOiJuYXRpdmVfYWRfdmlld3BvcnRfY291bnQiLCJ2YWwiOiIwIn0seyJuYW1lIjoiZGlzcGxheV9hZF9kb2NfcHgiLCJ2YWwiOiJOYU4ifSx7Im5hbWUiOiJkaXNwbGF5X2FkX2RvY19jb3VudCIsInZhbCI6IjIifSx7Im5hbWUiOiJuYXRpdmVfYWRfZG9jX3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF9kb2NfY291bnQiLCJ2YWwiOiIwIn0seyJuYW1lIjoidmlld3BvcnRfc2l6ZSIsInZhbCI6IjE2MDB4MTIwMCJ9LHsibmFtZSI6InZpZXdwb3J0X3B4IiwidmFsIjoiMTkyMDAwMCJ9LHsibmFtZSI6ImRvY19weCIsInZhbCI6IjYzOTg0MDAifSx7Im5hbWUiOiJkb2NfaGVpZ2h0IiwidmFsIjoiMzk5OSJ9XX1d
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Wed, 01 Nov 2023 21:30:33 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 31 Oct 2023 21:30:33 GMT
army.gif
g.ezoic.net/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzE5OTExMDg4MTM0MzMxOCIsImRvbWFpbl9pZCI6IjI1MTc4NiIsInVuaXQiOiJkaXYtZ3B0LWFkLXBhc3RlbGlua19uZXQtYmFubmVyLTItMCIsInRfZXBvY2giOjE2OTg4NzQyMjQsImFkX3Bvc2l0aW9uIjoxMTA5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImE2NjA1MTIwLTU1MTYtNGU2Yy01NTMyLTQ3MjI4ZmU1MTdhYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NTcyODA3NTU5NywiY3JlYXRpdmVfaWQiOjEzODM1NDQyNjk2NCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzMzNiw2MDBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIzMTk5MTEwODgxMzQzMzE4IiwiZG9tYWluX2lkIjoiMjUxNzg2IiwidW5pdCI6ImRpdi1ncHQtYWQtcGFzdGVsaW5rX25ldC1iYW5uZXItMi0wIiwidF9lcG9jaCI6MTY5ODg3NDIyNCwiYWRfcG9zaXRpb24iOjExMDksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYTY2MDUxMjAtNTUxNi00ZTZjLTU1MzItNDcyMjhmZTUxN2FiIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo1NzI4MDc1NTk3LCJjcmVhdGl2ZV9pZCI6MTM4MzU0NDI2OTY0LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Wed, 01 Nov 2023 21:30:34 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 31 Oct 2023 21:30:34 GMT
tap.php
pixel.rubiconproject.com/ Frame 3DD9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/LmeGniOz2LvtmPbrJAKJ2g?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-oOiLix9E2oJgXlr9aVc9kWh5k7GexKMLPqUugQ--~A
0
0
setuid
px.ads.linkedin.com/ Frame 3DD9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOG9UQG6-5-KAQ8&gdpr=0
0
0
token
token.rubiconproject.com/ Frame 3DD9 		0
0
tap.php
pixel.rubiconproject.com/ Frame 3DD9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEHizmZIKnaudfN3ck_4NMf4&google_cver=1
0
0
token
pixel.rubiconproject.com/ Frame 3DD9
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=FwojFcBoTMaeFa1ufyiGJw&rk=usync-na&gdpr=0
0
0
rubicon
match.adsrvr.org/track/cmf/ Frame 3DD9 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:33 GMT
server
Kestrel
content-length
70
content-type
image/gif
token
pixel.rubiconproject.com/ Frame 3DD9
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_lwhYpr-QQ6hqen1ilU_8g&rk=usync-other&gdpr=0
0
0
token
token.rubiconproject.com/ Frame 3DD9 		0
0
tap.php
pixel.rubiconproject.com/ Frame 3DD9
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAE4hE7KhYcAABj7htQOuA&expires=30&gdpr=0
0
0
magnite
prebid.a-mo.net/setuid/ Frame 3DD9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0
  • https://prebid.a-mo.net/setuid/magnite?uid=LOG9UQG6-5-KAQ8&gdpr=0
0
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LOG9UQG6-5-KAQ8&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H2
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:32 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LOG9UQG6-5-KAQ8&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
402fba8a82f093def2459220061c8d31
Expires
0
pixel
capi.connatix.com/us/ Frame 3DD9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&gdpr=0
  • https://capi.connatix.com/us/pixel?puid=LOG9UQG6-5-KAQ8&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0
  • https://capi.connatix.com/us/pixel?puid=LOG9UQG6-5-KAQ8&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LOG9UQG6-5-KAQ8&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:33 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
81f73d593bed0221-ZRH
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 01 Nov 2023 21:30:33 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LOG9UQG6-5-KAQ8&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
81f73d585a6e0221-ZRH
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
sync.php
pixel.rubiconproject.com/exchange/ Frame 3DD9 		0
0
v1
match.sharethrough.com/sync/ Frame 3DD9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LOG9UQG6-5-KAQ8&gdpr=0
0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LOG9UQG6-5-KAQ8&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H2
Server
18.194.76.100 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-76-100.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:33 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LOG9UQG6-5-KAQ8&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
generic
sync.ipredictive.com/d/sync/cookie/ Frame 3DD9 		0
0
liveCS.php
live.primis.tech/live/ Frame 3DD9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LOG9UQG6-5-KAQ8&gdpr=0
0
0
sync.php
pixel.rubiconproject.com/exchange/ Frame 3DD9 		0
0
cSyncRemoteEntry.js
cds.connatix.com/p/368057/ Frame 722B 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/368057/cSyncRemoteEntry.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f5cea81bb63d0214976da19bc823736066909b01efa7bf8cdb4d5de805eea93

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:33 GMT
x-amz-version-id
6hPKV_qQP4F2yVhv4EC0Ry5k0Gd4Sm9A
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 01 Nov 2023 14:04:36 GMT
server
cloudflare
etag
W/"d60d811350d7df0f4503ae40d8a9728a"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
81f73d581f2801f4-ZRH
access-control-allow-headers
range
expires
Thu, 31 Oct 2024 21:30:33 GMT
hls.1.3.4.js
cds.connatix.com/a/ 		263 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/a/hls.1.3.4.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acff18b9dd469f70f4d45d24dadf6de847a9b3abeb3e891260eb8160ffac8039

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:33 GMT
x-amz-version-id
08mQY6.qD2K9uG9Q090ZpTuzVoe6eKbG
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 30 May 2023 13:03:31 GMT
server
cloudflare
etag
W/"2065fde20cf0becb2eb29a9fa8b9936f"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
81f73d581f2a01f4-ZRH
access-control-allow-headers
range
expires
Thu, 31 Oct 2024 21:30:33 GMT
player.css
cds.connatix.com/p/368057/ 		68 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/368057/player.css
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d79ede867e31cc892b29bed89f510c166dae4f43c3fc24785e9184fd0bfac16d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:33 GMT
x-amz-version-id
7C1MqiW6J13textUPHY9dx_CDPkXOgEb
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 01 Nov 2023 14:04:34 GMT
server
cloudflare
etag
W/"0bf136c60ee29e7f6c3edc5ac9596f9c"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
81f73d581f2c01f4-ZRH
access-control-allow-headers
range
expires
Thu, 31 Oct 2024 21:30:33 GMT
cksync
hb.yahoo.net/ Frame DF7D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LOG9UQG6-5-KAQ8&redir=true&gdpr=0
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LOG9UQG6-5-KAQ8&gdpr=0&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1rVG0ua01aRTJ1R0tMcVV1a2txTlJianJfRUdoWUI3ZH5B&gdpr=0&ovsid=LOG9UQG6-5-KAQ8&dpid=58160
0
0
receive
pixel.tapad.com/idsync/ex/ Frame DF7D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1&gdpr=0
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LOG9UQG6-5-KAQ8&gdpr=0
0
0
tap.php
pixel.rubiconproject.com/ Frame DF7D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1164&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=6652614731716365000
42 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=6652614731716365000
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=6652614731716365000
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
tap.php
pixel.rubiconproject.com/ Frame DF7D
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=0188f3d2-0376-4262-8ec0-e78ae159e102&gdpr=0
0
0
cookiesync
bttrack.com/pixel/ Frame DF7D 		35 B
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.69 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
NET-33-132-192.69.bidtellect.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-servername
Track004-iad
pragma
no-cache
date
Wed, 01 Nov 2023 21:29:45 GMT
strict-transport-security
max-age=31536000;
content-type
image/gif
cache-control
private,no-cache
content-length
35
expires
-1
sync.php
pixel.rubiconproject.com/exchange/ Frame DF7D 		0
0
tap.php
pixel.rubiconproject.com/ Frame DF7D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=14&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=7RI-L_ogWLpAqFr3YSLbyVXaRqA
42 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=7RI-L_ogWLpAqFr3YSLbyVXaRqA
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=7RI-L_ogWLpAqFr3YSLbyVXaRqA
Date
Wed, 01 Nov 2023 21:30:33 GMT
Connection
keep-alive
Content-Length
121
Content-Type
text/html; charset=utf-8
tap.php
pixel.rubiconproject.com/ Frame DF7D
Redirect Chain
  • https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=2393881630050333936&expires=30&gdpr=0
0
0
tap.php
pixel.rubiconproject.com/ Frame DF7D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=6&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=9191748007734315166&expires=60&gdpr=0&gdpr_consent=
0
0
generic
match.adsrvr.org/track/cmf/ Frame DF7D
Redirect Chain
  • https://sync.1rx.io/usersync2/rubicon?gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4784626975
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4784626975
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H2
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:33 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:33 GMT
etag
RX18b3309c12134463ae3b59c8e198f501003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4784626975
cache-control
no-store, no-cache, must-revalidate
expires
0
709414.gif
id.rlcdn.com/ Frame DF7D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif?gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sync.php
pixel.rubiconproject.com/exchange/ Frame DF7D 		0
0
sync.php
pixel.rubiconproject.com/exchange/ Frame DF7D 		0
0
tap.php
pixel.rubiconproject.com/ Frame DF7D
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=1&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=24381f8a-062e-473d-bf9e-cc834db2ecca-6542c378-4348&expires=360&gdpr=0&gdpr_consent=
0
0
sync.php
pixel.rubiconproject.com/exchange/ Frame DF7D 		0
0
sync.php
pixel.rubiconproject.com/exchange/ Frame DF7D 		0
0
sync.php
pixel.rubiconproject.com/exchange/ Frame B93B 		0
0
/
ssc-cms.33across.com/ps/ Frame B93B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=33across&gdpr=0
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LOG9UQG6-5-KAQ8&gdpr=0
0
0
cookie-sync
sync.outbrain.com/ Frame B93B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=outbrain&gdpr=0
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LOG9UQG6-5-KAQ8&obUid=&initiator=&gdpr=0
0
0
sync.php
pixel.rubiconproject.com/exchange/ Frame B93B 		0
0
token
token.rubiconproject.com/ Frame B93B 		0
0
143
match.deepintent.com/usersync/ Frame B93B 		0
0
tap.php
pixel.rubiconproject.com/ Frame B93B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZULDeAAAArVjVAAU&gdpr=0
0
0
bridge
cm.adgrx.com/ Frame B93B 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_SETCOOKIE&AG_PID=rubicon&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.245.179 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:33 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-7
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
tap.php
pixel.rubiconproject.com/ Frame B93B
Redirect Chain
  • https://um.simpli.fi/rb_match?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=4045D098764F458682B994D33705A4DB&expires=365
0
0
rubicon
tr.blismedia.com/v1/api/sync/ Frame B93B 		0
0
tap.php
pixel.rubiconproject.com/ Frame B93B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2046&pt=n&a=1&gdpr=0
  • https://rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=l5PbjTjA1w_E4vBUw6Qgzg&gdpr=0
  • https://rubicon-match.dotomi.com/match/bounce/current?DotomiTest=5c54c90b5e541931&is_secure=true&networkId=12783&version=1&nuid=l5PbjTjA1w_E4vBUw6Qgzg&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAAIdy5mFlOEDQN55PecAAAAAAA&expiration=1698960633&nuid=l5PbjTjA1w_E4vBUw6Qgzg&is_secure=true&gdpr=0
42 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAAIdy5mFlOEDQN55PecAAAAAAA&expiration=1698960633&nuid=l5PbjTjA1w_E4vBUw6Qgzg&is_secure=true&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
402fba8a82f093def2459220061c8d31
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:33 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAAIdy5mFlOEDQN55PecAAAAAAA&expiration=1698960633&nuid=l5PbjTjA1w_E4vBUw6Qgzg&is_secure=true&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
tap.php
pixel.rubiconproject.com/ Frame B93B
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=7&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7296609266459408536&expires=730&gdpr=0
0
0
sync.php
pixel.rubiconproject.com/exchange/ Frame B93B 		0
0
cookiesyncendpoint
sync.aniview.com/ Frame B93B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17184&gdpr=0
  • https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LOG9UQG6-5-KAQ8&gdpr=0
0
0
tap.php
pixel.rubiconproject.com/ Frame B93B
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560687&ev=1&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D390200%26nid%3D5120%26put%3D%25%25VGUID%25%25&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=ujBaf8EMJnl3&ev=1&pid=560687&gdpr=0
0
0
sync.php
pixel.rubiconproject.com/exchange/ Frame B93B 		0
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 9024 		0
0
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/elements/html/ Frame 9024 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DXW_oWM8GnWTeFH2KYjz-uwDCWxSNhZ3AcmT22q64F2YhnZgvYZC1QW4vuI0qgqS_G9IWv1N6is6wdp14h0ijvsVu_luyoynhJc7rgFmmuE-23ZHDt3vIxoKXIHeg8-Qu60seTmTva2JSehj68o0uZLeH8sewUFzRaarHNjf0xIy734AQ&dbm_d=AKAmf-BnwMbyoEZw2enQqwQ29odNGoHBrD-1JJsq0YCPHQP6R4dbJfh96uwfaVorZEFYdwdo2yth-MH6iry0CgS1MSwJPSxyEEW4S9qfMkCxzskYt0MZgGEFQOKQ2VcdxPY7A4YFj7UoEIRZa1rAUVk9s_BbHgVhf9SRJEsyown1lg8l9L-HW3Q-GGHeuCQCnSMo3Pl6NSKWjOdOXr4nUJqWlVvngZKXO_U9navKH6MgX40axHGHrbRhU4C5ReK-mj95W-KQWzH2uc3ukYKNTINPvR4Zaj4y4vTWczxrMzWtuDCnOh-mVmo94ZueZlKXinaKn8PsE_oBbmWvJVq5XtoCyzPQEYeYekxXcQ0V4YLoqMOsPe9eFn2qzu2l73jf8oqv6eumW3VKvZ1IgbW0wyq-BxC9iLJofUoSFS0Bn9H3fIDfTGVISIHnsDmY98qxpdy3pYzFR_N3AmeFYn5oeGcDK2tDrAafvhuoVmOCxRmnvsAQjj43GnpjLn9U5JzxK3VA6Bw2i9_szOAud5mpEoIZueLhW9eJX_w5nGvXsY5Sn2e4rnFAjZQaX1SEIbX1YX1WFLxhApF6oKDlDishe9C93jjfn_ZGf8r2MX3d1KpgRF7X75ew32fKmA9v4DKVxCdlL6pX_7ONsaU4TY_KfnhYnIcoFvXMcipGdh4KTe_QWK5bNOcH710c4FcdMDhHzhcj1kUYhVF2wfsfHVccvSsiq461OaQcNB8oZQaRk2Kl7ICRMboyOMN5pbGYSNqXAQ9rK5-RxKMQYDoU0dQZS2acOPQWmN691ff2tOYo0b1amTK6gvKyY0cmQO6PNA8iocl3UKCa4hBLmS13E55b7ff6avvXZQ1ZJMLD4TaVkWLe3U6KeeI8y4jDV_rIarzH5tF-9CisV733KY3hFDgjozE9dNPo24PO9n6lRVvLQnFwHcY5E0FOEvBf2rSI3m--gJI5ip27NN-sQaTmCJ_jCGCu3Vo7UZIF5UyLVsTR5k8gSbX54x2bsn7LCXGfs3UOJabeX_gct8Q-hk-bnh0_UetQgK96eVamTOElT_iAY_uKLx_lHY51p0q6w1gOGurCXIDkZzSgDYcvEwmrWzlAM3JO69XKWwexapfyWlrj9Yb7pc2hhcPIyNKG41uvE8bST5aRpLCaoY9CNPBW5VWe7ZO4UZRZB0yB513_QE8fQHIxGbVkrxVbwPca_yyxMVE3ExEZ4hRsG0RjFO6KmolRVrkpKQZHhf-J9xmdmsHOcuBWML3c0bFsUALkit86OCoXaxaK7uZqSzRQo7RcYLL4eQIQBnM9FFEpi8l35Ud9ssBcP5pmJ0B4UG8OE3ubBEIR3BfDxrA9cYP4BrCvEzgc-qNV0XwICx7wbqmZlLdIlToEoyTENRAaPqyuLtT0aD8Ln6Cw_jF5k9l4dJnBriFWKJLt1wWdkiI0sV9p5Dp5BPatoMhAGKTuFRn4DHVHPhDkf5lhBAvgNyL_aRLbY9pRC9kvdQWmc0GTvwX-wyTwOPJlXjrjdDUt3ywPmXi9V1XUlfcVvlDtUvfnODhLZGAaKAJ2bLRNwdcdDeCiv5hwppeZSnM6d-buIw9EVB8HXzavpEbfmtxVkeLygJY4SHwYlP8k5OupGirFtcOFFBFVorTjB2Vxna9ooWqYtVoOyEGFbhAspGLGiZfLL7Qwtt-XFVgafAKrCDlHp0LEnDTEQEkmDShOjfW3-ddp9_tfGrH_7IEXtRBAQz6_RtCvTI9yop_3nVZzAe3taxoqgs4mIPYPSfl-NN_pHzxBbDMz90pdxP7JX5lSpYju-JEACZ8CO9ymyHhW2Y0oG7tgfRmdY8KL0WPsXktY8Zsm6yHdIwfxkoliuyIdeK-K1PPMRfMlMnyOz3pgXWFQ6tXTJFypA6TeQNQfAFroiFO2L0w3ieym2qlAmwX4JYYb52ZJ2UPRlLGWIvDc9rBARbC7RtBUzUQcQs2ohBf6BBVPRijUDtfPKKHEv0EY2PD_k_S2P7ItNzp7sVYWsq-4FCars9FbfBYmV4VPfBrdmrTY69ZYvCicwumS9yp7jhczd86TGhKW116V0OjKU3xzdSTTlC_vxhfGnOsaojpfN6gmP4U3-KdTxU2pG6xncM3MIMCaxg-bJnLpMtzzeTkhb9wYbaT3CnwQpqBDKvvscuW98vL5vog4m3LCuDhET8-TQUBkDU27vvkmBrvvcOs6XP-gX160kL2iNjiW4Zea211v45a3iLe28hqBvvthXNSb7GXaok6UcLlNSxHmnctv0YtXsMa3dfAgcKnogE5m1EK7V5WpupRU2TpbeopkVDVIxOoePDT05kocg3qPzfyyQaqaBeUqRkqWK043Z7dCKHTgJfVop8zhBhaOY3eekfhxOyWHXE1UxhfTahfYAZW7vIaxl56KSn2Gluoys81Kk9TYz_lJ59FKEKfz2FrU-O14f4gAxaL-qoiPhoi_6pic_r2e-eNcANPm38xHYycD2UoyZVs4glBGw3j-Bt6Y5n8q1qpXNatzAM86Vn4YNUQyT28eVrtypaJCi5e8g1A8VHnXNs6cdLFu7ITTS99a-21WF7w4ds9G1khB1WLLuuPSLLRn765LfoD-jZcttZ2Y2faBX92fX0YgVEbk9r18Ir6s1Z4i-gXvzbLPoPePXXGSfLFb4ej_pWYJHBzDPlk-munJLOquTRHTiI_SNqw4nGRHcApxCwKx3CSzOrSp41bw3WiY54iwijXPxOjd0nZy4-qTpmLCFZS_a_hHQhjWp3vOmD-x1P8zkBYYNYftUsq6VulOobdgtqiiqkaVrpuhqWLRrwuLdjD78vnurhrDH4OjGd11yGTHBaXytnacwtDhgVX9RG7kH4gft79ZEjIWpeWL0IAdQTDLeq4TLjuKzSe7LCFbfyDsZlnOg-tH4MxREhm-aBusrJyZ1NZ0LgBmmG89MsI8SbnIjUSzVbQdqQ1eMTMbybGLu2PITlFwqtaVUN4eYMhgS1dew2MQt_I4xbHjhyqPT6GeLgpcVgqeiU9G-UBe1vce69pbvJLyaKpN9RkDZ2AlU8PIxmOctmSMlmyrkJAR_aEQcn4FeYgpDbe55smlX5wxNShuVcIzt0oshBpcl52P4K4i9nJ4qwXJ2snogJn2CEHhJRVQejHIbHq5k2L_3hp102qTkcCPPxZ3Iw1jrHGs6P1BFT_RCv2eeYXHIAssjo7XQTtgIxRRWkN8nI6_9l-AKfYxGSiQBlfcV2qgPqnK2BCgIRxxAuqeZM8SyNd41qJS_cdRLN9xh7Z1WdiJdU3uThWlfOrZS0sng1pAXwF371wud-CJM-kF9SWJ4WIRX9O2-paf4GxKob977wpgz1Z14Mzz0gWm3aAGN8NAaRQWDD5PecumUsavKB3Cwv06GEesbeJopCWxD9kFFeL41ppJMooAezPzRllYxtQyMetMge-Bj0NASlKvUGnaP0YHu-0wBsrPaDS_7ZSTe0QsFe_UxMHyl9l0aXtZoaV39bQQc-k4vCVbfctjtUrgFzKFnEnQEgfniYWCXLOXX0dm7UBiJWNIjq62ar52i70SO897uSN0I0JAUrvjwSSKxyySLFZrJ5qxp9R41eXaxw_Nw6bFLUbDoyf9xGpdPXXiT6kVfoHp3XSNLeii6SSGAD07hc2KmiP4zgyA6QdeFkMQoOo5jokn8VY1xpcEKlrmk2oId8y2ocKlWK1yfp_dARoz-rw-f569N7QsOzvlIIb1FmoHvvj-sBL_6m-ndfNt90H-dTLpv_Ep8soUqsM&cid=CAQSMgDICaaNV7xRmxTd6Lfzh9qLfk_fjTwQ3flJg7dSlUM7crEeCEjh2fl-rMlA3VgOHvHsGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fpastelink.net%2F3t5ilv84&ds=l&xdt=0&iif=1&cor=6058340457851915000&adk=3471343377&idt=231&cac=0&dtd=399
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 13:34:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
28575
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Nov 2023 13:34:18 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/ Frame 9024 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DXW_oWM8GnWTeFH2KYjz-uwDCWxSNhZ3AcmT22q64F2YhnZgvYZC1QW4vuI0qgqS_G9IWv1N6is6wdp14h0ijvsVu_luyoynhJc7rgFmmuE-23ZHDt3vIxoKXIHeg8-Qu60seTmTva2JSehj68o0uZLeH8sewUFzRaarHNjf0xIy734AQ&dbm_d=AKAmf-BnwMbyoEZw2enQqwQ29odNGoHBrD-1JJsq0YCPHQP6R4dbJfh96uwfaVorZEFYdwdo2yth-MH6iry0CgS1MSwJPSxyEEW4S9qfMkCxzskYt0MZgGEFQOKQ2VcdxPY7A4YFj7UoEIRZa1rAUVk9s_BbHgVhf9SRJEsyown1lg8l9L-HW3Q-GGHeuCQCnSMo3Pl6NSKWjOdOXr4nUJqWlVvngZKXO_U9navKH6MgX40axHGHrbRhU4C5ReK-mj95W-KQWzH2uc3ukYKNTINPvR4Zaj4y4vTWczxrMzWtuDCnOh-mVmo94ZueZlKXinaKn8PsE_oBbmWvJVq5XtoCyzPQEYeYekxXcQ0V4YLoqMOsPe9eFn2qzu2l73jf8oqv6eumW3VKvZ1IgbW0wyq-BxC9iLJofUoSFS0Bn9H3fIDfTGVISIHnsDmY98qxpdy3pYzFR_N3AmeFYn5oeGcDK2tDrAafvhuoVmOCxRmnvsAQjj43GnpjLn9U5JzxK3VA6Bw2i9_szOAud5mpEoIZueLhW9eJX_w5nGvXsY5Sn2e4rnFAjZQaX1SEIbX1YX1WFLxhApF6oKDlDishe9C93jjfn_ZGf8r2MX3d1KpgRF7X75ew32fKmA9v4DKVxCdlL6pX_7ONsaU4TY_KfnhYnIcoFvXMcipGdh4KTe_QWK5bNOcH710c4FcdMDhHzhcj1kUYhVF2wfsfHVccvSsiq461OaQcNB8oZQaRk2Kl7ICRMboyOMN5pbGYSNqXAQ9rK5-RxKMQYDoU0dQZS2acOPQWmN691ff2tOYo0b1amTK6gvKyY0cmQO6PNA8iocl3UKCa4hBLmS13E55b7ff6avvXZQ1ZJMLD4TaVkWLe3U6KeeI8y4jDV_rIarzH5tF-9CisV733KY3hFDgjozE9dNPo24PO9n6lRVvLQnFwHcY5E0FOEvBf2rSI3m--gJI5ip27NN-sQaTmCJ_jCGCu3Vo7UZIF5UyLVsTR5k8gSbX54x2bsn7LCXGfs3UOJabeX_gct8Q-hk-bnh0_UetQgK96eVamTOElT_iAY_uKLx_lHY51p0q6w1gOGurCXIDkZzSgDYcvEwmrWzlAM3JO69XKWwexapfyWlrj9Yb7pc2hhcPIyNKG41uvE8bST5aRpLCaoY9CNPBW5VWe7ZO4UZRZB0yB513_QE8fQHIxGbVkrxVbwPca_yyxMVE3ExEZ4hRsG0RjFO6KmolRVrkpKQZHhf-J9xmdmsHOcuBWML3c0bFsUALkit86OCoXaxaK7uZqSzRQo7RcYLL4eQIQBnM9FFEpi8l35Ud9ssBcP5pmJ0B4UG8OE3ubBEIR3BfDxrA9cYP4BrCvEzgc-qNV0XwICx7wbqmZlLdIlToEoyTENRAaPqyuLtT0aD8Ln6Cw_jF5k9l4dJnBriFWKJLt1wWdkiI0sV9p5Dp5BPatoMhAGKTuFRn4DHVHPhDkf5lhBAvgNyL_aRLbY9pRC9kvdQWmc0GTvwX-wyTwOPJlXjrjdDUt3ywPmXi9V1XUlfcVvlDtUvfnODhLZGAaKAJ2bLRNwdcdDeCiv5hwppeZSnM6d-buIw9EVB8HXzavpEbfmtxVkeLygJY4SHwYlP8k5OupGirFtcOFFBFVorTjB2Vxna9ooWqYtVoOyEGFbhAspGLGiZfLL7Qwtt-XFVgafAKrCDlHp0LEnDTEQEkmDShOjfW3-ddp9_tfGrH_7IEXtRBAQz6_RtCvTI9yop_3nVZzAe3taxoqgs4mIPYPSfl-NN_pHzxBbDMz90pdxP7JX5lSpYju-JEACZ8CO9ymyHhW2Y0oG7tgfRmdY8KL0WPsXktY8Zsm6yHdIwfxkoliuyIdeK-K1PPMRfMlMnyOz3pgXWFQ6tXTJFypA6TeQNQfAFroiFO2L0w3ieym2qlAmwX4JYYb52ZJ2UPRlLGWIvDc9rBARbC7RtBUzUQcQs2ohBf6BBVPRijUDtfPKKHEv0EY2PD_k_S2P7ItNzp7sVYWsq-4FCars9FbfBYmV4VPfBrdmrTY69ZYvCicwumS9yp7jhczd86TGhKW116V0OjKU3xzdSTTlC_vxhfGnOsaojpfN6gmP4U3-KdTxU2pG6xncM3MIMCaxg-bJnLpMtzzeTkhb9wYbaT3CnwQpqBDKvvscuW98vL5vog4m3LCuDhET8-TQUBkDU27vvkmBrvvcOs6XP-gX160kL2iNjiW4Zea211v45a3iLe28hqBvvthXNSb7GXaok6UcLlNSxHmnctv0YtXsMa3dfAgcKnogE5m1EK7V5WpupRU2TpbeopkVDVIxOoePDT05kocg3qPzfyyQaqaBeUqRkqWK043Z7dCKHTgJfVop8zhBhaOY3eekfhxOyWHXE1UxhfTahfYAZW7vIaxl56KSn2Gluoys81Kk9TYz_lJ59FKEKfz2FrU-O14f4gAxaL-qoiPhoi_6pic_r2e-eNcANPm38xHYycD2UoyZVs4glBGw3j-Bt6Y5n8q1qpXNatzAM86Vn4YNUQyT28eVrtypaJCi5e8g1A8VHnXNs6cdLFu7ITTS99a-21WF7w4ds9G1khB1WLLuuPSLLRn765LfoD-jZcttZ2Y2faBX92fX0YgVEbk9r18Ir6s1Z4i-gXvzbLPoPePXXGSfLFb4ej_pWYJHBzDPlk-munJLOquTRHTiI_SNqw4nGRHcApxCwKx3CSzOrSp41bw3WiY54iwijXPxOjd0nZy4-qTpmLCFZS_a_hHQhjWp3vOmD-x1P8zkBYYNYftUsq6VulOobdgtqiiqkaVrpuhqWLRrwuLdjD78vnurhrDH4OjGd11yGTHBaXytnacwtDhgVX9RG7kH4gft79ZEjIWpeWL0IAdQTDLeq4TLjuKzSe7LCFbfyDsZlnOg-tH4MxREhm-aBusrJyZ1NZ0LgBmmG89MsI8SbnIjUSzVbQdqQ1eMTMbybGLu2PITlFwqtaVUN4eYMhgS1dew2MQt_I4xbHjhyqPT6GeLgpcVgqeiU9G-UBe1vce69pbvJLyaKpN9RkDZ2AlU8PIxmOctmSMlmyrkJAR_aEQcn4FeYgpDbe55smlX5wxNShuVcIzt0oshBpcl52P4K4i9nJ4qwXJ2snogJn2CEHhJRVQejHIbHq5k2L_3hp102qTkcCPPxZ3Iw1jrHGs6P1BFT_RCv2eeYXHIAssjo7XQTtgIxRRWkN8nI6_9l-AKfYxGSiQBlfcV2qgPqnK2BCgIRxxAuqeZM8SyNd41qJS_cdRLN9xh7Z1WdiJdU3uThWlfOrZS0sng1pAXwF371wud-CJM-kF9SWJ4WIRX9O2-paf4GxKob977wpgz1Z14Mzz0gWm3aAGN8NAaRQWDD5PecumUsavKB3Cwv06GEesbeJopCWxD9kFFeL41ppJMooAezPzRllYxtQyMetMge-Bj0NASlKvUGnaP0YHu-0wBsrPaDS_7ZSTe0QsFe_UxMHyl9l0aXtZoaV39bQQc-k4vCVbfctjtUrgFzKFnEnQEgfniYWCXLOXX0dm7UBiJWNIjq62ar52i70SO897uSN0I0JAUrvjwSSKxyySLFZrJ5qxp9R41eXaxw_Nw6bFLUbDoyf9xGpdPXXiT6kVfoHp3XSNLeii6SSGAD07hc2KmiP4zgyA6QdeFkMQoOo5jokn8VY1xpcEKlrmk2oId8y2ocKlWK1yfp_dARoz-rw-f569N7QsOzvlIIb1FmoHvvj-sBL_6m-ndfNt90H-dTLpv_Ep8soUqsM&cid=CAQSMgDICaaNV7xRmxTd6Lfzh9qLfk_fjTwQ3flJg7dSlUM7crEeCEjh2fl-rMlA3VgOHvHsGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fpastelink.net%2F3t5ilv84&ds=l&xdt=0&iif=1&cor=6058340457851915000&adk=3471343377&idt=231&cac=0&dtd=399
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
1d2e8de8d05446a49a58d8b8af9bc4698dbd4a63c4083d893ec232b1f3b0defe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 13:34:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
28545
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11597
x-xss-protection
0
server
cafe
etag
8023538936332676572
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Nov 2023 13:34:48 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 9024 		0
0
SPug
simage4.pubmatic.com/AdServer/ Frame 7246 		0
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0890 		278 B
167 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvJWxDB5IUBGP3EuPkBMAE&v=APEucNV-XbxuoFEdJxCpVCLZCW8JuBAjk4wDWnW5BfUPolBD8qS7rWqLZa5Awp_sKb8cYR6CZ6Uv-yQmPdw230W-207b34DBYVDrmFa1203niC70jD8DaGw
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/static/BannerAdBannerPlacement.js?v=0.3.23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
1a87985707fa8a2cd12b5d3879626eccd92c19372ed032b91a7c6f9ea00b6ea8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
104
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 21:30:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame CCE8 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/static/BannerAdBannerPlacement.js?v=0.3.23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 21:30:33 GMT
adview
adx.g.doubleclick.net/pagead/ Frame CCE8
Redirect Chain
  • https://ghent-aws-fr.bidswitch.net/imp/0.141232/BSWhttps_A_B_Badx.g.doubleclick.net_Bpagead_Badview_Cai_RCW4WPcsNCZe3ABaad2fcPwd62sAS7x529c5yq-IH2EZEvEAEgg__3mH2D17ceB1ASgAYKpsYkDyAEJqQKa2VsA7m2yPq...
  • https://adx.g.doubleclick.net/pagead/adview?ai=CW4WPcsNCZe3ABaad2fcPwd62sAS7x529c5yq-IH2EZEvEAEgg_3mH2D17ceB1ASgAYKpsYkDyAEJqQKa2VsA7m2yPqgDAcgDmwSqBJICT9A0nfjsiTNqclbpP3T_g64ujsXj6BS3X4XlzzTAR2dNY...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adx.g.doubleclick.net/pagead/adview?ai=CW4WPcsNCZe3ABaad2fcPwd62sAS7x529c5yq-IH2EZEvEAEgg_3mH2D17ceB1ASgAYKpsYkDyAEJqQKa2VsA7m2yPqgDAcgDmwSqBJICT9A0nfjsiTNqclbpP3T_g64ujsXj6BS3X4XlzzTAR2dNY5TQHSmGZ2gfVU11F1nh2yxDe1Gzs93OUcfF0SJ6h8i_Z08Pr4dfyXs7-V35v_VL5JGwAZRv3LIL8Sv2xqGhFDvLflBIe5BVMJBPKhnrq_ot961NGsHxjOMx-E18Ounv6KunWsj3arVGrUvN3kHSYIfxj5p1kX2ZkuBKhttGMB2afCZXUlqh05iquIKQX5GzeDiOVJqYikJ9xmyJNXgf57gIxDUYbJud4aVTFomSltXb2l39cKfPcYBQxERSC2M8IW_Y_GIsDNLylSHn0uGJyq5Urujb9IcSINMinJQnzEaT-rixJUCLzgrgFYvaQV_TnsAEz8K10MAE4AQDiAWxtu7yTJIFBggDEAEYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGTIAH5tbOdqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEMvxCBj9xLj5AdIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggUYmlkZGVyLW9uZXRhZ18xODQ3MjGACgTICwGiDAwqCgoI5LSxAu61sQLaDBEKCxDgkpqjkYCLnYEBEgIBA7ATyMSsFcgTlJvu4wPYEwqIFAXYFAHQFQGAFwGyFwgKBggAEgAYAOgXAQ&sigh=cfDuqej0gRo&uach_m=[UACH]&ase=2&nis=4&pr=38:0.14123&cid=CAQSMgDICaaNCDMKidC2Aj-fZtjbkZtZfF_9rFPwR905OBaONsrqAl0R3EZmqWA1unV3RrVmGAE
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Location
https://adx.g.doubleclick.net/pagead/adview?ai=CW4WPcsNCZe3ABaad2fcPwd62sAS7x529c5yq-IH2EZEvEAEgg_3mH2D17ceB1ASgAYKpsYkDyAEJqQKa2VsA7m2yPqgDAcgDmwSqBJICT9A0nfjsiTNqclbpP3T_g64ujsXj6BS3X4XlzzTAR2dNY5TQHSmGZ2gfVU11F1nh2yxDe1Gzs93OUcfF0SJ6h8i_Z08Pr4dfyXs7-V35v_VL5JGwAZRv3LIL8Sv2xqGhFDvLflBIe5BVMJBPKhnrq_ot961NGsHxjOMx-E18Ounv6KunWsj3arVGrUvN3kHSYIfxj5p1kX2ZkuBKhttGMB2afCZXUlqh05iquIKQX5GzeDiOVJqYikJ9xmyJNXgf57gIxDUYbJud4aVTFomSltXb2l39cKfPcYBQxERSC2M8IW_Y_GIsDNLylSHn0uGJyq5Urujb9IcSINMinJQnzEaT-rixJUCLzgrgFYvaQV_TnsAEz8K10MAE4AQDiAWxtu7yTJIFBggDEAEYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGTIAH5tbOdqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEMvxCBj9xLj5AdIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggUYmlkZGVyLW9uZXRhZ18xODQ3MjGACgTICwGiDAwqCgoI5LSxAu61sQLaDBEKCxDgkpqjkYCLnYEBEgIBA7ATyMSsFcgTlJvu4wPYEwqIFAXYFAHQFQGAFwGyFwgKBggAEgAYAOgXAQ&sigh=cfDuqej0gRo&uach_m=[UACH]&ase=2&nis=4&pr=38:0.14123&cid=CAQSMgDICaaNCDMKidC2Aj-fZtjbkZtZfF_9rFPwR905OBaONsrqAl0R3EZmqWA1unV3RrVmGAE
Date
Wed, 01 Nov 2023 21:30:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
usersync
usersync.gumgum.com/ Frame CCE8
Redirect Chain
  • https://aws-fr-sync.bidswitch.net/sync?ssp=onetag&dsp_id=16&imp=1
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26us...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=6ba0b4a4-fbcf-5432-8913-f696ec5135ee&ssp=gumgum2&expires=30&user_group=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=bsw&i=9a5353ba-e71e-4f61-9897-398e51822172&gdpr=&gdpr_consent=&us_privacy=
0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame CCE8 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CPloVbY0MD0YlpgU91sz8qZfmIO3yDEKB0RNQbRtBCPOQttfZaWDR31njp3BJImy6Z8h3wqwBlpAwVQhcnIYUxYhRjlQfXO6cT3k0zUeIfSPgdfQE
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/static/BannerAdBannerPlacement.js?v=0.3.23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CCE8 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3993585410156544205&x=38&ct=76
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/static/BannerAdBannerPlacement.js?v=0.3.23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/analytics/ Frame 4BBD 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/analytics/
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/static/BannerAdBannerPlacement.js?v=0.3.23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://pastelink.net
strict-transport-security
max-age=15552000
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin, Referer, User-Agent, x-ak-clientip
content-length
0
/
onetag-sys.com/usync/ Frame 4AEE 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
f76140f6be6fb9c864f45f5f2ef648066dc3ea448c29c0bbfd8b3acf51883066
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1240
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
view
securepubads.g.doubleclick.net/pcs/ Frame DBA5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvFBuZi4bvrCLoNTPbj8VhBp_vuuLm2g5bej5ldXR2t8rDvcP4bbolVlVY2JMEZOtPkIL_KigkNqjJE7C1xCv3FEDycRwqHBFUFZiq7bnb8bg0C0W9J8IOysO7OXU6WQPX9nhRL9lR3dehSrgp37nj9Nkk5nVCwg8v5uR6Rj1PwNwZn6WwYOreOGtiswSZjbGsuLjQTC2sTlt4YAUaP9Eo_M9C0yFNci-dxxPupgW1O2jBGa7EUHBXq_F-EXM7AQduDwLM0W72N3YFEHW3hT9oTh9iZjHqShH6UlS6sJEzZ4ntmN7aINLOXkMgeK4KIIg3adc737iT5DgIiDwVInOgtZYEv4rtXaOvsJ8MszQ&sai=AMfl-YS64msK3m_6UwIDcP2nOpVtgNGEZbeV1HsjuA0wX2JTIjgS0lBtVhAm6KWF0m5DGDSSUm6Y4k8c56aiaR4CBdz6kw7WorxsM0n7VqIdjj84ePWYVd7DhONemc5shks&sig=Cg0ArKJSzLfTmUxx16bEEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ym.1.js
static.yieldmo.com/ Frame DBA5 		0
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6B6C 		684 B
308 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvJWxDB5IUBGPO6uPkBMAE&v=APEucNUq-RxtHj-BDV0lH1rzJTWXZeTkgFrKm96yQIUWyhvGZROUtZcOhIJqTpWJL6c4UyNp1L8QkO3LYQoiSU44-SY0JZLVcPnihePTRU2hPLOz5Gl_nEk
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
68e12a98552e1d10d74c35c38a6324b2ffc6e1b552ca386894875ee9b60ea169
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 21:30:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame DBA5 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 21:30:33 GMT
ev
ads.yieldmo.com/v000/t_tkr/ Frame DBA5 		43 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3397522355460590137&pvt=1698874226226&plid=2834942196124164132&imp=6293019851143661431&rep_meta=9zn5rSa1GI3S0MVj-fnYOa646GzIgGzuezmX5oHlaacSG3G0I5ZOMExY30DlXo-QWdXOcJIP5IpMSCTmrOOcBW4XSskW3s0YbyZ_SSlYwgnDZOYIfIbGGTpn-928Ye2nJbkrpzI2hzVs7UMcob3ASEiDShwXrBQ7KvuFCWhOUqfE-ZuY6w-ClYo2DB4IPrPso8B_HmYLYSlQN4L-rGN7tS1XCROVRSUV5tWoFpJrAVDKRJxtSb5smQgLTSPl-RQ8xaQ7bzN4mOatKpCl39lmwFAFh97eD2jllUXe7pfZbS72_Q-EWpmyhZXzfDCv5nfEqcJByQUcIRYb1uOzQ-_6VoYDmjdJDAOPifWLBMA8bkw00Vgp9uxuDmGc2OW9FylFjjpyv_hielJJ_L9epJOchaa030vOEkMUhKxK4Rbl3I_AAzMEpryYqSt6Bs8vKGSo
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.46.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-46-203.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:33 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43
ev
ads.yieldmo.com/v000/t_tkr/ Frame DBA5 		0
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=r&pvid=3397522355460590137&pvt=1698874226226&plid=2834942196124164132&imp=6293019851143661431&rep_meta=9zn5rSa1GI3S0MVj-fnYOa646GzIgGzuezmX5oHlaacSG3G0I5ZOMExY30DlXo-QWdXOcJIP5IpMSCTmrOOcBW4XSskW3s0YbyZ_SSlYwgnDZOYIfIbGGTpn-928Ye2nJbkrpzI2hzVs7UMcob3ASEiDShwXrBQ7KvuFCWhOUqfE-ZuY6w-ClYo2DB4IPrPso8B_HmYLYSlQN4L-rGN7tS1XCROVRSUV5tWoFpJrAVDKRJxtSb5smQgLTSPl-RQ8xaQ7bzN4mOatKpCl39lmwFAFh97eD2jllUXe7pfZbS72_Q-EWpmyhZXzfDCv5nfEqcJByQUcIRYb1uOzQ-_6VoYDmjdJDAOPifWLBMA8bkw00Vgp9uxuDmGc2OW9FylFjjpyv_hielJJ_L9epJOchaa030vOEkMUhKxK4Rbl3I_AAzMEpryYqSt6Bs8vKGSo
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.46.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-46-203.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 01 Nov 2023 21:30:33 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
gen_204
pagead2.googlesyndication.com/pagead/ Frame DBA5 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AEoiuAOh5K-H45638vQ3_FUKdXIxmARiKlbgZlLiwNGKyTTeLqxBwomIQas6PXffjSSzsTuT7xMhoSQGCQ8bpGgMqAyckrtzHE5_PySuSw_pooKKc
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DBA5 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14338342613480649120&x=67&ct=76
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
army.gif
g.ezoic.net/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTQ1NDY1NDE5NTM4MjczMyIsImRvbWFpbl9pZCI6IjI1MTc4NiIsInVuaXQiOiJkaXYtZ3B0LWFkLXBhc3RlbGlua19uZXQtYm94LTEtMCIsInRfZXBvY2giOjE2OTg4NzQyMjQsInJldmVudWUiOjAuMDAwMDg0NTc3LCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMDYsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjAwMDA4NDU3NywiYmlkX2Zsb29yX3ByZXYiOjgsInN0YXRfc291cmNlX2lkIjoxMTMxNSwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImE2NjA1MTIwLTU1MTYtNGU2Yy01NTMyLTQ3MjI4ZmU1MTdhYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJzdGF0X3NvdXJjZV9pZCIsInZhbCI6IjExMzE1In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI1NDU0NjU0MTk1MzgyNzMzIiwiZG9tYWluX2lkIjoiMjUxNzg2IiwidW5pdCI6ImRpdi1ncHQtYWQtcGFzdGVsaW5rX25ldC1ib3gtMS0wIiwidF9lcG9jaCI6MTY5ODg3NDIyNCwicmV2ZW51ZSI6MC4wMDAwODQ1NzcsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwNiwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMDg0NTc3LCJiaWRfZmxvb3JfcHJldiI6OCwic3RhdF9zb3VyY2VfaWQiOjExMzE1LCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYTY2MDUxMjAtNTUxNi00ZTZjLTU1MzItNDcyMjhmZTUxN2FiIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImxvYWRlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjU0NTQ2NTQxOTUzODI3MzMiLCJkb21haW5faWQiOiIyNTE3ODYiLCJ1bml0IjoiZGl2LWdwdC1hZC1wYXN0ZWxpbmtfbmV0LWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjk4ODc0MjI0LCJhZF9wb3NpdGlvbiI6MTEwNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJhNjYwNTEyMC01NTE2LTRlNmMtNTUzMi00NzIyOGZlNTE3YWIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiMmU4YjhjNjA4NDNlNTJlNWFhYTFlM2E1MjI4N2EyYmIifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjU0NTQ2NTQxOTUzODI3MzMiLCJkb21haW5faWQiOiIyNTE3ODYiLCJ1bml0IjoiZGl2LWdwdC1hZC1wYXN0ZWxpbmtfbmV0LWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjk4ODc0MjI0LCJhZF9wb3NpdGlvbiI6MTEwNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJhNjYwNTEyMC01NTE2LTRlNmMtNTUzMi00NzIyOGZlNTE3YWIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoibWVkaWFfdHlwZSIsInZhbCI6ImJhbm5lciJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTQ1NDY1NDE5NTM4MjczMyIsImRvbWFpbl9pZCI6IjI1MTc4NiIsInVuaXQiOiJkaXYtZ3B0LWFkLXBhc3RlbGlua19uZXQtYm94LTEtMCIsInRfZXBvY2giOjE2OTg4NzQyMjQsImFkX3Bvc2l0aW9uIjoxMTA2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImE2NjA1MTIwLTU1MTYtNGU2Yy01NTMyLTQ3MjI4ZmU1MTdhYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJwcmViaWRfc291cmNlIiwidmFsIjoiY2xpZW50In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Wed, 01 Nov 2023 21:30:33 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 31 Oct 2023 21:30:33 GMT
army.gif
g.ezoic.net/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTQ1NDY1NDE5NTM4MjczMyIsImRvbWFpbl9pZCI6IjI1MTc4NiIsInVuaXQiOiJkaXYtZ3B0LWFkLXBhc3RlbGlua19uZXQtYm94LTEtMCIsInRfZXBvY2giOjE2OTg4NzQyMjQsImFkX3Bvc2l0aW9uIjoxMTA2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImE2NjA1MTIwLTU1MTYtNGU2Yy01NTMyLTQ3MjI4ZmU1MTdhYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMyJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Wed, 01 Nov 2023 21:30:33 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 31 Oct 2023 21:30:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DBA5 		188 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60393
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698666127188353"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Nov 2023 21:30:33 GMT
army.gif
g.ezoic.net/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTQ1NDY1NDE5NTM4MjczMyIsImRvbWFpbl9pZCI6IjI1MTc4NiIsInVuaXQiOiJkaXYtZ3B0LWFkLXBhc3RlbGlua19uZXQtYm94LTEtMCIsInRfZXBvY2giOjE2OTg4NzQyMjQsImFkX3Bvc2l0aW9uIjoxMTA2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImE2NjA1MTIwLTU1MTYtNGU2Yy01NTMyLTQ3MjI4ZmU1MTdhYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NTcyODA3NTU5NywiY3JlYXRpdmVfaWQiOjEzODM1NDQyNjk1MiwiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzU0NDI2OTUyIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI1NDU0NjU0MTk1MzgyNzMzIiwiZG9tYWluX2lkIjoiMjUxNzg2IiwidW5pdCI6ImRpdi1ncHQtYWQtcGFzdGVsaW5rX25ldC1ib3gtMS0wIiwidF9lcG9jaCI6MTY5ODg3NDIyNCwiYWRfcG9zaXRpb24iOjExMDYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYTY2MDUxMjAtNTUxNi00ZTZjLTU1MzItNDcyMjhmZTUxN2FiIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo1NzI4MDc1NTk3LCJjcmVhdGl2ZV9pZCI6MTM4MzU0NDI2OTUyLCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiI1NzI4MDc1NTk3In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Wed, 01 Nov 2023 21:30:34 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 31 Oct 2023 21:30:34 GMT
5728075597
go.ezodn.com/dac/ 		0
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/dac/5728075597
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/porpoiseant/banger.js?cb=195-0&bv=279&v=100&PageSpeed=off
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.137.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1072
alt-svc
h3=":443"; ma=86400
content-length
0
last-modified
Wed, 01 Nov 2023 21:11:29 GMT
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
text/plain
access-control-allow-origin
https://pastelink.net
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AZEp%2FIHXhXNsTJbF3PIZe3yqVBusDlSQHEXLQNiLD5deP3ENeqqgD5U5sGRmTDT5Y22qnFfX6APJg8xY5QWPXlxK0Khq3O6XgDwyUy67OwwKNm76F4aDFqT%2B%2FWpT4XQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
access-control-allow-credentials
true
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
accept-ranges
bytes
cf-ray
81f73d593a206698-AMS
access-control-allow-headers
Content-Type
army.gif
g.ezoic.net/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTQ1NDY1NDE5NTM4MjczMyIsImRvbWFpbl9pZCI6IjI1MTc4NiIsInVuaXQiOiJkaXYtZ3B0LWFkLXBhc3RlbGlua19uZXQtYm94LTEtMCIsInRfZXBvY2giOjE2OTg4NzQyMjQsImFkX3Bvc2l0aW9uIjoxMTA2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImE2NjA1MTIwLTU1MTYtNGU2Yy01NTMyLTQ3MjI4ZmU1MTdhYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NTcyODA3NTU5NywiY3JlYXRpdmVfaWQiOjEzODM1NDQyNjk1MiwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMTEtMDEifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIyMiJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIzIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii02MCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Wed, 01 Nov 2023 21:30:34 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 31 Oct 2023 21:30:34 GMT
army.gif
g.ezoic.net/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNTQ1NDY1NDE5NTM4MjczMyIsImRvbWFpbl9pZCI6IjI1MTc4NiIsInVuaXQiOiJkaXYtZ3B0LWFkLXBhc3RlbGlua19uZXQtYm94LTEtMCIsInRfZXBvY2giOjE2OTg4NzQyMjQsImF1Y3Rpb25fZXBvY2giOjE2OTg4NzQyMzQsImFkX3Bvc2l0aW9uIjoxMTA2LCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYTY2MDUxMjAtNTUxNi00ZTZjLTU1MzItNDcyMjhmZTUxN2FiIiwiYmlkX2Zsb29yX2luaXRpYWwiOjEwMCwiYmlkX2Zsb29yX3ByZXYiOjUwLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJhdWN0aW9uX2NvdW50IjozLCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjoxMDUzLCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjU3MjgwNzU1OTd9XQ==
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Wed, 01 Nov 2023 21:30:33 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 31 Oct 2023 21:30:33 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		390 B
220 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4190647440363764&correlator=3414676736244763&eid=31079165%2C31079302%2C31078530%2C31079371&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-box-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=27&didk=3113487578&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3Dfba99a7232a66101%3AT%3D1698874228%3ART%3D1698874228%3AS%3DALNI_MY8n8m-YLz8RXr1tshiw0lvvLjb1w&gpic=UID%3D00000cb101e21ccf%3AT%3D1698874228%3ART%3D1698874228%3AS%3DALNI_MbZgk5tXHrda4k3l-TdZen-fsgnSQ&abxe=1&dt=1698874233839&lmt=1698874233&adxs=310&adys=556&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fpastelink.net%2F3t5ilv84&vis=1&psz=705x500&msz=705x500&fws=516&ohw=1600&psts=AOrYGskfziikbcA_9Yof554DKWFgpzkec4D4ZTIbxxlAxW3RhTb2bg4bezlL2Q-2-EDquSNC_zDGqD-gKUxl%2CAOrYGsnk7un_BIWKc6VjP8oA-vcGPK5z9CAZMQpoMP3vUx0CZ7oWipRIruDJa3Ze5Up463nyEH_N2VlbvLb4%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGskpwxyPl0juW41j1rkrlLUQcvXvzA5mH222Y6atNDpOrr8h3eAFatle8b9o_FK8xUYBsoAICPC98x-_%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslS2Cp0wHjsM8BO_O5FssrnRkjVi_oiPlCW15OFUs3Y&ga_vid=1833405134.1698874225&ga_sid=1698874227&ga_hid=681257193&ga_fc=true&a3p=EhsKDDMzYWNyb3NzLmNvbRii8q3muDFIAFICCGQSGAoJeWFob28uY29tGKmArua4MUgAUgIIbxIZCgp1aWRhcGkuY29tGKLyrea4MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y75Ku5rgxSABSAghqEloKDWNyd2RjbnRybC5uZXQSQDgyNmI5NmYzY2FlODQyMjI1YmFkNDY5MGRmY2JlMzIyNDZiMGU2NDM5Mzk3YjllM2MyY2IwNDg0OGIwNzQyMWQY1ZWu5rgxSAASGQoKcHViY2lkLm9yZxigpa7muDFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20YovKt5rgxSABSAghkEhcKCHJ0YmhvdXNlGMGerua4MUgAUgIIahI-CgVvcGVueBIsZXlKcElqb2lkbHA2WmpaNU5XcFRhRWRLYlVSVFlYUkxWVXd3VVQwOUluMD0YhJau5rgxSAA.&dlt=1698874223774&idt=3166&prev_scp=a%3D%257C0%257C%26iid1%3D780618487345719%26eid%3D780618487345719%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26as%3Drevenue%26plat%3D1%26bra%3Dmod182-c%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dt%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D2%26al%3D1002%26compid%3D0%26tap%3Dpastelink_net-box-3-780618487345719%26eb_br%3Dbf9a045b836005b6c23b7b0749249612%26eba%3D1%26ebss%3D10061%26bv%3D11%26bvm%3D0%26bvr%3D1%26avc%3D38%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D26%26br2%3D50%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26icsticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3915%2C3919%2C3933%2C4184%2C4185%2C4186%2C4604%2C4605%2C5747%2C6044%2C6293%2C6294%2C6295%2C19%2C2688%2C2693%2C3045%2C3053%2C4276%26nocompoverride%3D1%26bkfl%3D1%26lb%3D50%26reqt%3D1698874233779&adks=1692205609&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
d7f2a6a4e1ca0345e8813bdc5c48a9bf9b02f9b96d4a31b260841b089a948a94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:34 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
144
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ad.sxp.smartclip.net/ Frame 0890
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm&gdpr=0
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESED1gkw2BMo1WvNOZOPOYVb4&gdpr=0&google_cver=1
0
0
m
ad.yieldlab.net/ Frame 0890
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm&gdpr=0
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEJrwO9fIRn0q5q7Llp0g77w&google_cver=1&gdpr=0
0
0
truncated
/ Frame 4BBD 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f49cc53a7ce96e4476a352ccf35e886ef1a6328a167f558a970e6268a379c643

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
952.js
cds.connatix.com/p/368057/ Frame 722B 		76 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/368057/952.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/368057/cSyncRemoteEntry.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe917cd13fd4d9f376fd1cfa6ee6d31d6c7a89a5e7129dc8511b6e2aec860fa1

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:33 GMT
x-amz-version-id
dXPsBoUnxFBa3DYNQrPtAQ9JzOoug9QD
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 01 Nov 2023 14:04:36 GMT
server
cloudflare
etag
W/"57846254bbd200f9201061ef4191f1e3"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
81f73d5a0a9601f4-ZRH
access-control-allow-headers
range
expires
Thu, 31 Oct 2024 21:30:33 GMT
402.js
cds.connatix.com/p/368057/ Frame 722B 		42 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/368057/402.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/368057/cSyncRemoteEntry.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3984f4ff65bd39033cef8165012c524c15f3311bc2af7cfcf5e7b42695b86af1

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:33 GMT
x-amz-version-id
TgDVHO_XXPdM2BHQhpW8BHLEcsC.DuTL
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 01 Nov 2023 14:04:36 GMT
server
cloudflare
etag
W/"5cc78ac5d579d2ed103af305552a4f41"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
81f73d5a0a9701f4-ZRH
access-control-allow-headers
range
expires
Thu, 31 Oct 2024 21:30:33 GMT
cs
cs.lkqd.net/ Frame 6B6C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&gdpr=0
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEMMAMYjq9q4ibk0mR2mkx4k&gdpr=0&google_cver=1
0
0
cs
cs.lkqd.net/ Frame 6B6C 		0
0
rum
dsum-sec.casalemedia.com/ Frame 6B6C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJQkqjSEVORFNFKB_k43k9U&google_cver=1&gdpr=0
0
0
rrum
dsum-sec.casalemedia.com/ Frame 6B6C 		0
0
img
sync.mathtag.com/sync/ Frame 4AEE 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1075 283b7e3 master zrh zrh-pixel-x30 config_version:"1369" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 21:30:33 GMT
Server
MT3 1075 283b7e3 master zrh zrh-pixel-x30 config_version:"1369"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Wed, 01 Nov 2023 21:30:32 GMT
generic
match.adsrvr.org/track/cmf/ Frame 4AEE 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:33 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
onetag-sys.com/match/ Frame 4AEE
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LOG9UQG6-5-KAQ8&gdpr=0
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LOG9UQG6-5-KAQ8&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LOG9UQG6-5-KAQ8&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
Expires
0
/
onetag-sys.com/match/ Frame 4AEE
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2393881630050333936
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2393881630050333936
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:34 GMT
an-x-request-uuid
8af87a4c-d006-4750-b3b3-525be15fb97c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2393881630050333936
x-proxy-origin
85.218.70.160; 85.218.70.160; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 4AEE 		0
0
/
onetag-sys.com/match/ Frame 4AEE
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=4620150274202798648
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=4620150274202798648
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=4620150274202798648
date
Wed, 01 Nov 2023 21:30:33 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame 4AEE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
onetag-sys.com/match/ Frame 4AEE
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=B3ABD658-6510-47A0-8543-FE669B89DF5B
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=B3ABD658-6510-47A0-8543-FE669B89DF5B
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=B3ABD658-6510-47A0-8543-FE669B89DF5B
date
Wed, 01 Nov 2023 21:30:33 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame 4AEE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-2RM.RndE2uHNQelEy.NdvN.v7Aqj0uompIy9nrQ-~A
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-2RM.RndE2uHNQelEy.NdvN.v7Aqj0uompIy9nrQ-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-2RM.RndE2uHNQelEy.NdvN.v7Aqj0uompIy9nrQ-~A
date
Wed, 01 Nov 2023 21:30:33 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 4AEE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=onetag&gdpr=0&gdpr_consent=
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=onetag&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:34 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
//match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=onetag&gdpr=0&gdpr_consent=
date
Wed, 01 Nov 2023 21:30:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
army.gif
g.ezoic.net/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzg5NDAzNDIxMzUxODE0IiwiZG9tYWluX2lkIjoiMjUxNzg2IiwidW5pdCI6ImRpdi1ncHQtYWQtcGFzdGVsaW5rX25ldC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY5ODg3NDIyNCwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYTY2MDUxMjAtNTUxNi00ZTZjLTU1MzItNDcyMjhmZTUxN2FiIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiI0In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Wed, 01 Nov 2023 21:30:34 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 31 Oct 2023 21:30:34 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CCE8 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=611061766924&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CCE8 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=611061766924&version=m202309260101&ct=76&x=38&cor=3993585410156544000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame CCE8 		90 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A8qkrt4ZzlYwb9SJoXvEyGJ3-GS0pWbzAX1mFV7_55n4Z1vln9Z3ZB6FZA4UT0WEYk_RDzvrsj7M46Uv6y03xrjaZ3rDrkSZYE_bDv0PORLGSERk4At8RrFH3Yy5DHz2F_FQVTYuY1u9llUjV79CTD-9FCPXGtoA2ITUGO6GiLHunRKtJmbT3TUYjB8tsfl6q8VhzeHR6dMKzEzyLvNFGhPFj93Q&dbm_d=AKAmf-CBEV0ONRjgOV352-jHHkPZQvTh3dn2lTutA5sd3q_cmhwt0899J6hel9EvfLas9IdNDNGN_YT8mp4yfPGxFy7oGgIDszhDt-fLSlKiUGrTPLFbf7vNpo3unq3_9DE5zxY7mm9JWubR5JO4SLGihi_i386nZIHh_vGeuo-z2lN67TGH-Rs3sFEcMSWyWYeox2pwSYOMHX7Sxdv03e0ro8hlQdSUpn-OReKYDURSPJsV2GaVHbUlDL-bhq40SjhmVZ_UtjTgUOdJfV9URMNzJdFkP4eLefi3PoPWN234we8HV3P2UCXc8Cq4na6M9cx73AasTdCBlQySA3zkoX6JyFKk3nViFjQZsV1uDEQLSiuGskF36JrzUgMvV2x9EXV_F-0wLo99lyRWjEzZ-4th0k-22K1lYhVJWv5tBOQjZk4wWGKrcEi2r6u8gpI6BlMSwSICm7eOc7O4XACgpTPEtFN6umwLQG-JGsKn-jP_iYCe4mn3hvNfn7b4gYV_cMNsWuv2VbMSIt2CzT7sgzQeI6DtSTD_OJzAKCyKHbBtc0dk_9eo-RK2brTbVVZ30dSK_QKdmRYq7bjhWSqfptKNr6h0hHBRFvF06q0QpK09y7w6_bp6FMTCtAcIQNCXW2DPv0_-IhFgVWd2BgM1xx9QeQNnCVSy2MInq99Rd8O0AIMTDnwPhOfFIK0blhFjQwt2PZ2BW4-E6PNthllGfc2KEqWubciLdFoMCKlz7UHt-xljj0-K0sHFWrTyPb07W_kxAvvSO8OfBZQstbkF_l7-cUTmYS14VUgOF-3JkE-aTGoTgSIus8-w1paP9_ekagVmqci-OWcOLauR286bNCUgl1ZNIlXafjKkbx3hN7csE0SzyrkMOoTJgDNRGO8BjPSgMnmSiuBjTWXWBU5jmIMgMAVg_pPcOo-YVD-C2hA7lVqaTvtgr3WM4TUObqLsPR7zKEgH-ETk37TRu_r_HCA6kEXopXBtaO5LOl14ZBM1P_g2PFMeYdMF0jVG25auVsccc3e5BXXFMc9jD2LtsxF0lsc82agM4V4EsOrwY6ebnEP7TXSpV-DoEZo1iLqGMje_nS-2dm71PVA2lVn9qL7l5o_Mr3OPWZuZLjnaU7Zg3EKokUMyG4cs_hiABtVkBBX1vJpZ1xcZXE0B9vPtZxmN1MVa9rHzMHxSzm7hDo6CIWQ4mnJIJZbkIHyHYjLS_whiOGNUaPHg3Geu4QylVlj0xJMIuIIbOo5Ocv7rAZGhYlLhSSW1he1EoidiUMXcrt0UpyjsNyQmPebpAbNhswQiYEE_R47DHVwUbzsJbT7EjT_18_33ThzHJaEVec0ZBFK3GrrTMFWviqGKBR9n_QnWZtar7HWtCX7vx3QGv_C2lzZ2Hny7dUrAWXIuXvKYTJdh4CSdAPRSdGTv1fVrLj19fBfDpjgeZE5fpwauv4QyBe7oCgab_lXPccm_PkPSniFvX7oAUyCDNU8kZSH7DO0VjQO8xJKT4BDTNrmHOOlSpgYRyp4TeIntB148AeYG8IXSSVx_RX5Xu9F3YU3j119siOXDt3LQU4Dln0TDW5isgL4D9mVb05ZA_kckIZDv9mnhoXCAS21vz3ReADmdzgp8TdOU9haOsjMQNRUYP4D1ZzNuJYK8SisF4w8_BfJf_6_r2fo4v2T4O0WnjoFMb-7625dM-C9-jgOz31VjJ95fZtL4fUeCQSx-pU51r-ySgxNsX4tGjshLgGt16Bn4OknqU4ojXMlKkQcD0OoFrjjc5FnS56Nnw8Qv5mmS090QFWVfZ-GEZWFd6O61XHJX7d9U-4MQNc31uKKVglYCt6x1v4mEfDze_jXftqx30ICRIPVSgyvT7hLZ-g2Q877uHvsjzq65lCrHtInCAdsfAYc1T-jo6aEWxF5fGnEi0YYH2Q3Rk9truo_9__gKweBAF9qxC7V-P8kBtOiLgNtj61WGIIh8N13Ew3BR8rLCy71Nq5vc2KqYg8rNpN2KgytTGfY91xFw6kUwaMl4HVy0LHGcrZGipe7jXzV9ETTsf_hOjF1HExtms_YNuvM9LpXI6Mbj9RfmdhSC0pM4oyu316iHUSMDxapfqj9H6DWzqG22LRvELtTlcVxgmYSczyLBOhGnltf5wcwCJ-txlTAZDuXVwZeNHOwsJ3ySVAMNzjI66bZxhJmguVMfN4eobXK526t2nIpuWIMLPK-rBepYz5ovl8LHA9wqb-2cM7Kb5Zq-aLiBOtl--yEFLG9ctqZh3E9mK68472rNT7_xFo14AL2Brtv3wFE2GRUI5wKI0t1CkrE4r4wnfMLb8G0MBA1STYdveeEyteFQ2X4I2DZp8OP3r_IwnVoo8qdsZN5KiZiyzUIvW_5nn4C-anRkj7zKgen-PACi9oxAqbl1LKOLyoAo8DinRkJ0cS7-UpgtFr6qPab-TZS9E-u-lVATz_E-4Tmci1bzNzBOa-cFN6HmS0FoKSuQEQdOJ6f-obkoLs1Nn7EiZgItxgyHqqlnf2f7aZ7-pxyAJD-BaHuIXq5wN-iYOgyy-303-QONW6eQKqk1iA5F1fAlryx-pPoWuwlt4pr6iZUgmopBjLS4ceZR0gsbZcEoJdOkDKZxhTikvPGrlGRhDcQUCtoGLdRfMugu0uJyJk5nEQhQ9DlWKJZ7FOmkFiMKjfNJP9EJFplCjen79xzcz8li1Dw12Q9-E_L1Q4F6vepXaa92__dHkj9c_WcA2hTUlYn0QsQjUy27oKB6J7csCYWUfLqoy2FflmgyG7edA32R8nnCF3o8JW6zAZs4RU-Rwstz3kUGbVIw6fDRRg1ZpXrDLsJwNpwtSdPxilTWD9s2f_nvbunL5aUnWewy9QCDRMjTh_TeXCQQJn3R8nuye6Mfch8IrFvpMQmkX6vO0FMl_MKjfRhDmGxCCoPCRXfrjr5Cc33rb9q-Dj7zrKQ9EQNcv8uWrHN5ntfQQce-hoRTpWbJNz-zLCLRmnBKLbYka_GATCIbW3hkz_8VAeW5UtQMpo39PLtvbU9XvkTcF5IvLUoZq__o_ABH7SoqgUiENL-boJYZFhkMvH9ZZ4oUEjdA7ZYeQnnrPl-N--uxOGjDIh69Shj75ISdiBbIa5QE9YysmrEixCYP9MLicSIZECB3ZRt0fisGsj1FLDcGazJ6zniBzKGpFFMz7lsLdO1HiTs1mwNUvT30ntUbRauWKU2M1H0k_z1Ez8f9DvEzg-gLWm4HLMjX07Kz9Nw3Ae5RGjBNudnLsha0TnlJLVqNxsvH98juzVTW7N1X8qsMYkWPI8LrjpV4lD4wfpbn0-clVLwq2YvBMCZbteNOeJe-S1KSgl045sTmbGtnjHXBaSa7914sw9Yllm2hvywsBdkrMkpluQ0G4z33mNPZaMegsCsXVw3CXm16eDpgI7fiVpbL_p_Ehs_-ao5-C-Istuy131vgKJGoUFvd1dDn44ZyB8-CMwfTdnmoYG-qAtkXgKDqUI1-Tcq-OeCyBHot2p_3OK_B-0liNra1XNKtIdzaIAzuUx_ndVyXqHJ2y-bRPx7HlpYepnhw3tXqWGc_yn73wljbhJIU3kjNxMQxJnMHOqgW0fRKyfPFN4wNAuKJXL8ls6urprCEEgjgF0RzVoY_6xtlQjQMMNa2gjJuDzUwokI8-9qoT91ZFJLSDze7bqesevvrwnMxxgv33uhZeS1F9wQLm8QKmXwoiwf_njF_A-Z3Lf_QT5c5H0FdhHLXCjwYxKnPMaNhS6Ea8NP5F5wIqFGXqDxprj_12IxVYa7HdefauAjPbgTtMa3BsA_roLkSz24hVlrCnV53IVsNpRUbzybofkc&cid=CAQSMgDICaaNCDMKidC2Aj-fZtjbkZtZfF_9rFPwR905OBaONsrqAl0R3EZmqWA1unV3RrVmGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fpastelink.net%2F3t5ilv84&ds=l&xdt=0&iif=1&cor=3993585410156544000&adk=1839432766&idt=170&cac=0&dtd=27
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
4bc67d3396eab04f5d1e931521f356c45d04196a9fdda1f253885c0e8d3e6865
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38331
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DBA5 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2656338821841&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DBA5 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2656338821841&version=m202309260101&ct=76&x=67&cor=14338342613480649000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame DBA5 		92 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BBr987mDOxIFpT4DYYY89qoWGDKJR6b68e5ryh-TVt2eK_DUFDbiDxag-v27EyGHm8JbZWXLZzteAxqA2cJ5o6uCyidVls-IYf7s9qgFX9OBe69QNxq7xslXo42pAPf9QLW2cqLLqFwzNAX6lbG8lg7l5T1-XSA-cL9JnYdGuLCVZ6u5E&dbm_d=AKAmf-DLC3bOpobBmd2dCiHSEKlrG9gPPUDtZonM4E0G6hruCTJMx-_FXN0EcHOjaaGtf4W-rEE6gGJbZdh0rrF9DuGrzsax3_FHbInXvBOPj84V1a0u7XAkPqwwkwIf78DxmAIihjym3SEslhfnjZlSBmWfQqdFr4QdAFksU-1k4l99AFzyaQtLglxErKgwjSJ9puEHM-Dp-TVZ0rb5KusiAmETGc-fcI4ONdY8ngEf9r9NM1oOYVgPJQh5nBcccyD3PlLYonKMYrqTHaCT1EvQeISiEYAB8A2FPu0SOJYAi3T3sqq6E7exqrFgtLzCLc_tKhy7_4mqhdwyjZiwJRLLkGTwrZQCBSB_m22jCn5luXDsi06Nmg_ehD-KAcpPwmfLjbP5tZscV4D-EU8Bd55Nhi0jjJCp1Bfpf3Wt_V1OadetotkORQIFs_XVCFjBqvbutt1DPmDPFpztEin0CCYs5qiYTdjTnfu6uee9QjiDcaqAoVh1FETYiHj67wXJRs9kNGe3Y0M941QPrryuPKKn75IAyD4Vz1guPvs0APrsvzcbmSoCMmHAZBFfQ9ZRDF6vPxUR_XjOyVtLUozxBqlhRRCjf_sUT1LPeo93HacicbBrA_aQYRErjauq2vNsMfBPAVHKaKevTT2s70UI6uNCFMQyKZ9RO7K3-uqKkVI7DeovI-ykSwmWutL-PMl9giB0_SiPTDXGuybvefO0bEH1kGcQBsZPR6L5FO2QFCFiJX1tgR5WbgSj5IKCchn5liE7ixDrtVylTEMi4gWV7iepcAllDj2_BqpNz1lbGLTZcpZ7PWua2pbE0D1ateyA8vHrqnXBTjc6Fz9GZbzz5LlQ3fvLZta3AcRX8jjP75JVFRnupDy9lg-2LhCShxFhouNkbvjR87MZeumVvb8VRlESINQpne3jHozLpPMPmmpF8IPShlDceoRqS_zijBW3wXyDf9hWaXUtlTmw4_J1WJBNoyop137Qn0KgHmXoE4ye6x7yaWmgrr5i58Q0H8GA_pk3jvcfFSJFUxCjv86Zzn51gotZFM0w4tUHRaUk9FH0F6X15OlsSGV0AyWW2cOhTNrTF1mr3G6m3stKqS2_I8Mr7Hw8757ihySCUx34dX18PeMCi1zOgCgigBR-5QE9QoLK02_Ug-DtKJ5f-dy76FrDH0kgBdiiKOQu-zGVGaCui5l4Wo7P-_ctZfi5STXw5geM3RquW8uoN5FmlQgmf7wdjQ0cZ_oI18MCS3yfv-ntmgJZMISTyu2zekmkdNwB4XChxL2kQRGApt8bG1vzM144bUtSs794HB8dhQ5KSy9xa62z5l4E4p116rvzDonWlfSeEQ5qx4Z4EcVsW1O30nz0Aa3Smd4yLhmwDC3mtO1xaOgMDBQT7pcorbKQvWagDMZ28z5fYPD8y5MC-P3KKyZmN22eRPzDPdnF6P8WPAcAKfRody7zGHX-4pKfSfnk7Ubq3oqy-6WC2qMFNyHOxzXq2jOPSLr03bDHGLeU3wRs4_BepKLZHk8NfLShz35zN5nA8afvs4TNc4KbE8oc0eVP3OjcZSywjsH5QfnoGJEb_vluYHN2Hyi4LRHbkac92iPp_UxtQXeIfYHinq1NwUWTmlQ32-Jirod6upmGVZJ03AddWX4Wb61R1QvLlxl55XMTocbCJ_72lxsYtodca9QAEGNp1ZodLRBgNAoY9GMsj7q_eGONAXvJfvTGcTC0qnhR9bI6fskGhQwmQXArhzhemA3Na5t12Cdf-NrvtBpfl2DtpN6Jqhr4nJzXSFapCwvBJPqbT4JfzfB8aA88Q4frKV8mzzmi7zM0Ub7T4kzczva1g8W_C4gknlHbSoa8WG4zaov_0dPvS-PK5mwp2B0so8-cnMIlTLF_mI9BOR_Ks9J6Wr-LXCGuRn-f1JuLDJOd2Edxzr_N7tOMC7CEBxzpfp0lAO1XUzG6myEP1LIaA_VC6IfBWRas5FZoIyGEt2lU3XFLGo8imlwRG0GjR7R58cI91e74kICNkm7TuzxpCnZ5qigZgjnWobCcY5Abq5jVLy8p9b3j8bJ6YV7meyRkaD6fh2s2Jy63VFp8CG6H8fHgtdy_VXVIRgvP3k7FWkyG60k2W5Frq2alecmzHdZpRNjFwULflxRR76tt3p08_1gBG5fSZDyioZYw5_-OqPtjXTt6AOIyMT6SN59FFvexuDio0eX2oDcz_LFVIvsAVy_4gh1Wl4j_L6oxjq2WuC_aWTGwlpsnWVCkNFKJoYnWev45IRamNhY_n7p9fFQx6C8-E3cAwkfVIVWTIROpx5iR44fVcxy2gDb2VGri35sT_uF6s19PX7KPO03kgJ9pecnQmMYJsgtD-cjh8pZ8Kncb3RA9ZaParEdXXb0FLjtQMNtj2HI4JCktNTud42VfVzjG5UflpEPujk1BhrRReP-4x89LWesVckxjma_155fJp6eR0zW3pE0WNhKQ9PQkPbB9Q79vYoSkfqga6vR6wRUlhOkG-Mnk8KeLpRVRNXFf4ca-1Dtj1iS7kGs1P7NgoBW9uzxYZ1x7LiHNU2d--pr_yOGnaJpZWGZqdkS-8JsUld_WDSMnXSOCkd_B5xYPmIUiHlHaGN2gcy1CmNp7hHlBEuZHyi7N20l_1D-4T8KxTQCHB5V1AzR1lh28P7cY4qbm3QCG--vPEXjvgw2H3Zy6wZ069fPFxF8W5OCvoAyDUP8y3sZKLqK3SR8fCgljJrpoWHGSpFo2iR2aaoe_jQ2KPqG_Sp_SiEQzwIU9AtgrA3pPv5lTNV7yHU3nxMK_PoKRLVhnWLOXYLAnKxxFh8nAYeQDr0nFcfCgg9I5sx76ycoa9-azWkfYpNwz6J6cjlpmj3EZSR4JucIby4l47hIe65wwFH9eQES-hkGNjvVy5g8vDCisGVNk5vnjo31NTL5l7zLnJdwEtqmYAC8Bx3JGOOEIj1J6viiq9IY92OJ6jXvgBXMBmHQmDozkifP9a3z545MqQ4SuMjCyKTCiA6wr-e_Yc9v2DC_08X-DcIlB281TFIgJFDMyb52lvZPUlQ5dBr08_TrfSbB4M-PuF1A6iHJpH_cFoLvcclyhYXd2zlg6Be1-NNwgbg1uLA_gICqPdG5qnHtnytQOyl4LuRVX4myL8CE5DSRPed2xBJ8nH_tsfZyNqg7_dxyI1XQETWGKXgdzG5LCgMNX8fDMOY_C5ClytiRvBgqVr2YgiI7NtKydqVWStyaD2eUcEh9Sj2Dlujcm408CHf3R_Dnnh7g_a_N9uii_Q_0LuOkGuulOycpmu66NdufRZZl8QQWD9M3LYUv6IzaKEMaDJFq84iNxrd-71WT_aGzBmC174nx0lfIUK8V1SXRQKHRy0dASwm9SAlDCYwXVd0KEVsWm0ATJUw9VXEuWrmqLpcJicvrd5rg-xj06Dz9gFdzVb4i-jiKklPx7QpMFhthtKXN7FelomlOgZD3eZoMBCzhxpnaN7MgkYislnSp9QniG9vZacJ2ll5-UU-iuxt1u6wkXPear8OR8daUIu51FDj6X5OPljn7-CjDk-V-hiC6LXmrhvGZAlBgjrYz_-JANbaZk3Q2zSkXQ7HJFHi1GYTIt8YsqHyiAM8ydjzLWbuBrV22ezCqh8yaCA31n49ud6yclmz_sx57cDEvU&pr=67%3A0.094923&cid=CAQSMgDICaaNSOOdQMG2n28OY5z5STdLp4E5pjDIhYYQghDPfonnx5ub4xa13uP9-RXQg2dkGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fpastelink.net%2F3t5ilv84&ds=l&xdt=0&iif=1&cor=14338342613480649000&adk=2330389860&idt=150&cac=0&dtd=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e738d6a7bb359fe3c36cf7f34b1701ac10e21f5b8df7a1db4b4448a71c1a818e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39092
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
capi.connatix.com/core/ Frame 722B 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/sync
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/368057/402.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
596d0697f7fe2fee2638e31704feed4271c6f50ee35313e63fb6cad33852ce94

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 01 Nov 2023 21:30:34 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
81f73d5aae600221-ZRH
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
pls
capi.connatix.com/core/ Frame 722B 		20 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/pls?v=368057&cid=5f049401-746e-4449-8c27-b6b9d8e25882
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9535891aa33ecb83b7bc32deb9995f2d7408df3ec66a111c1faaf10f354056c

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 01 Nov 2023 21:30:34 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
81f73d5abe840221-ZRH
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame CCE8 		0
0
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/elements/html/ Frame CCE8 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A8qkrt4ZzlYwb9SJoXvEyGJ3-GS0pWbzAX1mFV7_55n4Z1vln9Z3ZB6FZA4UT0WEYk_RDzvrsj7M46Uv6y03xrjaZ3rDrkSZYE_bDv0PORLGSERk4At8RrFH3Yy5DHz2F_FQVTYuY1u9llUjV79CTD-9FCPXGtoA2ITUGO6GiLHunRKtJmbT3TUYjB8tsfl6q8VhzeHR6dMKzEzyLvNFGhPFj93Q&dbm_d=AKAmf-CBEV0ONRjgOV352-jHHkPZQvTh3dn2lTutA5sd3q_cmhwt0899J6hel9EvfLas9IdNDNGN_YT8mp4yfPGxFy7oGgIDszhDt-fLSlKiUGrTPLFbf7vNpo3unq3_9DE5zxY7mm9JWubR5JO4SLGihi_i386nZIHh_vGeuo-z2lN67TGH-Rs3sFEcMSWyWYeox2pwSYOMHX7Sxdv03e0ro8hlQdSUpn-OReKYDURSPJsV2GaVHbUlDL-bhq40SjhmVZ_UtjTgUOdJfV9URMNzJdFkP4eLefi3PoPWN234we8HV3P2UCXc8Cq4na6M9cx73AasTdCBlQySA3zkoX6JyFKk3nViFjQZsV1uDEQLSiuGskF36JrzUgMvV2x9EXV_F-0wLo99lyRWjEzZ-4th0k-22K1lYhVJWv5tBOQjZk4wWGKrcEi2r6u8gpI6BlMSwSICm7eOc7O4XACgpTPEtFN6umwLQG-JGsKn-jP_iYCe4mn3hvNfn7b4gYV_cMNsWuv2VbMSIt2CzT7sgzQeI6DtSTD_OJzAKCyKHbBtc0dk_9eo-RK2brTbVVZ30dSK_QKdmRYq7bjhWSqfptKNr6h0hHBRFvF06q0QpK09y7w6_bp6FMTCtAcIQNCXW2DPv0_-IhFgVWd2BgM1xx9QeQNnCVSy2MInq99Rd8O0AIMTDnwPhOfFIK0blhFjQwt2PZ2BW4-E6PNthllGfc2KEqWubciLdFoMCKlz7UHt-xljj0-K0sHFWrTyPb07W_kxAvvSO8OfBZQstbkF_l7-cUTmYS14VUgOF-3JkE-aTGoTgSIus8-w1paP9_ekagVmqci-OWcOLauR286bNCUgl1ZNIlXafjKkbx3hN7csE0SzyrkMOoTJgDNRGO8BjPSgMnmSiuBjTWXWBU5jmIMgMAVg_pPcOo-YVD-C2hA7lVqaTvtgr3WM4TUObqLsPR7zKEgH-ETk37TRu_r_HCA6kEXopXBtaO5LOl14ZBM1P_g2PFMeYdMF0jVG25auVsccc3e5BXXFMc9jD2LtsxF0lsc82agM4V4EsOrwY6ebnEP7TXSpV-DoEZo1iLqGMje_nS-2dm71PVA2lVn9qL7l5o_Mr3OPWZuZLjnaU7Zg3EKokUMyG4cs_hiABtVkBBX1vJpZ1xcZXE0B9vPtZxmN1MVa9rHzMHxSzm7hDo6CIWQ4mnJIJZbkIHyHYjLS_whiOGNUaPHg3Geu4QylVlj0xJMIuIIbOo5Ocv7rAZGhYlLhSSW1he1EoidiUMXcrt0UpyjsNyQmPebpAbNhswQiYEE_R47DHVwUbzsJbT7EjT_18_33ThzHJaEVec0ZBFK3GrrTMFWviqGKBR9n_QnWZtar7HWtCX7vx3QGv_C2lzZ2Hny7dUrAWXIuXvKYTJdh4CSdAPRSdGTv1fVrLj19fBfDpjgeZE5fpwauv4QyBe7oCgab_lXPccm_PkPSniFvX7oAUyCDNU8kZSH7DO0VjQO8xJKT4BDTNrmHOOlSpgYRyp4TeIntB148AeYG8IXSSVx_RX5Xu9F3YU3j119siOXDt3LQU4Dln0TDW5isgL4D9mVb05ZA_kckIZDv9mnhoXCAS21vz3ReADmdzgp8TdOU9haOsjMQNRUYP4D1ZzNuJYK8SisF4w8_BfJf_6_r2fo4v2T4O0WnjoFMb-7625dM-C9-jgOz31VjJ95fZtL4fUeCQSx-pU51r-ySgxNsX4tGjshLgGt16Bn4OknqU4ojXMlKkQcD0OoFrjjc5FnS56Nnw8Qv5mmS090QFWVfZ-GEZWFd6O61XHJX7d9U-4MQNc31uKKVglYCt6x1v4mEfDze_jXftqx30ICRIPVSgyvT7hLZ-g2Q877uHvsjzq65lCrHtInCAdsfAYc1T-jo6aEWxF5fGnEi0YYH2Q3Rk9truo_9__gKweBAF9qxC7V-P8kBtOiLgNtj61WGIIh8N13Ew3BR8rLCy71Nq5vc2KqYg8rNpN2KgytTGfY91xFw6kUwaMl4HVy0LHGcrZGipe7jXzV9ETTsf_hOjF1HExtms_YNuvM9LpXI6Mbj9RfmdhSC0pM4oyu316iHUSMDxapfqj9H6DWzqG22LRvELtTlcVxgmYSczyLBOhGnltf5wcwCJ-txlTAZDuXVwZeNHOwsJ3ySVAMNzjI66bZxhJmguVMfN4eobXK526t2nIpuWIMLPK-rBepYz5ovl8LHA9wqb-2cM7Kb5Zq-aLiBOtl--yEFLG9ctqZh3E9mK68472rNT7_xFo14AL2Brtv3wFE2GRUI5wKI0t1CkrE4r4wnfMLb8G0MBA1STYdveeEyteFQ2X4I2DZp8OP3r_IwnVoo8qdsZN5KiZiyzUIvW_5nn4C-anRkj7zKgen-PACi9oxAqbl1LKOLyoAo8DinRkJ0cS7-UpgtFr6qPab-TZS9E-u-lVATz_E-4Tmci1bzNzBOa-cFN6HmS0FoKSuQEQdOJ6f-obkoLs1Nn7EiZgItxgyHqqlnf2f7aZ7-pxyAJD-BaHuIXq5wN-iYOgyy-303-QONW6eQKqk1iA5F1fAlryx-pPoWuwlt4pr6iZUgmopBjLS4ceZR0gsbZcEoJdOkDKZxhTikvPGrlGRhDcQUCtoGLdRfMugu0uJyJk5nEQhQ9DlWKJZ7FOmkFiMKjfNJP9EJFplCjen79xzcz8li1Dw12Q9-E_L1Q4F6vepXaa92__dHkj9c_WcA2hTUlYn0QsQjUy27oKB6J7csCYWUfLqoy2FflmgyG7edA32R8nnCF3o8JW6zAZs4RU-Rwstz3kUGbVIw6fDRRg1ZpXrDLsJwNpwtSdPxilTWD9s2f_nvbunL5aUnWewy9QCDRMjTh_TeXCQQJn3R8nuye6Mfch8IrFvpMQmkX6vO0FMl_MKjfRhDmGxCCoPCRXfrjr5Cc33rb9q-Dj7zrKQ9EQNcv8uWrHN5ntfQQce-hoRTpWbJNz-zLCLRmnBKLbYka_GATCIbW3hkz_8VAeW5UtQMpo39PLtvbU9XvkTcF5IvLUoZq__o_ABH7SoqgUiENL-boJYZFhkMvH9ZZ4oUEjdA7ZYeQnnrPl-N--uxOGjDIh69Shj75ISdiBbIa5QE9YysmrEixCYP9MLicSIZECB3ZRt0fisGsj1FLDcGazJ6zniBzKGpFFMz7lsLdO1HiTs1mwNUvT30ntUbRauWKU2M1H0k_z1Ez8f9DvEzg-gLWm4HLMjX07Kz9Nw3Ae5RGjBNudnLsha0TnlJLVqNxsvH98juzVTW7N1X8qsMYkWPI8LrjpV4lD4wfpbn0-clVLwq2YvBMCZbteNOeJe-S1KSgl045sTmbGtnjHXBaSa7914sw9Yllm2hvywsBdkrMkpluQ0G4z33mNPZaMegsCsXVw3CXm16eDpgI7fiVpbL_p_Ehs_-ao5-C-Istuy131vgKJGoUFvd1dDn44ZyB8-CMwfTdnmoYG-qAtkXgKDqUI1-Tcq-OeCyBHot2p_3OK_B-0liNra1XNKtIdzaIAzuUx_ndVyXqHJ2y-bRPx7HlpYepnhw3tXqWGc_yn73wljbhJIU3kjNxMQxJnMHOqgW0fRKyfPFN4wNAuKJXL8ls6urprCEEgjgF0RzVoY_6xtlQjQMMNa2gjJuDzUwokI8-9qoT91ZFJLSDze7bqesevvrwnMxxgv33uhZeS1F9wQLm8QKmXwoiwf_njF_A-Z3Lf_QT5c5H0FdhHLXCjwYxKnPMaNhS6Ea8NP5F5wIqFGXqDxprj_12IxVYa7HdefauAjPbgTtMa3BsA_roLkSz24hVlrCnV53IVsNpRUbzybofkc&cid=CAQSMgDICaaNCDMKidC2Aj-fZtjbkZtZfF_9rFPwR905OBaONsrqAl0R3EZmqWA1unV3RrVmGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fpastelink.net%2F3t5ilv84&ds=l&xdt=0&iif=1&cor=3993585410156544000&adk=1839432766&idt=170&cac=0&dtd=27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 13:34:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
28576
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Nov 2023 13:34:18 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/ Frame CCE8 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A8qkrt4ZzlYwb9SJoXvEyGJ3-GS0pWbzAX1mFV7_55n4Z1vln9Z3ZB6FZA4UT0WEYk_RDzvrsj7M46Uv6y03xrjaZ3rDrkSZYE_bDv0PORLGSERk4At8RrFH3Yy5DHz2F_FQVTYuY1u9llUjV79CTD-9FCPXGtoA2ITUGO6GiLHunRKtJmbT3TUYjB8tsfl6q8VhzeHR6dMKzEzyLvNFGhPFj93Q&dbm_d=AKAmf-CBEV0ONRjgOV352-jHHkPZQvTh3dn2lTutA5sd3q_cmhwt0899J6hel9EvfLas9IdNDNGN_YT8mp4yfPGxFy7oGgIDszhDt-fLSlKiUGrTPLFbf7vNpo3unq3_9DE5zxY7mm9JWubR5JO4SLGihi_i386nZIHh_vGeuo-z2lN67TGH-Rs3sFEcMSWyWYeox2pwSYOMHX7Sxdv03e0ro8hlQdSUpn-OReKYDURSPJsV2GaVHbUlDL-bhq40SjhmVZ_UtjTgUOdJfV9URMNzJdFkP4eLefi3PoPWN234we8HV3P2UCXc8Cq4na6M9cx73AasTdCBlQySA3zkoX6JyFKk3nViFjQZsV1uDEQLSiuGskF36JrzUgMvV2x9EXV_F-0wLo99lyRWjEzZ-4th0k-22K1lYhVJWv5tBOQjZk4wWGKrcEi2r6u8gpI6BlMSwSICm7eOc7O4XACgpTPEtFN6umwLQG-JGsKn-jP_iYCe4mn3hvNfn7b4gYV_cMNsWuv2VbMSIt2CzT7sgzQeI6DtSTD_OJzAKCyKHbBtc0dk_9eo-RK2brTbVVZ30dSK_QKdmRYq7bjhWSqfptKNr6h0hHBRFvF06q0QpK09y7w6_bp6FMTCtAcIQNCXW2DPv0_-IhFgVWd2BgM1xx9QeQNnCVSy2MInq99Rd8O0AIMTDnwPhOfFIK0blhFjQwt2PZ2BW4-E6PNthllGfc2KEqWubciLdFoMCKlz7UHt-xljj0-K0sHFWrTyPb07W_kxAvvSO8OfBZQstbkF_l7-cUTmYS14VUgOF-3JkE-aTGoTgSIus8-w1paP9_ekagVmqci-OWcOLauR286bNCUgl1ZNIlXafjKkbx3hN7csE0SzyrkMOoTJgDNRGO8BjPSgMnmSiuBjTWXWBU5jmIMgMAVg_pPcOo-YVD-C2hA7lVqaTvtgr3WM4TUObqLsPR7zKEgH-ETk37TRu_r_HCA6kEXopXBtaO5LOl14ZBM1P_g2PFMeYdMF0jVG25auVsccc3e5BXXFMc9jD2LtsxF0lsc82agM4V4EsOrwY6ebnEP7TXSpV-DoEZo1iLqGMje_nS-2dm71PVA2lVn9qL7l5o_Mr3OPWZuZLjnaU7Zg3EKokUMyG4cs_hiABtVkBBX1vJpZ1xcZXE0B9vPtZxmN1MVa9rHzMHxSzm7hDo6CIWQ4mnJIJZbkIHyHYjLS_whiOGNUaPHg3Geu4QylVlj0xJMIuIIbOo5Ocv7rAZGhYlLhSSW1he1EoidiUMXcrt0UpyjsNyQmPebpAbNhswQiYEE_R47DHVwUbzsJbT7EjT_18_33ThzHJaEVec0ZBFK3GrrTMFWviqGKBR9n_QnWZtar7HWtCX7vx3QGv_C2lzZ2Hny7dUrAWXIuXvKYTJdh4CSdAPRSdGTv1fVrLj19fBfDpjgeZE5fpwauv4QyBe7oCgab_lXPccm_PkPSniFvX7oAUyCDNU8kZSH7DO0VjQO8xJKT4BDTNrmHOOlSpgYRyp4TeIntB148AeYG8IXSSVx_RX5Xu9F3YU3j119siOXDt3LQU4Dln0TDW5isgL4D9mVb05ZA_kckIZDv9mnhoXCAS21vz3ReADmdzgp8TdOU9haOsjMQNRUYP4D1ZzNuJYK8SisF4w8_BfJf_6_r2fo4v2T4O0WnjoFMb-7625dM-C9-jgOz31VjJ95fZtL4fUeCQSx-pU51r-ySgxNsX4tGjshLgGt16Bn4OknqU4ojXMlKkQcD0OoFrjjc5FnS56Nnw8Qv5mmS090QFWVfZ-GEZWFd6O61XHJX7d9U-4MQNc31uKKVglYCt6x1v4mEfDze_jXftqx30ICRIPVSgyvT7hLZ-g2Q877uHvsjzq65lCrHtInCAdsfAYc1T-jo6aEWxF5fGnEi0YYH2Q3Rk9truo_9__gKweBAF9qxC7V-P8kBtOiLgNtj61WGIIh8N13Ew3BR8rLCy71Nq5vc2KqYg8rNpN2KgytTGfY91xFw6kUwaMl4HVy0LHGcrZGipe7jXzV9ETTsf_hOjF1HExtms_YNuvM9LpXI6Mbj9RfmdhSC0pM4oyu316iHUSMDxapfqj9H6DWzqG22LRvELtTlcVxgmYSczyLBOhGnltf5wcwCJ-txlTAZDuXVwZeNHOwsJ3ySVAMNzjI66bZxhJmguVMfN4eobXK526t2nIpuWIMLPK-rBepYz5ovl8LHA9wqb-2cM7Kb5Zq-aLiBOtl--yEFLG9ctqZh3E9mK68472rNT7_xFo14AL2Brtv3wFE2GRUI5wKI0t1CkrE4r4wnfMLb8G0MBA1STYdveeEyteFQ2X4I2DZp8OP3r_IwnVoo8qdsZN5KiZiyzUIvW_5nn4C-anRkj7zKgen-PACi9oxAqbl1LKOLyoAo8DinRkJ0cS7-UpgtFr6qPab-TZS9E-u-lVATz_E-4Tmci1bzNzBOa-cFN6HmS0FoKSuQEQdOJ6f-obkoLs1Nn7EiZgItxgyHqqlnf2f7aZ7-pxyAJD-BaHuIXq5wN-iYOgyy-303-QONW6eQKqk1iA5F1fAlryx-pPoWuwlt4pr6iZUgmopBjLS4ceZR0gsbZcEoJdOkDKZxhTikvPGrlGRhDcQUCtoGLdRfMugu0uJyJk5nEQhQ9DlWKJZ7FOmkFiMKjfNJP9EJFplCjen79xzcz8li1Dw12Q9-E_L1Q4F6vepXaa92__dHkj9c_WcA2hTUlYn0QsQjUy27oKB6J7csCYWUfLqoy2FflmgyG7edA32R8nnCF3o8JW6zAZs4RU-Rwstz3kUGbVIw6fDRRg1ZpXrDLsJwNpwtSdPxilTWD9s2f_nvbunL5aUnWewy9QCDRMjTh_TeXCQQJn3R8nuye6Mfch8IrFvpMQmkX6vO0FMl_MKjfRhDmGxCCoPCRXfrjr5Cc33rb9q-Dj7zrKQ9EQNcv8uWrHN5ntfQQce-hoRTpWbJNz-zLCLRmnBKLbYka_GATCIbW3hkz_8VAeW5UtQMpo39PLtvbU9XvkTcF5IvLUoZq__o_ABH7SoqgUiENL-boJYZFhkMvH9ZZ4oUEjdA7ZYeQnnrPl-N--uxOGjDIh69Shj75ISdiBbIa5QE9YysmrEixCYP9MLicSIZECB3ZRt0fisGsj1FLDcGazJ6zniBzKGpFFMz7lsLdO1HiTs1mwNUvT30ntUbRauWKU2M1H0k_z1Ez8f9DvEzg-gLWm4HLMjX07Kz9Nw3Ae5RGjBNudnLsha0TnlJLVqNxsvH98juzVTW7N1X8qsMYkWPI8LrjpV4lD4wfpbn0-clVLwq2YvBMCZbteNOeJe-S1KSgl045sTmbGtnjHXBaSa7914sw9Yllm2hvywsBdkrMkpluQ0G4z33mNPZaMegsCsXVw3CXm16eDpgI7fiVpbL_p_Ehs_-ao5-C-Istuy131vgKJGoUFvd1dDn44ZyB8-CMwfTdnmoYG-qAtkXgKDqUI1-Tcq-OeCyBHot2p_3OK_B-0liNra1XNKtIdzaIAzuUx_ndVyXqHJ2y-bRPx7HlpYepnhw3tXqWGc_yn73wljbhJIU3kjNxMQxJnMHOqgW0fRKyfPFN4wNAuKJXL8ls6urprCEEgjgF0RzVoY_6xtlQjQMMNa2gjJuDzUwokI8-9qoT91ZFJLSDze7bqesevvrwnMxxgv33uhZeS1F9wQLm8QKmXwoiwf_njF_A-Z3Lf_QT5c5H0FdhHLXCjwYxKnPMaNhS6Ea8NP5F5wIqFGXqDxprj_12IxVYa7HdefauAjPbgTtMa3BsA_roLkSz24hVlrCnV53IVsNpRUbzybofkc&cid=CAQSMgDICaaNCDMKidC2Aj-fZtjbkZtZfF_9rFPwR905OBaONsrqAl0R3EZmqWA1unV3RrVmGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fpastelink.net%2F3t5ilv84&ds=l&xdt=0&iif=1&cor=3993585410156544000&adk=1839432766&idt=170&cac=0&dtd=27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
1d2e8de8d05446a49a58d8b8af9bc4698dbd4a63c4083d893ec232b1f3b0defe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 13:34:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
28546
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11597
x-xss-protection
0
server
cafe
etag
8023538936332676572
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Nov 2023 13:34:48 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame CCE8 		0
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame DBA5 		0
0
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/elements/html/ Frame DBA5 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BBr987mDOxIFpT4DYYY89qoWGDKJR6b68e5ryh-TVt2eK_DUFDbiDxag-v27EyGHm8JbZWXLZzteAxqA2cJ5o6uCyidVls-IYf7s9qgFX9OBe69QNxq7xslXo42pAPf9QLW2cqLLqFwzNAX6lbG8lg7l5T1-XSA-cL9JnYdGuLCVZ6u5E&dbm_d=AKAmf-DLC3bOpobBmd2dCiHSEKlrG9gPPUDtZonM4E0G6hruCTJMx-_FXN0EcHOjaaGtf4W-rEE6gGJbZdh0rrF9DuGrzsax3_FHbInXvBOPj84V1a0u7XAkPqwwkwIf78DxmAIihjym3SEslhfnjZlSBmWfQqdFr4QdAFksU-1k4l99AFzyaQtLglxErKgwjSJ9puEHM-Dp-TVZ0rb5KusiAmETGc-fcI4ONdY8ngEf9r9NM1oOYVgPJQh5nBcccyD3PlLYonKMYrqTHaCT1EvQeISiEYAB8A2FPu0SOJYAi3T3sqq6E7exqrFgtLzCLc_tKhy7_4mqhdwyjZiwJRLLkGTwrZQCBSB_m22jCn5luXDsi06Nmg_ehD-KAcpPwmfLjbP5tZscV4D-EU8Bd55Nhi0jjJCp1Bfpf3Wt_V1OadetotkORQIFs_XVCFjBqvbutt1DPmDPFpztEin0CCYs5qiYTdjTnfu6uee9QjiDcaqAoVh1FETYiHj67wXJRs9kNGe3Y0M941QPrryuPKKn75IAyD4Vz1guPvs0APrsvzcbmSoCMmHAZBFfQ9ZRDF6vPxUR_XjOyVtLUozxBqlhRRCjf_sUT1LPeo93HacicbBrA_aQYRErjauq2vNsMfBPAVHKaKevTT2s70UI6uNCFMQyKZ9RO7K3-uqKkVI7DeovI-ykSwmWutL-PMl9giB0_SiPTDXGuybvefO0bEH1kGcQBsZPR6L5FO2QFCFiJX1tgR5WbgSj5IKCchn5liE7ixDrtVylTEMi4gWV7iepcAllDj2_BqpNz1lbGLTZcpZ7PWua2pbE0D1ateyA8vHrqnXBTjc6Fz9GZbzz5LlQ3fvLZta3AcRX8jjP75JVFRnupDy9lg-2LhCShxFhouNkbvjR87MZeumVvb8VRlESINQpne3jHozLpPMPmmpF8IPShlDceoRqS_zijBW3wXyDf9hWaXUtlTmw4_J1WJBNoyop137Qn0KgHmXoE4ye6x7yaWmgrr5i58Q0H8GA_pk3jvcfFSJFUxCjv86Zzn51gotZFM0w4tUHRaUk9FH0F6X15OlsSGV0AyWW2cOhTNrTF1mr3G6m3stKqS2_I8Mr7Hw8757ihySCUx34dX18PeMCi1zOgCgigBR-5QE9QoLK02_Ug-DtKJ5f-dy76FrDH0kgBdiiKOQu-zGVGaCui5l4Wo7P-_ctZfi5STXw5geM3RquW8uoN5FmlQgmf7wdjQ0cZ_oI18MCS3yfv-ntmgJZMISTyu2zekmkdNwB4XChxL2kQRGApt8bG1vzM144bUtSs794HB8dhQ5KSy9xa62z5l4E4p116rvzDonWlfSeEQ5qx4Z4EcVsW1O30nz0Aa3Smd4yLhmwDC3mtO1xaOgMDBQT7pcorbKQvWagDMZ28z5fYPD8y5MC-P3KKyZmN22eRPzDPdnF6P8WPAcAKfRody7zGHX-4pKfSfnk7Ubq3oqy-6WC2qMFNyHOxzXq2jOPSLr03bDHGLeU3wRs4_BepKLZHk8NfLShz35zN5nA8afvs4TNc4KbE8oc0eVP3OjcZSywjsH5QfnoGJEb_vluYHN2Hyi4LRHbkac92iPp_UxtQXeIfYHinq1NwUWTmlQ32-Jirod6upmGVZJ03AddWX4Wb61R1QvLlxl55XMTocbCJ_72lxsYtodca9QAEGNp1ZodLRBgNAoY9GMsj7q_eGONAXvJfvTGcTC0qnhR9bI6fskGhQwmQXArhzhemA3Na5t12Cdf-NrvtBpfl2DtpN6Jqhr4nJzXSFapCwvBJPqbT4JfzfB8aA88Q4frKV8mzzmi7zM0Ub7T4kzczva1g8W_C4gknlHbSoa8WG4zaov_0dPvS-PK5mwp2B0so8-cnMIlTLF_mI9BOR_Ks9J6Wr-LXCGuRn-f1JuLDJOd2Edxzr_N7tOMC7CEBxzpfp0lAO1XUzG6myEP1LIaA_VC6IfBWRas5FZoIyGEt2lU3XFLGo8imlwRG0GjR7R58cI91e74kICNkm7TuzxpCnZ5qigZgjnWobCcY5Abq5jVLy8p9b3j8bJ6YV7meyRkaD6fh2s2Jy63VFp8CG6H8fHgtdy_VXVIRgvP3k7FWkyG60k2W5Frq2alecmzHdZpRNjFwULflxRR76tt3p08_1gBG5fSZDyioZYw5_-OqPtjXTt6AOIyMT6SN59FFvexuDio0eX2oDcz_LFVIvsAVy_4gh1Wl4j_L6oxjq2WuC_aWTGwlpsnWVCkNFKJoYnWev45IRamNhY_n7p9fFQx6C8-E3cAwkfVIVWTIROpx5iR44fVcxy2gDb2VGri35sT_uF6s19PX7KPO03kgJ9pecnQmMYJsgtD-cjh8pZ8Kncb3RA9ZaParEdXXb0FLjtQMNtj2HI4JCktNTud42VfVzjG5UflpEPujk1BhrRReP-4x89LWesVckxjma_155fJp6eR0zW3pE0WNhKQ9PQkPbB9Q79vYoSkfqga6vR6wRUlhOkG-Mnk8KeLpRVRNXFf4ca-1Dtj1iS7kGs1P7NgoBW9uzxYZ1x7LiHNU2d--pr_yOGnaJpZWGZqdkS-8JsUld_WDSMnXSOCkd_B5xYPmIUiHlHaGN2gcy1CmNp7hHlBEuZHyi7N20l_1D-4T8KxTQCHB5V1AzR1lh28P7cY4qbm3QCG--vPEXjvgw2H3Zy6wZ069fPFxF8W5OCvoAyDUP8y3sZKLqK3SR8fCgljJrpoWHGSpFo2iR2aaoe_jQ2KPqG_Sp_SiEQzwIU9AtgrA3pPv5lTNV7yHU3nxMK_PoKRLVhnWLOXYLAnKxxFh8nAYeQDr0nFcfCgg9I5sx76ycoa9-azWkfYpNwz6J6cjlpmj3EZSR4JucIby4l47hIe65wwFH9eQES-hkGNjvVy5g8vDCisGVNk5vnjo31NTL5l7zLnJdwEtqmYAC8Bx3JGOOEIj1J6viiq9IY92OJ6jXvgBXMBmHQmDozkifP9a3z545MqQ4SuMjCyKTCiA6wr-e_Yc9v2DC_08X-DcIlB281TFIgJFDMyb52lvZPUlQ5dBr08_TrfSbB4M-PuF1A6iHJpH_cFoLvcclyhYXd2zlg6Be1-NNwgbg1uLA_gICqPdG5qnHtnytQOyl4LuRVX4myL8CE5DSRPed2xBJ8nH_tsfZyNqg7_dxyI1XQETWGKXgdzG5LCgMNX8fDMOY_C5ClytiRvBgqVr2YgiI7NtKydqVWStyaD2eUcEh9Sj2Dlujcm408CHf3R_Dnnh7g_a_N9uii_Q_0LuOkGuulOycpmu66NdufRZZl8QQWD9M3LYUv6IzaKEMaDJFq84iNxrd-71WT_aGzBmC174nx0lfIUK8V1SXRQKHRy0dASwm9SAlDCYwXVd0KEVsWm0ATJUw9VXEuWrmqLpcJicvrd5rg-xj06Dz9gFdzVb4i-jiKklPx7QpMFhthtKXN7FelomlOgZD3eZoMBCzhxpnaN7MgkYislnSp9QniG9vZacJ2ll5-UU-iuxt1u6wkXPear8OR8daUIu51FDj6X5OPljn7-CjDk-V-hiC6LXmrhvGZAlBgjrYz_-JANbaZk3Q2zSkXQ7HJFHi1GYTIt8YsqHyiAM8ydjzLWbuBrV22ezCqh8yaCA31n49ud6yclmz_sx57cDEvU&pr=67%3A0.094923&cid=CAQSMgDICaaNSOOdQMG2n28OY5z5STdLp4E5pjDIhYYQghDPfonnx5ub4xa13uP9-RXQg2dkGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fpastelink.net%2F3t5ilv84&ds=l&xdt=0&iif=1&cor=14338342613480649000&adk=2330389860&idt=150&cac=0&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 13:34:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
28576
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Nov 2023 13:34:18 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/ Frame DBA5 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BBr987mDOxIFpT4DYYY89qoWGDKJR6b68e5ryh-TVt2eK_DUFDbiDxag-v27EyGHm8JbZWXLZzteAxqA2cJ5o6uCyidVls-IYf7s9qgFX9OBe69QNxq7xslXo42pAPf9QLW2cqLLqFwzNAX6lbG8lg7l5T1-XSA-cL9JnYdGuLCVZ6u5E&dbm_d=AKAmf-DLC3bOpobBmd2dCiHSEKlrG9gPPUDtZonM4E0G6hruCTJMx-_FXN0EcHOjaaGtf4W-rEE6gGJbZdh0rrF9DuGrzsax3_FHbInXvBOPj84V1a0u7XAkPqwwkwIf78DxmAIihjym3SEslhfnjZlSBmWfQqdFr4QdAFksU-1k4l99AFzyaQtLglxErKgwjSJ9puEHM-Dp-TVZ0rb5KusiAmETGc-fcI4ONdY8ngEf9r9NM1oOYVgPJQh5nBcccyD3PlLYonKMYrqTHaCT1EvQeISiEYAB8A2FPu0SOJYAi3T3sqq6E7exqrFgtLzCLc_tKhy7_4mqhdwyjZiwJRLLkGTwrZQCBSB_m22jCn5luXDsi06Nmg_ehD-KAcpPwmfLjbP5tZscV4D-EU8Bd55Nhi0jjJCp1Bfpf3Wt_V1OadetotkORQIFs_XVCFjBqvbutt1DPmDPFpztEin0CCYs5qiYTdjTnfu6uee9QjiDcaqAoVh1FETYiHj67wXJRs9kNGe3Y0M941QPrryuPKKn75IAyD4Vz1guPvs0APrsvzcbmSoCMmHAZBFfQ9ZRDF6vPxUR_XjOyVtLUozxBqlhRRCjf_sUT1LPeo93HacicbBrA_aQYRErjauq2vNsMfBPAVHKaKevTT2s70UI6uNCFMQyKZ9RO7K3-uqKkVI7DeovI-ykSwmWutL-PMl9giB0_SiPTDXGuybvefO0bEH1kGcQBsZPR6L5FO2QFCFiJX1tgR5WbgSj5IKCchn5liE7ixDrtVylTEMi4gWV7iepcAllDj2_BqpNz1lbGLTZcpZ7PWua2pbE0D1ateyA8vHrqnXBTjc6Fz9GZbzz5LlQ3fvLZta3AcRX8jjP75JVFRnupDy9lg-2LhCShxFhouNkbvjR87MZeumVvb8VRlESINQpne3jHozLpPMPmmpF8IPShlDceoRqS_zijBW3wXyDf9hWaXUtlTmw4_J1WJBNoyop137Qn0KgHmXoE4ye6x7yaWmgrr5i58Q0H8GA_pk3jvcfFSJFUxCjv86Zzn51gotZFM0w4tUHRaUk9FH0F6X15OlsSGV0AyWW2cOhTNrTF1mr3G6m3stKqS2_I8Mr7Hw8757ihySCUx34dX18PeMCi1zOgCgigBR-5QE9QoLK02_Ug-DtKJ5f-dy76FrDH0kgBdiiKOQu-zGVGaCui5l4Wo7P-_ctZfi5STXw5geM3RquW8uoN5FmlQgmf7wdjQ0cZ_oI18MCS3yfv-ntmgJZMISTyu2zekmkdNwB4XChxL2kQRGApt8bG1vzM144bUtSs794HB8dhQ5KSy9xa62z5l4E4p116rvzDonWlfSeEQ5qx4Z4EcVsW1O30nz0Aa3Smd4yLhmwDC3mtO1xaOgMDBQT7pcorbKQvWagDMZ28z5fYPD8y5MC-P3KKyZmN22eRPzDPdnF6P8WPAcAKfRody7zGHX-4pKfSfnk7Ubq3oqy-6WC2qMFNyHOxzXq2jOPSLr03bDHGLeU3wRs4_BepKLZHk8NfLShz35zN5nA8afvs4TNc4KbE8oc0eVP3OjcZSywjsH5QfnoGJEb_vluYHN2Hyi4LRHbkac92iPp_UxtQXeIfYHinq1NwUWTmlQ32-Jirod6upmGVZJ03AddWX4Wb61R1QvLlxl55XMTocbCJ_72lxsYtodca9QAEGNp1ZodLRBgNAoY9GMsj7q_eGONAXvJfvTGcTC0qnhR9bI6fskGhQwmQXArhzhemA3Na5t12Cdf-NrvtBpfl2DtpN6Jqhr4nJzXSFapCwvBJPqbT4JfzfB8aA88Q4frKV8mzzmi7zM0Ub7T4kzczva1g8W_C4gknlHbSoa8WG4zaov_0dPvS-PK5mwp2B0so8-cnMIlTLF_mI9BOR_Ks9J6Wr-LXCGuRn-f1JuLDJOd2Edxzr_N7tOMC7CEBxzpfp0lAO1XUzG6myEP1LIaA_VC6IfBWRas5FZoIyGEt2lU3XFLGo8imlwRG0GjR7R58cI91e74kICNkm7TuzxpCnZ5qigZgjnWobCcY5Abq5jVLy8p9b3j8bJ6YV7meyRkaD6fh2s2Jy63VFp8CG6H8fHgtdy_VXVIRgvP3k7FWkyG60k2W5Frq2alecmzHdZpRNjFwULflxRR76tt3p08_1gBG5fSZDyioZYw5_-OqPtjXTt6AOIyMT6SN59FFvexuDio0eX2oDcz_LFVIvsAVy_4gh1Wl4j_L6oxjq2WuC_aWTGwlpsnWVCkNFKJoYnWev45IRamNhY_n7p9fFQx6C8-E3cAwkfVIVWTIROpx5iR44fVcxy2gDb2VGri35sT_uF6s19PX7KPO03kgJ9pecnQmMYJsgtD-cjh8pZ8Kncb3RA9ZaParEdXXb0FLjtQMNtj2HI4JCktNTud42VfVzjG5UflpEPujk1BhrRReP-4x89LWesVckxjma_155fJp6eR0zW3pE0WNhKQ9PQkPbB9Q79vYoSkfqga6vR6wRUlhOkG-Mnk8KeLpRVRNXFf4ca-1Dtj1iS7kGs1P7NgoBW9uzxYZ1x7LiHNU2d--pr_yOGnaJpZWGZqdkS-8JsUld_WDSMnXSOCkd_B5xYPmIUiHlHaGN2gcy1CmNp7hHlBEuZHyi7N20l_1D-4T8KxTQCHB5V1AzR1lh28P7cY4qbm3QCG--vPEXjvgw2H3Zy6wZ069fPFxF8W5OCvoAyDUP8y3sZKLqK3SR8fCgljJrpoWHGSpFo2iR2aaoe_jQ2KPqG_Sp_SiEQzwIU9AtgrA3pPv5lTNV7yHU3nxMK_PoKRLVhnWLOXYLAnKxxFh8nAYeQDr0nFcfCgg9I5sx76ycoa9-azWkfYpNwz6J6cjlpmj3EZSR4JucIby4l47hIe65wwFH9eQES-hkGNjvVy5g8vDCisGVNk5vnjo31NTL5l7zLnJdwEtqmYAC8Bx3JGOOEIj1J6viiq9IY92OJ6jXvgBXMBmHQmDozkifP9a3z545MqQ4SuMjCyKTCiA6wr-e_Yc9v2DC_08X-DcIlB281TFIgJFDMyb52lvZPUlQ5dBr08_TrfSbB4M-PuF1A6iHJpH_cFoLvcclyhYXd2zlg6Be1-NNwgbg1uLA_gICqPdG5qnHtnytQOyl4LuRVX4myL8CE5DSRPed2xBJ8nH_tsfZyNqg7_dxyI1XQETWGKXgdzG5LCgMNX8fDMOY_C5ClytiRvBgqVr2YgiI7NtKydqVWStyaD2eUcEh9Sj2Dlujcm408CHf3R_Dnnh7g_a_N9uii_Q_0LuOkGuulOycpmu66NdufRZZl8QQWD9M3LYUv6IzaKEMaDJFq84iNxrd-71WT_aGzBmC174nx0lfIUK8V1SXRQKHRy0dASwm9SAlDCYwXVd0KEVsWm0ATJUw9VXEuWrmqLpcJicvrd5rg-xj06Dz9gFdzVb4i-jiKklPx7QpMFhthtKXN7FelomlOgZD3eZoMBCzhxpnaN7MgkYislnSp9QniG9vZacJ2ll5-UU-iuxt1u6wkXPear8OR8daUIu51FDj6X5OPljn7-CjDk-V-hiC6LXmrhvGZAlBgjrYz_-JANbaZk3Q2zSkXQ7HJFHi1GYTIt8YsqHyiAM8ydjzLWbuBrV22ezCqh8yaCA31n49ud6yclmz_sx57cDEvU&pr=67%3A0.094923&cid=CAQSMgDICaaNSOOdQMG2n28OY5z5STdLp4E5pjDIhYYQghDPfonnx5ub4xa13uP9-RXQg2dkGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fpastelink.net%2F3t5ilv84&ds=l&xdt=0&iif=1&cor=14338342613480649000&adk=2330389860&idt=150&cac=0&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
1d2e8de8d05446a49a58d8b8af9bc4698dbd4a63c4083d893ec232b1f3b0defe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 13:34:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
28546
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11597
x-xss-protection
0
server
cafe
etag
8023538936332676572
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Nov 2023 13:34:48 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame DBA5 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame DBA5 		0
0
truncated
/ Frame DBA5 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e88e9b8dfe97af4f2c61338518effa4a01451f210619a9fea9b1a3bd9746ac47

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
ad-choices.svg
static.yieldmo.com/images/ Frame EA25 		0
0
usermatchredir
ssum.casalemedia.com/ Frame 3BCB 		0
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 7246 		1 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=54430162&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 01 Nov 2023 21:30:33 GMT
content-length
1330
content-type
text/html; charset=UTF-8
ping
onetag-sys.com/v2/ Frame 4BBD 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/v2/ping?data=hZtrnkzv_CQvcR6h967m6zaFwC3ApiZ3wTbLKsBajimtQTcFZIIgtVLv0pKoGfi59nhiVB3kT5G36MAgSKebaNnfXEGapyCwBv8HkZm7NBy8jDvi2iMCtDv0nZO23LwZSGlzDfq3W94nEnJOgbrIah2HO9O3q_SG8W9DDMN-hneKwdzzBts134s3MBK8j6MfcN5B1qHKja-vx8H355iaDSBj7B3jupGeRp2Gqu0PoeZgdHN_GF5Uou6Yv5UKexSwq1v5b-gcrg1eehBCNnRVkvqBmpq8R1_ExL5AoxBrJYsxi7t2kfDAUaENP_4CzdCxbbDKQRhFAfLgqKNmrFLYe5-CBrTYBO6mLcjmAEN4juORFy2I44xienuWN_D59atlcnIrd2KZKJ0_vqHuVdWQpz76edlpyrmvxrMpRDRODD9aD5LupCxe8-6MSZchcWIkqSStOMlJrce4F4Cl4OTLTQyUEJIHl3efHBc8zHf1mFJHNVTb-Von9l_f7ccORBSC-GPS4VdFd3gpns7-AG5nrzL3GDK4IjQWBF9_fo0uDwccSDRvsTkQyyDVj7-VmzwdUniX2Y1OuRAWg3ECBSbKJqoGdnkawT5PFwF5HzNLHatJEwuwmNOo42Cx4qQdQNV1PGPlJqBDicy4b6RVpgJdj-o0hKWcTIblHCIPaLICU8TKkConJuNJDNdfa0vygOXtVd7UasMcRdmmfnS20rMpBw&event=1&price=&click=
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
ping
onetag-sys.com/v2/ Frame 4BBD 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/v2/ping?data=hZtrnkzv_CQvcR6h967m6zaFwC3ApiZ3wTbLKsBajimtQTcFZIIgtVLv0pKoGfi59nhiVB3kT5G36MAgSKebaNnfXEGapyCwBv8HkZm7NBy8jDvi2iMCtDv0nZO23LwZSGlzDfq3W94nEnJOgbrIah2HO9O3q_SG8W9DDMN-hneKwdzzBts134s3MBK8j6MfcN5B1qHKja-vx8H355iaDSBj7B3jupGeRp2Gqu0PoeZgdHN_GF5Uou6Yv5UKexSwq1v5b-gcrg1eehBCNnRVkvqBmpq8R1_ExL5AoxBrJYsxi7t2kfDAUaENP_4CzdCxbbDKQRhFAfLgqKNmrFLYe5-CBrTYBO6mLcjmAEN4juORFy2I44xienuWN_D59atlcnIrd2KZKJ0_vqHuVdWQpz76edlpyrmvxrMpRDRODD9aD5LupCxe8-6MSZchcWIkqSStOMlJrce4F4Cl4OTLTQyUEJIHl3efHBc8zHf1mFJHNVTb-Von9l_f7ccORBSC-GPS4VdFd3gpns7-AG5nrzL3GDK4IjQWBF9_fo0uDwccSDRvsTkQyyDVj7-VmzwdUniX2Y1OuRAWg3ECBSbKJqoGdnkawT5PFwF5HzNLHatJEwuwmNOo42Cx4qQdQNV1PGPlJqBDicy4b6RVpgJdj-o0hKWcTIblHCIPaLICU8TKkConJuNJDNdfa0vygOXtVd7UasMcRdmmfnS20rMpBw&event=287&price=&click=
Requested by
Host: pastelink.net
URL: https://pastelink.net/3t5ilv84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
1_media.bin
vid.connatix.com/pid-dceed97a-951e-4c47-b565-c2794ffae817/f2590cdd-0bb5-401c-a109-f286e7a52d32/ Frame 722B 		0
0
blockedDomains_1.bin
lit.connatix.com/aa0f11f7-035a-4999-9d0a-efd10d585b22/ Frame 722B 		0
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		168 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
f41bcc9c9a485fcff259943e6e6cdc70393618aa13076f4d5dfcaba16488fdda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45188
x-xss-protection
0
server
cafe
etag
985 / 19662 / 31079291 / config-hash: 12744499585952903359
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 21:30:34 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 722B 		0
0
elements.ui.674039a10b5c8acbf74e.js
cds.connatix.com/p/368057/ Frame 722B 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame DBA5 		0
0
/
onetag-sys.com/analytics/ Frame 4BBD 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame 3F1C 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 3F1C 		0
0
/
onetag-sys.com/analytics/ Frame 3F1C 		0
0
iev
csm.nl3.eu.criteo.net/ Frame C343 		0
0
prebid8.20.0-1.js
cds.connatix.com/p/plugins/ 		638 KB
191 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/plugins/prebid8.20.0-1.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8623be0d7e4885c0e014ba9ca2036cef10b6f4f5d0ba5e1bf3fadb03cc147e8c

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 01 Nov 2023 21:30:34 GMT
x-amz-version-id
.uj4OI9.jATtKip6tOjrIiCkwhMF7two
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 25 Oct 2023 13:51:43 GMT
server
cloudflare
etag
W/"c4c392e90e5d3c4bd50ad339048893ec"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
81f73d5d385f01f4-ZRH
access-control-allow-headers
range
expires
Thu, 31 Oct 2024 21:30:34 GMT
army.gif
g.ezoic.net/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTQ1NDY1NDE5NTM4MjczMyIsImRvbWFpbl9pZCI6IjI1MTc4NiIsInVuaXQiOiJkaXYtZ3B0LWFkLXBhc3RlbGlua19uZXQtYm94LTEtMCIsInRfZXBvY2giOjE2OTg4NzQyMjQsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwNiwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImE2NjA1MTIwLTU1MTYtNGU2Yy01NTMyLTQ3MjI4ZmU1MTdhYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NTcyODA3NTU5NywiY3JlYXRpdmVfaWQiOjEzODM1NDQyNjk1MiwiZGF0YSI6W3sibmFtZSI6InZpZXdlZF90aW1lIiwidmFsIjoiNTk5In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Wed, 01 Nov 2023 21:30:34 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 31 Oct 2023 21:30:34 GMT
army.gif
g.ezoic.net/porpoiseant/ 		0
62 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTY5NDMzMDY4MzQxMTgyOSIsImRvbWFpbl9pZCI6IjI1MTc4NiIsInVuaXQiOiJkaXYtZ3B0LWFkLXBhc3RlbGlua19uZXQtbGFyZ2UtYmlsbGJvYXJkLTItMCIsInRfZXBvY2giOjE2OTg4NzQyMjQsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwOCwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImE2NjA1MTIwLTU1MTYtNGU2Yy01NTMyLTQ3MjI4ZmU1MTdhYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NTcyODA3NTU5NywiY3JlYXRpdmVfaWQiOjEzODM1NDQyNjk4OCwiZGF0YSI6W3sibmFtZSI6InZpZXdlZF90aW1lIiwidmFsIjoiOTI1In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Wed, 01 Nov 2023 21:30:35 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 31 Oct 2023 21:30:35 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		390 B
226 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4190647440363764&correlator=2828535471139173&eid=31079165%2C31079302%2C31078530%2C31079371&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-box-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=28&didk=3113487578&sfv=1-0-40&rcs=2&eri=1&sc=1&cookie=ID%3Dfba99a7232a66101%3AT%3D1698874228%3ART%3D1698874228%3AS%3DALNI_MY8n8m-YLz8RXr1tshiw0lvvLjb1w&gpic=UID%3D00000cb101e21ccf%3AT%3D1698874228%3ART%3D1698874228%3AS%3DALNI_MbZgk5tXHrda4k3l-TdZen-fsgnSQ&abxe=1&dt=1698874235457&lmt=1698874235&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=about%3Ablank&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AOrYGskfziikbcA_9Yof554DKWFgpzkec4D4ZTIbxxlAxW3RhTb2bg4bezlL2Q-2-EDquSNC_zDGqD-gKUxl%2CAOrYGsnk7un_BIWKc6VjP8oA-vcGPK5z9CAZMQpoMP3vUx0CZ7oWipRIruDJa3Ze5Up463nyEH_N2VlbvLb4%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGskpwxyPl0juW41j1rkrlLUQcvXvzA5mH222Y6atNDpOrr8h3eAFatle8b9o_FK8xUYBsoAICPC98x-_%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslS2Cp0wHjsM8BO_O5FssrnRkjVi_oiPlCW15OFUs3Y&ga_vid=1833405134.1698874225&ga_sid=1698874227&ga_hid=681257193&ga_fc=true&a3p=EhsKDDMzYWNyb3NzLmNvbRii8q3muDFIAFICCGQSGAoJeWFob28uY29tGKmArua4MUgAUgIIbxIZCgp1aWRhcGkuY29tGKLyrea4MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y75Ku5rgxSABSAghqEloKDWNyd2RjbnRybC5uZXQSQDgyNmI5NmYzY2FlODQyMjI1YmFkNDY5MGRmY2JlMzIyNDZiMGU2NDM5Mzk3YjllM2MyY2IwNDg0OGIwNzQyMWQY1ZWu5rgxSAASGQoKcHViY2lkLm9yZxigpa7muDFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20YovKt5rgxSABSAghkEhcKCHJ0YmhvdXNlGMGerua4MUgAUgIIahI-CgVvcGVueBIsZXlKcElqb2lkbHA2WmpaNU5XcFRhRWRLYlVSVFlYUkxWVXd3VVQwOUluMD0YhJau5rgxSAA.&dlt=1698874223774&idt=3166&prev_scp=a%3D%257C0%257C%26iid1%3D780618487345719%26eid%3D780618487345719%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26as%3Drevenue%26plat%3D1%26bra%3Dmod182-c%26ic%3D3%26at%3Dbf%26adr%3D399%26ezosn%3D3%26reft%3Dt%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D2%26al%3D1002%26compid%3D0%26tap%3Dpastelink_net-box-3-780618487345719%26eb_br%3Dzero%26eba%3D1%26ebss%3D10061%26bv%3D11%26bvm%3D0%26bvr%3D1%26avc%3D38%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D0%26br2%3D50%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26icsticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3915%2C3919%2C3933%2C4184%2C4185%2C4186%2C4604%2C4605%2C5747%2C6044%2C6293%2C6294%2C6295%2C19%2C2688%2C2693%2C3045%2C3053%2C4276%2C18%2C19%2C1428%2C2688%2C2693%2C3045%2C3052%2C3053%2C3856%2C4276%26nocompoverride%3D1%26bkfl%3D1%26lb%3D26%26reqt%3D1698874234451%26adxf%3D1%26ss38%3D1%26ss9%3D1&adks=1692205609&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
b867ac437b30bd53f92899eff8a032b87aba4077354eb274368bc25888389d19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 21:30:35 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
army.gif
g.ezoic.net/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzgwNjE4NDg3MzQ1NzE5IiwiZG9tYWluX2lkIjoiMjUxNzg2IiwidW5pdCI6ImRpdi1ncHQtYWQtcGFzdGVsaW5rX25ldC1ib3gtMy0wIiwidF9lcG9jaCI6MTY5ODg3NDIyNCwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTA1LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYTY2MDUxMjAtNTUxNi00ZTZjLTU1MzItNDcyMjhmZTUxN2FiIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiIzIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Wed, 01 Nov 2023 21:30:35 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 31 Oct 2023 21:30:35 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-S3DKHVPF03&gtm=45je3au1v873532799z89136110041&_p=681257193&gcd=11l1l1l1l1&cid=1833405134.1698874225&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1698874225&sct=1&seg=0&dl=https%3A%2F%2Fpastelink.net%2F3t5ilv84&dt=10%20Unexpected%20Private%20ADHD%20Diagnosis%20UK%20Tips%20-%20Pastelink.net&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 21:30:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
id.a-mx.com
URL
https://id.a-mx.com/sync/?tagId=&ref=null&u=https://pastelink.net/3t5ilv84&tl=https://pastelink.net/3t5ilv84&nf=0&rt=true&v=8.16.0&av=2.0&vg=epbjs&us_privacy=null&am=null&gdpr=0&gdpr_consent=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11480&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D%0A&gdpr=0&gdpr_consent=
Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/adyoulike?r=https%3A%2F%2Fvisitor-eu-west-1.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADOTMOB%26ttl%3D720%26uid%3Db989ee06df7dfc250798f7f0dfc4ddee%26visitor%3D%7Bamob_user_id%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-18b3309c-1213-4463-ae3b-59c8e198f501-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-18b3309c-1213-4463-ae3b-59c8e198f501-003
Domain
ads.smartstream.tv
URL
https://ads.smartstream.tv/cm/?cmsrc=dcm&gdpr=0&google_gid=CAESEIeEeGsOqWH5bm_u2vwASkU&google_cver=1
Domain
ssp-sync.criteo.com
URL
https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=230
Domain
as.ck-ie.com
URL
https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D
Domain
vid.vidoomy.com
URL
https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-oOiLix9E2oJgXlr9aVc9kWh5k7GexKMLPqUugQ--~A
Domain
px.ads.linkedin.com
URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOG9UQG6-5-KAQ8&gdpr=0
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEHizmZIKnaudfN3ck_4NMf4&google_cver=1
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=FwojFcBoTMaeFa1ufyiGJw&rk=usync-na&gdpr=0
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_lwhYpr-QQ6hqen1ilU_8g&rk=usync-other&gdpr=0
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=25470&gdpr=0
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAE4hE7KhYcAABj7htQOuA&expires=30&gdpr=0
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0
Domain
sync.ipredictive.com
URL
https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0
Domain
live.primis.tech
URL
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LOG9UQG6-5-KAQ8&gdpr=0
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0
Domain
hb.yahoo.net
URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1rVG0ua01aRTJ1R0tMcVV1a2txTlJianJfRUdoWUI3ZH5B&gdpr=0&ovsid=LOG9UQG6-5-KAQ8&dpid=58160
Domain
pixel.tapad.com
URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LOG9UQG6-5-KAQ8&gdpr=0
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=0188f3d2-0376-4262-8ec0-e78ae159e102&gdpr=0
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag&gdpr=0
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=2393881630050333936&expires=30&gdpr=0
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=9191748007734315166&expires=60&gdpr=0&gdpr_consent=
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=rise_engage&gdpr=0
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13&gdpr=0
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=24381f8a-062e-473d-bf9e-cc834db2ecca-6542c378-4348&expires=360&gdpr=0&gdpr_consent=
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=unruly&gdpr=0
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=minute_media&gdpr=0
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr=0
Domain
ssc-cms.33across.com
URL
https://ssc-cms.33across.com/ps/?xi=1&xu=LOG9UQG6-5-KAQ8&gdpr=0
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LOG9UQG6-5-KAQ8&obUid=&initiator=&gdpr=0
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=17404&gdpr=0
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=49096&gdpr=0
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/143?gdpr=0
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZULDeAAAArVjVAAU&gdpr=0
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=4045D098764F458682B994D33705A4DB&expires=365
Domain
tr.blismedia.com
URL
https://tr.blismedia.com/v1/api/sync/rubicon?gdpr=0
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7296609266459408536&expires=730&gdpr=0
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=smartadserver&gdpr=0
Domain
sync.aniview.com
URL
https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LOG9UQG6-5-KAQ8&gdpr=0
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=ujBaf8EMJnl3&ev=1&pid=560687&gdpr=0
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=yieldmo&gdpr=0
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Domain
simage4.pubmatic.com
URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156983&gdpr=0&gdpr_consent=&us_privacy=
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=bsw&i=9a5353ba-e71e-4f61-9897-398e51822172&gdpr=&gdpr_consent=&us_privacy=
Domain
static.yieldmo.com
URL
https://static.yieldmo.com/ym.1.js
Domain
ad.sxp.smartclip.net
URL
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESED1gkw2BMo1WvNOZOPOYVb4&gdpr=0&google_cver=1
Domain
ad.yieldlab.net
URL
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEJrwO9fIRn0q5q7Llp0g77w&google_cver=1&gdpr=0
Domain
cs.lkqd.net
URL
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEMMAMYjq9q4ibk0mR2mkx4k&gdpr=0&google_cver=1
Domain
cs.lkqd.net
URL
https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJQkqjSEVORFNFKB_k43k9U&google_cver=1&gdpr=0
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=pVPX59otmqzDVhQhObPKoLfUd06oqFIykmMUb0lopjk
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsve5WY1kucthrBDk1sSLssebvEjvDppg_TBoxySsH8WVaZJZRuC6BFUaFbW1G-f_lP9DDyQIXOn4ioTKQsDjdj_WLo0BXByspIlFVwHbaDZE6zwkVj02B0Fht4_VRtaqJSjRyGtZgZOZFzmleNg9yghT_-N7KEvkE40zD9dV-09Nf5u-FxOjKF05EwQKufccY8kCVUFTZJk1F5nVnXaYVtPQrNVbvPMzMNQ2n-mCLd6pXOhJ0O2-EftyRCd384rrqg5QZkyCov3WWEr7GBsDwXsgGEJRSh2qBi6PIwEhx6M1E7EKf4DR1NNjyLuAjco84VzmjlXs_Njjf0C-C0GLmt3bOXq1jdfO7-cIHsjR-d-&sai=AMfl-YRhZHf6fXfqeHZ7us5wF17l7F6e70CkTZ4v1n-_N35c7x2FmE_0spKFHydJGhEzoJDau6lVw-8YjCH8OsN4pyvCbSOFQLpvDeUJoU4V2ly9_7IvJi6DOHW9Dg1mv_4&sig=Cg0ArKJSzD-STLACFGQvEAE&uach_m=[UACH]&urlfix=1&adurl=
Domain
static.yieldmo.com
URL
https://static.yieldmo.com/images/ad-choices.svg
Domain
ssum.casalemedia.com
URL
https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D
Domain
vid.connatix.com
URL
https://vid.connatix.com/pid-dceed97a-951e-4c47-b565-c2794ffae817/f2590cdd-0bb5-401c-a109-f286e7a52d32/1_media.bin
Domain
lit.connatix.com
URL
https://lit.connatix.com/aa0f11f7-035a-4999-9d0a-efd10d585b22/blockedDomains_1.bin
Domain
imasdk.googleapis.com
URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Domain
cds.connatix.com
URL
https://cds.connatix.com/p/368057/elements.ui.674039a10b5c8acbf74e.js
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuE2lqF1FvacqvFIAowd8P0_JDxKJ8SrAeSGbtmMh6p_wpCFrvFpdsGYWSEDh8ajoA1-4Ojtrjzb-yfzLyqZB7YW08b4eiJ9piqfbsbS72-qK10qin-EWgVk_WCw975&sig=Cg0ArKJSzIfoDWe7NJquEAE&id=lidartos&mcvt=194&p=473,1081,723,1381&mtos=194,194,194,194,194&tos=194,0,0,0,0&v=20231030&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2280168990&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1698874233720&rpt=442&isd=0&lsd=0&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
onetag-sys.com
URL
https://onetag-sys.com/analytics/
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsufXSO4MXbTwcpnGBXK9d7AL7GDXMR_a4QQJ2uLe17GmtP3jPpM-XEKj9x2OYl84xvajiK3SU6nDT2gxepGHUg8JF13MAFV9qRdgemwyYbduMUgjRMoA6BdIU_L96kwKU7w7evRWTuAYgf6Ql6XOXlK00lpou0StKLr02xyAn4VrixAYi7Yz-VhSTWp1fDNvPP9G-xFKbypsGTi8qEJEUffqJ8OgiBJ3GnmwU0Lnfmt95CFzZJL7m3ROnviPR1kxnt550ew0vUImeMrCscQVUhz6dut_9e7mHMwD9z0ox1C514SLDJ_duviW90xdfefMKLPc_my7IfU2yhy4dr8Nspj2oa5pF8QkaCWE4SoASdkrCY2&sai=AMfl-YQtwwGxCcRZFpwnSmbkeb71mnQKzai4MlgJwERkFvevlXYBSJ3SJSBNpnaylsghxJ5z5rGPVPhDujfLe1Zmy-wLX1Cre-8IOmxNtic7zfE3i_Z0IsIJJ8AKyu0sHPk&sig=Cg0ArKJSzCJV69UQAi2cEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu_M2-4bJgAsKbdFF0ejDlNfjAB9hs_dUtlAkM0yWpeaqyNFdrhuSyl4Y9W7-yzktSyp_YSJ258uSTQ9AU2DDoYu31Ko3REShQR_s4RGyOhDqKzy-oDmiLuPEZYpPCw&sig=Cg0ArKJSzH3jSgLVEPGLEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20231030&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=2804293402&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1698874231750&rpt=2639&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
onetag-sys.com
URL
https://onetag-sys.com/analytics/
Domain
csm.nl3.eu.criteo.net
URL
https://csm.nl3.eu.criteo.net/iev?entry=c~Gum.ChromeSyncframe.CookieRead.uid~1&entry=c~Gum.ChromeSyncframe.SidReadSuccess~1&entry=h~Gum.ChromeSyncframe.SidReadSuccessDuration~1112

Verdicts & Comments Add Verdict or Comment

412 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery function| Cookies object| dataLayer object| ezstandalone object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| find_height function| setCookie function| copyToClipboard function| getCookie function| eraseCookie function| validateEmail function| unsure function| clearexplain function| resize function| changeGenerateButtonState function| notify function| removeNotification function| refreshView function| captchaLoaded function| callCustomAjax function| retrieveGetVariables function| setGetVariables string| size object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| ezStandaloneDefine string| ezStandaloneDisplay object| ezSelectedPlaceholders object| ezSelectedPlaceholdersMap string| ezStandaloneCookies function| __ez_vig_close_wrapper boolean| _ez_sa object| __ez string| __sellerid string| __schain_domain string| __ez_nid string| __ez_gcb object| ez_ad_units object| ezslots object| ezrpos object| ezsrqt boolean| __ez_fad_haspo boolean| __ez_fad_hascp object| __ez_fad_po function| ezSetTargetingFromMap function| ezSetSlotTargeting function| ezGetSlotById function| __ez_close_anchor function| __ez_handle_init_scroll function| __ez_hb_render object| ezCriteo object| ezAMX object| ezOneTag object| ezSmile object| ezYieldmo object| ezAYL function| ezjsps object| epbjs boolean| __enableAnalytics object| __s2sbidders object| __s2sinstreambidders object| __allBidders string| ez__id5pd string| ez__uIdHash string| ez__sspDomain object| __ezPwtBidders object| __ezPwtFloors object| PWT object| owpbjs function| openwrapRequestAdUnits function| openwrapRefreshSlot function| openwrapBidsBackHandler function| getSlotForhb object| __advertiserRule object| ezasVars object| ezasTag object| headNode boolean| __ezasAggressive object| ezaxmns object| ezaucmns object| __ez_fad_floating function| __ez_init_slot object| ezslot_6_raw object| ezslot_1_raw object| ezslot_2_raw object| ezslot_5_raw object| ezslot_8_raw object| ezslot_4_raw object| ezslot_3_raw object| ezslot_0_raw object| ezslot_7_raw object| divNode object| parentNode object| __banger_pmp_deals object| _ezim_d object| _ezaq number| did string| ezoTemplate boolean| didTimeoutVign function| expzscr function| create_ezolpl function| attach_ezolpl function| __ez_fad_position number| __cnxiid string| __cnxau boolean| __ez_edge_a number| __ez_edge_mw string| __ez_edge_v string| __ez_edge_h number| __ez_edge_m object| ezslots_raw object| ezslotdivs object| googletag boolean| isEZABL number| ezmadspc boolean| ezoViewCheck boolean| ezDisableInitialLoad boolean| ezhbopt function| __ez_get_largest_ad_size function| handleResponsiveAdsense object| google_reactive_ads_global_state function| ezasBuild function| ezasvEvent function| ezaslEvent function| ezoAdBackFill object| ezaslWatch object| ezoSTPixels function| ezoSTPixelAdd function| ezoGetSlotById function| ezoGetSlotNum function| ezoSTPixelFire function| ezogetbrkey boolean| ezoll string| ezoadxnc string| ezoadhb string| ezdomain string| cid string| pid string| slotId number| ffid number| alS object| container object| ins object| adsbygoogle function| onYouTubeIframeAPIReady object| gaGlobal object| recaptcha object| gaplugins object| gaData function| newEzVignette function| __ez_get_footer_height function| __ez_set_outstream_floor function| __ez_auto_adjust_outstream_float function| __ez_outstream_player_tracking function| pixelData function| __ez_outstream_float_destroy function| getEzErrorURL function| reportEzError object| ct object| ezdent object| ezDenty object| ezua object| ezuxgoals undefined| hREED function| ez_attachEvent function| ez_attachEventWithCapture function| ez_detachEvent function| ez_getQueryString object| _ezfd function| __ezDotData function| stickyFix function| sidebarWall function| __ez_close_rail function| __ez_handle_rail_loaded object| __ezsbwcmd function| PrebidImpressionController function| PrebidImpression object| regeneratorRuntime object| ezoptbid function| epbjsRequestAdUnits function| epbjsBidRequest function| epbjsApplyResponsiveSizes function| epbjsRefreshSlot function| setAuctionActive function| setAuctionFinished function| isValid256Hash object| epbjsChunk object| _pbjsGlobals object| ADAGIO object| mnet string| nobidVersion object| nobid string| ezoScriptHost object| IL11ILILIIlLLLILILLLLIILLLIIL11111LLILiiLIliLlILlLiiLLIiILL number| ezobv function| ezoSyncToDfp function| ezoGetDFPSlot object| ezomash boolean| ezowwinit function| ezbanger function| ezvt function| ezvb function| ezsr function| ezosethbbid function| ezosetowbids function| ezosethbbids function| ezGetSlotViewedTime function| formatBid function| fetchezoibfh object| ezoibfh number| ezoibfhHF function| adjustHbValues function| ezorefgsl boolean| __ez_fad_ezpbinitd function| __ez_fad_pb object| featureMap object| Criteo object| owpbjsChunk object| partnersWithoutErrorAndBids object| matchedimpressions object| ucTag object| OWT object| ezoic_mash number| ez_tos_track_count number| ez_last_activity_count object| ggeac object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications boolean| google_measure_js_timing object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| initEzux object| riveted object| ezux object| metricNameMap function| ezlogVital object| webVitals object| ezslot_interstitial function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| ezslot_4 object| ezslot_5 object| ezslot_6 object| ezslot_7 object| ezslot_1 object| ezslot_2 object| ezslot_0 function| cnx object| msgData object| sas object| apntag object| _ADAGIO object| ox_esp object| _33across object| __uid2SecureSignalProvider object| __uid2 function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_144 object| Criteo_identitytag_144 object| ezslot_3 number| ezouspvv object| onetag object| criteo_pubtag_prebid_144 object| Criteo_prebid_144 object| google_image_requests object| googDdmPs object| pbjs object| cnx_player_usr_storage object| cnx_webpack_global object| cnx_usr_storage object| player_instance_0ab9624338e2455e893eb0590aa33a6e object| cnxPlugins object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval function| cnxProxyTask object| pbjsChunk function| cnxAddEventListener

140 Cookies

Domain/Path Name / Value
pastelink.net/ Name: PHPSESSID
Value: 4k6d826q91pplulkckm50cd6l6
.pastelink.net/ Name: _gcl_au
Value: 1.1.2146699454.1698874225
.pastelink.net/ Name: ezoadgid_251786
Value: -1
.pastelink.net/ Name: ezoref_251786
Value:
.pastelink.net/ Name: ezosuibasgeneris-1
Value: 6f82a897-4394-487b-487f-617876314b13
.pastelink.net/ Name: ezoab_251786
Value: mod182-c
.pastelink.net/ Name: lp_251786
Value: https://pastelink.net/3t5ilv84
.pastelink.net/ Name: ezovuuidtime_251786
Value: 1698874224
.pastelink.net/ Name: ezovuuid_251786
Value: f8c7e6e2-ddc6-43c0-59b4-a7b0e58a851d
.pastelink.net/ Name: active_template::251786
Value: pub_site.1698874224
.pastelink.net/ Name: ezopvc_251786
Value: 1
.pastelink.net/ Name: ezepvv
Value: 24
.pastelink.net/ Name: _ga
Value: GA1.2.1833405134.1698874225
.pastelink.net/ Name: _gid
Value: GA1.2.159028612.1698874225
.pastelink.net/ Name: _gat_UA-55088947-2
Value: 1
.pastelink.net/ Name: _sharedid
Value: 3d3056b2-3a12-424c-862a-8acd4d2bed7c
.pastelink.net/ Name: _sharedid_cst
Value: zix7LPQsHA%3D%3D
.pastelink.net/ Name: _ga_4KDXYD7HFC
Value: GS1.2.1698874225.1.0.1698874225.0.0.0
pastelink.net/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.prebid.a-mo.net/ Name: __amc
Value: 1_1698874226_1698874226
.sharethrough.com/ Name: stx_user_id
Value: 612aff6a-813a-4a10-93a0-2503eef13aa7
.adnxs.com/ Name: icu
Value: ChgIkfo_EAoYASABKAEw8oaLqgY4AUABSAEQ8oaLqgYYAA..
.adnxs.com/ Name: uuid2
Value: 2393881630050333936
.yieldmo.com/ Name: yieldmo_id
Value: 3FE9___OOM_49ltyyzsb%7C1698796800000%7C3397522355460590137%7C2834942196124164132
.omnitagjs.com/ Name: ayl_visitor
Value: 30a0d0a5b0d2fda97ba91eee36d9525e
.yahoo.com/ Name: A3
Value: d=AQABBHTDQmUCEGPhX8xce00b1c_tYjjbi-kFEgEBAQEURGVMZbth0CMA_eMAAA&S=AQAAAs_lgkN_moWKMOXpuoowaPo
.pastelink.net/ Name: connectId
Value: {"ttl":86400000,"lastUsed":1698874229045,"lastSynced":1698874229045}
.doubleclick.net/ Name: IDE
Value: AHWqTUkvQbZDRU41Bp2y3rsJpeaHQQvWwlvLet6zT90Otal_zMoNI7KxjsG1LTYzbLo
.pastelink.net/ Name: __gads
Value: ID=fba99a7232a66101:T=1698874228:RT=1698874228:S=ALNI_MY8n8m-YLz8RXr1tshiw0lvvLjb1w
.pastelink.net/ Name: __gpi
Value: UID=00000cb101e21ccf:T=1698874228:RT=1698874228:S=ALNI_MbZgk5tXHrda4k3l-TdZen-fsgnSQ
.ads.yieldmo.com/ Name: re_sync
Value: pp%3D1180613%7Crc%3D1180613%7Cunl%3D1180613%7Cc%3D1180613%7Ct%3D1180613
.openx.net/ Name: i
Value: bd9cdfeb-2e63-4a11-8998-349ab4a50bd1|1698874231
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: ee729ca09cfb45eac6a4b251cfe22497
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSE01N7JMTjSwTE5LMjFNTUw2SzRJMjI1TE5LNTIysTRnAIJUp8PlIBoKAHCoC1M%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIdTpcDqSgAAAXMwHi"
.pubmatic.com/ Name: KADUSERCOOKIE
Value: B3ABD658-6510-47A0-8543-FE669B89DF5B
.contextweb.com/ Name: V
Value: ujBaf8EMJnl3
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 327dd08910bdd566
.creativecdn.com/ Name: u
Value: UqIsYjPXXLk7C02d2KjJ
.creativecdn.com/ Name: ts
Value: 1698874231
.ads.yieldmo.com/ Name: ptrc
Value: CAESEBfh1feXl-D_ce87VgqLDh4
.bidswitch.net/ Name: tuuid
Value: 9a5353ba-e71e-4f61-9897-398e51822172
.bidswitch.net/ Name: c
Value: 1698874231
.bidswitch.net/ Name: tuuid_lu
Value: 1698874231
.rubiconproject.com/ Name: khaos
Value: LOG9UQG6-5-KAQ8
.ads.yieldmo.com/ Name: ptrrc
Value: LOG9UQC7-1Q-A58P
.pastelink.net/ Name: _cc_id
Value: ee729ca09cfb45eac6a4b251cfe22497
.smartadserver.com/ Name: pid
Value: 4620150274202798648
.pastelink.net/ Name: panoramaId
Value: 826b96f3cae842225bad4690dfcbe32246b0e6439397b9e3c2cb04848b07421d
.pastelink.net/ Name: panoramaIdType
Value: panoIndiv
.pastelink.net/ Name: panoramaId_expiry
Value: 1699479031186
.ads.stickyadstv.com/ Name: UID
Value: 47de23d1df628a2c2fd3b055dda898ca
.ads.yieldmo.com/ Name: ptrpp
Value: ujBaf8EMJnl3
.adfarm1.adition.com/ Name: UserID1
Value: 7296609266459408536
.adsby.bidtheatre.com/ Name: __kuid
Value: 52e6de76-f6f2-4f38-927e-3e58c737e32f.468088232
.bidr.io/ Name: bitoIsSecure
Value: ok
.ctnsnet.com/ Name: cid_cde9819baa364d13a2f425460b5abe7f
Value: 1
.criteo.com/ Name: uid
Value: 0188f3d2-0376-4262-8ec0-e78ae159e102
.openx.net/ Name: pd
Value: v2|1698874232|n0vNvQiygu
.weborama.fr/ Name: AFFICHE_W
Value: NHPPpBQ1p-4074
.bidr.io/ Name: bito
Value: AAE4hE7KhYcAABj7htQOuA
.simpli.fi/ Name: suid
Value: 4045D098764F458682B994D33705A4DB
.adx.opera.com/ Name: UID
Value: OPUadfb157e88884077b43e7bb06bc044f5
.sitescout.com/ Name: ssi
Value: 24381f8a-062e-473d-bf9e-cc834db2ecca#1698874232094
.adform.net/ Name: C
Value: 1
.de17a.com/ Name: guid
Value: 1.8317966665527016768
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2sjQ2MDQ3N7MwNhDiM9QtSHNycioy9A00zncBAGOhmCQlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2sjQ2MDQ3N7MwNhDiM9QtSHNycioy9A00zncBAGOhmCQlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmlhYW5iZGxkaGQEAOoa1XIQAAAA
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZULDeAAAArVjVAAU
.adform.net/ Name: uid
Value: 6652614731716365000
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_ad34fc1b-3f75-4745-8107-dec66bbd9587
.quantserve.com/ Name: mc
Value: 6542c378-47d93-0ba75-f0c70
.script.ac/ Name: __cf_bm
Value: TZt6X0Dqg7fgAXUX2qpZ09Pb2RcTO_X2R4euzuWSaUc-1698874232-0-AZawaAZlcAZkFdgQCzQIYU4ITejWzisBSibROhdBguFZ/iLVI2yedUeH849aPaGa/02DfXMQbux21pz7GNhuVps=
.postrelease.com/ Name: visitor
Value: 3d79826a-fe63-4ae0-a46b-52c763be5ca4
.postrelease.com/ Name: status
Value: 0
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-ed123e2f-fa20-58ba-40a8-5af76122dbc9.ia%2BwF4hAc0%2FxGM03VymFfqkctlEZ1u5If%2B%2BQV89YD%2FU
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-ed123e2f-fa20-58ba-40a8-5af76122dbc9.ia%2BwF4hAc0%2FxGM03VymFfqkctlEZ1u5If%2B%2BQV89YD%2FU
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A7RI-L_ogWLpAqFr3YSLbyVXaRqA.VR%2BV7TsKCfOvFzgYtfErCna7B8XMk1j%2BIUdBbGdYQws
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A7RI-L_ogWLpAqFr3YSLbyVXaRqA.VR%2BV7TsKCfOvFzgYtfErCna7B8XMk1j%2BIUdBbGdYQws
.amazon-adsystem.com/ Name: ad-id
Value: A6xHnSEAUUuCg_n6c5369Qs
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPUadfb157e88884077b43e7bb06bc044f5&KRTB&23485-OPUadfb157e88884077b43e7bb06bc044f5&KRTB&23524-OPUadfb157e88884077b43e7bb06bc044f5
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-8317966665527016768
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-24381f8a-062e-473d-bf9e-cc834db2ecca-6542c378-4348&KRTB&23418-24381f8a-062e-473d-bf9e-cc834db2ecca-6542c378-4348
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5124322329301776830
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEI30_bqJ34ZRup-FmkQa_Bg&KRTB&23025-CAESEI30_bqJ34ZRup-FmkQa_Bg&KRTB&23386-CAESEI30_bqJ34ZRup-FmkQa_Bg
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-wyojXpYsIFTYKyAIzCw6XJd-IFnYeScPwi_wLMRb&KRTB&19420-wyojXpYsIFTYKyAIzCw6XJd-IFnYeScPwi_wLMRb&KRTB&22979-wyojXpYsIFTYKyAIzCw6XJd-IFnYeScPwi_wLMRb&KRTB&23403-wyojXpYsIFTYKyAIzCw6XJd-IFnYeScPwi_wLMRb
ads.playground.xyz/ Name: connect.sid
Value: s%3A7PitrfujF3Yjj4Z8iafNw14x2oZoGdfI.1P6W287mGE8oNhKuXaXTLKEFbbyuq4suxFYOpbIJu%2Bc
.turn.com/ Name: uid
Value: 9191748007734315166
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-2393881630050333936&KRTB&23339-2393881630050333936
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-770273705208909224&KRTB&23263-770273705208909224&KRTB&23481-770273705208909224
.pubmatic.com/ Name: KRTBCOOKIE_945
Value: 19558-uid:
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7296609266459408536&KRTB&23369-7296609266459408536
.bing.com/ Name: MUID
Value: 2274E977661162173B0DFACB674663B7
.c.bing.com/ Name: MR
Value: 0
.pubmatic.com/ Name: SPugT
Value: 1698874231
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-7RI-L_ogWLpAqFr3YSLbyVXaRqA&KRTB&23334-7RI-L_ogWLpAqFr3YSLbyVXaRqA&KRTB&23417-7RI-L_ogWLpAqFr3YSLbyVXaRqA&KRTB&23426-7RI-L_ogWLpAqFr3YSLbyVXaRqA
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIBDoRfYE-gT4KzCxQEbdPlvra_-mB5g0kci-4ysozJPxEHwYBCD4houqBjABOgTwi70wQgQrEmHN.cG7%2F%2BD5z2pSRQYVm2wK%2F%2BQFtpdvKCO2n1uFb3Ybg148
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIBDoRfYE-gT4KzCxQEbdPlvra_-mB5g0kci-4ysozJPxEHwYBCD4houqBjABOgTwi70wQgQrEmHN.cG7%2F%2BD5z2pSRQYVm2wK%2F%2BQFtpdvKCO2n1uFb3Ybg148
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-9191748007734315166&KRTB&23150-9191748007734315166&KRTB&23527-9191748007734315166
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-9a5353ba-e71e-4f61-9897-398e51822172
.smartadserver.com/ Name: csync
Value: 31:9a5353ba-e71e-4f61-9897-398e51822172|76:CAESEKxoeb6cmVTBzI8qKATbNWs|127:AAE4hE7KhYcAABj7htQOuA
.admixer.net/ Name: am-uid
Value: 3b230d7754c34b8dab8f1c175ec68a62
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1nr4|7TZ.0.1|7dN.0.AAE4hE7KhYcAABj7htQOuA
.richaudience.com/ Name: pdid
Value: 65a64357-3c42-402f-b9e1-1zz1698874221
.betweendigital.com/ Name: dc
Value: sin1
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: tuuid
Value: 6ba0b4a4-fbcf-5432-8913-f696ec5135ee
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAIDD6btsPpUgMCuWDgAAAAAAA&KRTB&22713-AAAIDD6btsPpUgMCuWDgAAAAAAA&KRTB&22715-AAAIDD6btsPpUgMCuWDgAAAAAAA&KRTB&23519-AAAIDD6btsPpUgMCuWDgAAAAAAA
.tribalfusion.com/ Name: ANON_ID
Value: a8ntuJw5EGiAaINQfTsPWkWelZae2UeZbB8NHm2APlYFot7YSDQIMtF1SohP9sRZc5Euq9NrwHNuhQtRxpquTgKE6Qy
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-18b3309c-1213-4463-ae3b-59c8e198f501-003%22%7D
.us.ck-ie.com/ Name: CID
Value: 795c9046b379ff1c3baed6868829542c560d3bdc
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAE4hE7KhYcAABj7htQOuA
.pubmatic.com/ Name: PugT
Value: 1698874233
.quantserve.com/ Name: d
Value: EOQBEgGpKvijD9r7EA
.pastelink.net/ Name: cto_bundle
Value: -xm5ZV9uYXgyZE5laGJQZUJHUUdhZUNocG9QaVF3REVjNVNUOXRlN0JYY0ttV0pxNlZleUNRNlh1Y2V3bFRiME84SHFMeW5LUWVrNWFDTWRXUlEwNENOMFUlMkZUdG44UE9mOG9ZbHd5NVlnbGV0NzFXR2FBUiUyQnolMkZFN1ElMkZTSlZaNEF3YmszdkFoeUZzRlBzJTJGb3VFaFUwN0VVWVB3JTNEJTNE
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY5ODg3NDIzMjI1NCwiMTUiOjE2OTg4NzQyMzM2NTF9
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-18b3309c-1213-4463-ae3b-59c8e198f501-003%22%2C%22nxtrdr%22%3Afalse%2C%22zdxidn%22%3A%222013%22%7D
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.richaudience.com/ Name: avcid-bsw-uid
Value: 9a5353ba-e71e-4f61-9897-398e51822172
.connatix.com/ Name: cnx_userId
Value: c9822a66b1b344a2ad3399981d96f18c
pastelink.net/ Name: ezouspvv
Value: 20
pastelink.net/ Name: ezouspva
Value: 3
pastelink.net/ Name: ezouspvh
Value: 8
.pastelink.net/ Name: _ga_S3DKHVPF03
Value: GS1.1.1698874225.1.0.1698874233.0.0.0
.onetag-sys.com/ Name: OTP
Value: ROkrxkbzulYSnJNl_g6dtshvT5s4_3L5BpLyfhvMxg0
.dotomi.com/ Name: DotomiTest
Value: 5c54c90b5e541931
.analytics.yahoo.com/ Name: IDSYNC
Value: "194o~2et9:18vk~2et9"
.betweendigital.com/ Name: ut
Value: ZULDeQAN3sjnrUgKvEsRKygJV5-TlM3MFepXig==
.rubiconproject.com/ Name: audit
Value: 1|e6eiS7CR3E4utn9iw2OjLYoNZ9aIpUKHZTe46E/s+svsMF7fNgMltqGQ6LGS/A6GIUD4EzZWRvSM1KxoLazIt6NWShwHx7KI6rocrMY9/A9Z/rUQ28v3BNQINePYp6JSgm9vyWMpds4jkGi8qD0SLtShpyNh/P0Fv39rJ2gjIhf82pG6k/Yjj89sdGeFC9lF
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 7
.pubmatic.com/ Name: pi
Value: 156983:4
.pubmatic.com/ Name: DPSync3
Value: 1700006400%3A226_219_197_241_235_201_245_227
.pubmatic.com/ Name: SyncRTB3
Value: 1699660800%3A63%7C1699401600%3A15_223_2%7C1701388800%3A203%7C1700092800%3A35%7C1700006400%3A54_22_55_56_99_81_264_176_8_233_21_196_3_214_88_166_46_251_165_234_71_243_204_13_161_254_249_238_220%7C1703980800%3A69
.smilewanted.com/ Name: sw_user_params_infos
Value: XqT0bqYfNhZws4buHYgNKBtEyZbtQttRGXbrr3WP1IFVz3Ku6QIszSF%2BuKFe42MJAIyhRne%2FdMLkKnjB1q9AQ8NuySH1dKZjozoq12PjW8Pdk92WI4oamcIReTvWeKNc0lnD0bAEbVksx3RYttMMwrXLJAgpMh5Bhu0Bvg2d8s6DwWrWYR7UGg4k%2FajRDse%2Bghn%2FnWNCrTAmaAmry6TSRSAm%2BenZqW%2FD%2BUbmrkEWc5oAYUTxQFq%2F4RzS7xXCh6Yc%2FbMlw9Rf%2FbWMwSviDlmV6AnKqYLSmDezKQxDPFZOEwP5gSjI4wiEMubSbCXfnUt54EYPqsgas3nqcKrQGlYELc%2ByWNGmGh80Rhl5L3%2BorWYzyw7vWG%2BRtWL%2BWDkWcM5LCf8gJRKVLODCbqVxTJPYaA%3D%3D
pastelink.net/ Name: ezux_et_251786
Value: 0
pastelink.net/ Name: ezux_tos_251786
Value: 15

60 Console Messages

Source Level URL
Text
network error URL: https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&v=1&url=https%3A%2F%2Fpastelink.net%2F3t5ilv84
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://ups.analytics.yahoo.com/ups/58713/fed?v=1&1p=0&gdpr=0&gdpr_consent=&us_privacy=&url=https://pastelink.net/3t5ilv84&pixelId=58713
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=B3ABD658-6510-47A0-8543-FE669B89DF5B
Message:
Failed to load resource: the server responded with a status of 503 (Service Unavailable: Back-end server is at capacity)
network error URL: https://id.rlcdn.com/711333.gif?&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://ads.smartstream.tv/cm/?cmsrc=dcm&gdpr=0&google_gid=CAESEIeEeGsOqWH5bm_u2vwASkU&google_cver=1
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://cookiesync.api.bliink.io/getuid?url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbliink%2F%24UID
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://token.rubiconproject.com/token?pid=25470&gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag&gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pixel.rubiconproject.com/exchange/sync.php?p=rise_engage&gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://token.rubiconproject.com/token?pid=49096&gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13&gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pixel.rubiconproject.com/exchange/sync.php?p=unruly&gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pixel.rubiconproject.com/exchange/sync.php?p=minute_media&gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://tr.blismedia.com/v1/api/sync/rubicon?gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://match.deepintent.com/usersync/143?gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://id.rlcdn.com/709414.gif?gdpr=0
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://pixel.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pixel.rubiconproject.com/exchange/sync.php?p=17404&gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pixel.rubiconproject.com/exchange/sync.php?p=smartadserver&gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEHizmZIKnaudfN3ck_4NMf4&google_cver=1
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAE4hE7KhYcAABj7htQOuA&expires=30&gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_lwhYpr-QQ6hqen1ilU_8g&rk=usync-other&gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LOG9UQG6-5-KAQ8&gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=2393881630050333936&expires=30&gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156983&gdpr=0&gdpr_consent=&us_privacy=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=24381f8a-062e-473d-bf9e-cc834db2ecca-6542c378-4348&expires=360&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=FwojFcBoTMaeFa1ufyiGJw&rk=usync-na&gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=9191748007734315166&expires=60&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=0188f3d2-0376-4262-8ec0-e78ae159e102&gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7296609266459408536&expires=730&gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=4045D098764F458682B994D33705A4DB&expires=365
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZULDeAAAArVjVAAU&gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=ujBaf8EMJnl3&ev=1&pid=560687&gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-oOiLix9E2oJgXlr9aVc9kWh5k7GexKMLPqUugQ--~A
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://ssc-cms.33across.com/ps/?xi=1&xu=LOG9UQG6-5-KAQ8&gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pixel.rubiconproject.com/exchange/sync.php?p=yieldmo&gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=pVPX59otmqzDVhQhObPKoLfUd06oqFIykmMUb0lopjk
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESED1gkw2BMo1WvNOZOPOYVb4&gdpr=0&google_cver=1
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEJrwO9fIRn0q5q7Llp0g77w&google_cver=1&gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LOG9UQG6-5-KAQ8&gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://hb.yahoo.net/cksync?cs=63&axid_e=eS1rVG0ua01aRTJ1R0tMcVV1a2txTlJianJfRUdoWUI3ZH5B&gdpr=0&ovsid=LOG9UQG6-5-KAQ8&dpid=58160
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEMMAMYjq9q4ibk0mR2mkx4k&gdpr=0&google_cver=1
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJQkqjSEVORFNFKB_k43k9U&google_cver=1&gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://usersync.gumgum.com/usersync?b=bsw&i=9a5353ba-e71e-4f61-9897-398e51822172&gdpr=&gdpr_consent=&us_privacy=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOG9UQG6-5-KAQ8&gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
javascript warning URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cds.connatix.com/p/plugins/prebid8.20.0-1.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cds.connatix.com/p/plugins/prebid8.20.0-1.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

49f5040f1a78f8f1412e6eb85e884369.safeframe.googlesyndication.com
a.audrte.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.sxp.smartclip.net
ad.turn.com
ad.yieldlab.net
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.smartstream.tv
ads.stickyadstv.com
ads.yieldmo.com
adx.g.doubleclick.net
adxbid.info
ap.lijit.com
api-2-0.spot.im
as.ck-ie.com
aws-fr-sync.bidswitch.net
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
bshr.ezodn.com
btlr.sharethrough.com
bttrack.com
c.bing.com
c1.adform.net
cadmus.script.ac
capi.connatix.com
cd.connatix.com
cdn-ima.33across.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cds.connatix.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
connectid.analytics.yahoo.com
cookiesync.api.bliink.io
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs.lkqd.net
csm.nl3.eu.criteo.net
csync.loopme.me
csync.smilewanted.com
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g.ezodn.com
g.ezoic.net
ghent-aws-fr.bidswitch.net
go.ezodn.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
hb.yahoo.net
hbopenbid.pubmatic.com
i.clean.gg
ib.adnxs.com
id.a-mx.com
id.crwdcntrl.net
id.hadron.ad.gt
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
inv-nets.admixer.net
invstatic101.creativecdn.com
ipac.ctnsnet.com
jadserve.postrelease.com
lb.eu-1-id5-sync.com
lit.connatix.com
live.primis.tech
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pastelink.net
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.smilewanted.com
privacy.gatekeeperconsent.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.adxpremium.services
rubicon-match.dotomi.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp-sync.criteo.com
ssum.casalemedia.com
static.criteo.net
static.smilewanted.com
static.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.aniview.com
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
t.adx.opera.com
tags.crwdcntrl.net
the.gatekeeperconsent.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
usersync.gumgum.com
vid.connatix.com
vid.vidoomy.com
visitor-eu-west-1.omnitagjs.com
visitor.omnitagjs.com
www.ezojs.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
ad.sxp.smartclip.net
ad.yieldlab.net
ads.smartstream.tv
as.ck-ie.com
cds.connatix.com
cm-supply-web.gammaplatform.com
cs.lkqd.net
csm.nl3.eu.criteo.net
csync.loopme.me
dsum-sec.casalemedia.com
hb.yahoo.net
id.a-mx.com
imasdk.googleapis.com
lit.connatix.com
live.primis.tech
match.deepintent.com
onetag-sys.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pixel.tapad.com
prebid.smilewanted.com
px.ads.linkedin.com
s0.2mdn.net
securepubads.g.doubleclick.net
simage4.pubmatic.com
ssc-cms.33across.com
ssp-sync.criteo.com
ssum.casalemedia.com
static.yieldmo.com
sync.adotmob.com
sync.aniview.com
sync.ipredictive.com
sync.outbrain.com
sync.targeting.unrulymedia.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
usersync.gumgum.com
vid.connatix.com
vid.vidoomy.com
100.26.105.189
104.16.88.20
104.17.24.14
104.18.22.145
104.18.25.173
104.18.35.167
104.18.41.104
104.21.28.48
104.21.63.106
104.22.68.131
104.26.8.169
108.138.26.48
108.156.47.119
13.107.21.200
134.122.57.34
138.201.8.249
142.250.184.200
142.250.184.206
142.250.184.226
142.250.185.161
142.250.185.162
142.250.185.194
142.250.186.34
142.250.186.36
142.250.186.66
142.250.186.99
145.40.97.67
15.197.193.217
151.101.1.108
151.101.66.49
162.19.138.117
162.19.138.83
167.235.184.171
172.217.16.195
172.217.16.202
172.64.136.15
172.64.137.15
172.64.146.152
172.64.98.39
172.67.144.62
172.67.23.234
172.67.38.106
178.250.1.11
178.250.1.3
178.250.1.8
178.250.1.9
18.158.152.62
18.194.76.100
18.66.97.14
185.106.140.18
185.184.8.90
185.29.132.245
185.64.189.112
185.64.190.79
185.64.191.210
185.86.138.152
185.86.139.102
185.89.210.101
192.132.33.69
193.0.160.131
193.108.153.18
195.5.165.20
198.47.127.19
198.47.127.20
2.18.96.187
203.195.121.141
208.93.169.131
209.54.182.161
213.155.156.184
216.239.34.36
216.52.2.30
216.58.206.34
23.218.210.30
23.60.204.187
3.120.46.47
3.127.161.184
3.248.171.173
3.69.213.60
3.71.149.231
34.102.146.192
34.102.253.54
34.111.129.221
34.120.135.53
34.240.22.214
34.250.99.225
34.254.54.88
34.95.69.49
34.96.70.87
34.98.64.218
35.186.193.173
35.204.158.49
35.205.65.172
35.244.174.68
37.157.5.132
37.157.5.133
46.228.164.11
46.228.174.117
51.89.9.253
52.19.46.203
52.49.166.237
52.58.92.77
52.95.125.22
54.152.141.210
54.209.88.56
64.158.223.140
65.9.66.122
69.173.144.138
69.173.144.139
70.42.32.63
72.251.245.179
76.223.111.18
8.2.108.194
82.145.213.8
85.114.159.118
88.208.215.108
91.228.74.200
98.98.134.241
02614d11cbdc1f220b7be546d59ef5e14489c86a5fdce3f22ce7b6bf9990bc71
048cb71d60d734592926adfb473a3ea744471ff77aa8dfbb03a3a242fbbe3318
07667bd905fa3e586cbbad7cac0b37c350890414f61cb07b7163b54206a392ba
07a54e49f65745ec3e0c0bfec9c0005b787370f8f65476b8da936e14d9ceaaa1
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
097c42b49b95374a75a87be81c99fbc8cfe0717ae3e90d764eb33693a007bcfe
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e8dd856a2666594078acc102ef6f3066a059827c353c51cb7625331a41b1678
0f5cea81bb63d0214976da19bc823736066909b01efa7bf8cdb4d5de805eea93
0fab57543f51269755c854c09e1a361e6a3c04ae97b28b483ae00f13de630e9d
0fe65a17844471485a0e2cee1e8165e69027e88de76a77a3cbe0327743fc1549
117e59670232ee197c33549c2f0e1320d6a9f37eaed15ecc585be87b82611c01
12b2573815dac6ac5646fab27841f398fa908cc13d510f2e14bffb595b726bbf
13100cd3879e5c1385581d7c88153e60cd7c3e4b0578fe2838daa56da689769b
15c5ab257f685e66dbabf646aeb10b4e616dc155b17d8e1b170aa5c1cd8fe32b
15f20e02ef301e62ed325d633f971c506dcf1be3458c2371b849b505bb8673dc
17f55b608b39e787cbd579ea79f451a8990ebb001424c188c1d9ba60b6f98584
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18d50616a5f5dfd0c239f5f9e46c1038e91c274c0541d7031b175bdccc0d9423
1a87985707fa8a2cd12b5d3879626eccd92c19372ed032b91a7c6f9ea00b6ea8
1c542e17b6f0b2503d96cc8d680e83cff629c472078334b0d6e9052311799e9a
1c9e4c65f9d921b1c0829958cc7b2f307a3e22ac7a23e8315b6db4c0954e1107
1d2e8de8d05446a49a58d8b8af9bc4698dbd4a63c4083d893ec232b1f3b0defe
1d35a435c34e52e98e05cdda07d86d384e983dc8400effc1af4c968375ba3ea4
1d4550d1876b9231dc478884c6ab6debda970b1f7039dc61574b59e87e120f80
1f6ee50b8a05156cb9a14189cf2062108df86b13b92c1abf1e466dda6a16c42b
1f8a69b2a2b34f9ad653d8d8627fb36573303a4442a5aff2699707a5ccebf033
1f9d6e081cf4d79d85207e094fb7a4c2e56eec4439d36f2a9192e7fafacfb1e4
23d808aef91f5fc3308dd8c97bde0383aef646942ae9b5d76c441da284469294
270d68c001d05e764b3ccd047bedf93a8376bfd08b44124a67b9fa31e335cea8
29e62e3f4ac6ff8f0c0f77a4831f50c8b5f5b0fbf4e15fac20706403f18e77af
2c34f09169d2a10e8f5863960e81575ab70f88b52f4bd3386ce5e41e73a94487
2cb36489072c0eb085096a47bfcced826b7a973e5f294d5a2b54bf16df3449d9
2db8a17071a84db871db43c811fff45f70d7c585008ea4c173ba6967eb318642
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e5f70d2fdc346a476b18e9e53b68feb31e03c5ffad3a96e93d66a65202e12f5
2e7c613fa1ab0fccef77c4fa15a81e845cf9ca5cbb96206a846d01d16a8e4890
2ea07afd59f660225e82c177586447bf9960c48e6b1beb9b810e27a0be16ed9a
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
300e2db7f019d940ffcb00bff1342eeeab8b4c44806e34b91f9e2c49432171aa
30887d75ca7268ceabc93067bca019f8ffe07189630a759407b236736e1f15af
32a2baa1b5a0e87a7b49efbf01793684e0c5b719f13c73e6216143dc34e4ff60
38d24b8ee4fa72b4dfa7c973ce582e199058011a870cfbb2b302713b43cc9a7d
39596e30c50151227833090f7ad2aabb5046c4a4ae5e326a6735e6c97f0727f6
3984f4ff65bd39033cef8165012c524c15f3311bc2af7cfcf5e7b42695b86af1
3cb2998606348bb67bb449d2d66d401316b1bd4dcf2d9305591e76a32a65c989
3cd373edcb087cffed39501ed5c514c75b35742ae40ab902e66a2fa3329f7d7c
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4211a7606f8c484f8b30ecd2ce63912647fd7171afdc560d29b86be14ce2299a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44b848ce1bea5ca25251a1c22058f8df660f1c8161c21ebc13a9ba55ec479d10
46741055435fbb7a9c4232d2cd616fac2e3c95a35fd8abee56d1bf4cafcea2f9
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47136135f5a6927b97483def6b726635568e8bde0a6e0d529f2fc7b339df2fcd
4791b946c38fb7a1b5312cdda6648ebf26545b66ab5442ca55e8e5b3fbc30745
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c997dad566c02a0a4f8416efa520f838a711d067a08f33b3ccffd541333e92
4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311
4bc67d3396eab04f5d1e931521f356c45d04196a9fdda1f253885c0e8d3e6865
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
50a60e5e5f2e8f10a2f8685031ec9849ba8faff613139f3a402e89f25ccbbabc
50fbbe164918e6fb86e26b49d99c193d1c36ec6bbf9a51b9967ca74f2282ccde
522df8cb457dc9f9c617f00dbe2e1ba22153c7280950c15c53bdc48cf53561a7
541f6cd48953a57e245ad797db319feebdf348d6e8d6679b87e26ebf472483fc
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
556cbf0e32ca74b6dd14e43cc605991cbe1540ed23137b899478956b1d0339e4
57226adbc32c91a8cd4ec9ee08e4f155f3450e79256731c04f81709a58c4c1fc
5742fd5f5732b0624b73dd0b75e3254f27006d05a8df9140d46096641ba86174
57ed6dfe36a2b2680ab6067032185f2c4cccc534b118a3d2067c6b643ef43678
596d0697f7fe2fee2638e31704feed4271c6f50ee35313e63fb6cad33852ce94
5c03b405d14153c087a3dd2bfc3af6083b98a18211513e01bed4c0b021fe2204
5cb2f9d5751adddc5dbb6b84f3acb99d61a76bf394924b8c31ee273d89165770
607c66d6b4faa9b281256002781e328f532d10ffb5b6ee85fdb1bd62bee24f08
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
641722c8b7f9d9505d23675a925c474d4384dd24889195c0366a9d60aec0362f
64281196f4a88ed70ddd5e3007f2ff0346ff3872bbe7f18ab84d3fdb7c49b32f
65c81184188dbad62e30ef303bca3f40738d98a398fe95b39cca95b249c67765
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
67e65380e1c5dd66af7f036236903078838c1132fdca4ab62cb4972d6c142649
68e12a98552e1d10d74c35c38a6324b2ffc6e1b552ca386894875ee9b60ea169
6923498f78595bd12b0b85b4d8fb03395bb293984a9efb4251447a9b80f459bb
6aad608c392bc7481be6731e6c486c32916ec8070612373d0628247c1545f5f6
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6c13a6e27988f84e3525e60ea308b444b49587fd3ecf07037d8fbd424c263476
6d989a137e0bcaf45b9249baa60d31eaa581c044a08b5e21f813f3fd0f3c8a2d
6ddc26cc39b8b285a3802dc9fd6fbb5487d8f426f0aa2ac53006bf3a3421e9c1
6fa04d8b4b07ebd5ebb250e33b532615e80dd02d46afb5cc0654c3c128b1c427
6fd12dc3f341d3ecadcee02df70fd7ef4b398b89fd3431a5a000243e96fc2718
707ddb43b139bb8c34f6815e1aa134629f7776ca24aa1e63b25af3db9c29191d
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
7383584b3df6b07b89f08428bdff19f3fad4c441b050086bc749120c61437c04
7cfe9382eafc9511e5e434580ff80104d0875a9700e34d8e5d0d68f2baf7e7e4
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f56c48a0f946027b414f31bd15e9ea8eb28790eceb091bc6a4d6726c5259b00
7ff5b2007ed12ff3da8b5dd4ba0be0783335f042fc29b63435b3df56dd02180d
80bd9f4f42e2a8fc72c3c71dbe5d2ae87241ec44d78689b5210018be6d3717cd
8264bf30b0dfc41d19bf53d2c63a8fc9326b427cf3ea9cd9b6be2696fc55b118
85e0cee6200391ca019396a438c1c3d4886d0416015acc2d276d815726c39ed0
8623be0d7e4885c0e014ba9ca2036cef10b6f4f5d0ba5e1bf3fadb03cc147e8c
862d72189e79222ecf63eeb540b5c968ab7fb26f467ab436ea9999990b0ed0ca
89f0335d649cdccf5bc16b4fad138e1fa6da670d851c82b48ccdd31273371110
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8af24d7350dbdc8eea22e4737deaa35a795b19b0560d7173113bec7e8a3effb7
8c7865a07da1b9d9eb1256aeda2e62e99fa0de7f5d60498357e6c6cf00bfb367
8ce113bbf0b3136cbb50dbdde8bb26c3e0d3032620c83b1cd6fd2b9d2beb0225
8ce315ab2156a5aace70c98db4dfef7e593bc7c9b32699492587ebf8ec53e052
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
958e28bc668ef4f2e177884feeb001f2024f40838d21856dcc4f2951615dc5e4
970358058c7a4397d9966980f7668e89c4a87f2619e9fa4d6119af1498c3396b
97f44af88ef007d4448a88be4dbb10ef5174255be2dfb30d653ea18fd79751f2
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99f54e6bf6e29a540c9186a2be62d944f3df2619a4ade0da0aadd4ad0f4fcaf6
9b062c4377a8ebbe4b1f326b8d4591e1f6de41d1359f48a59961bbbb8a7961ad
9c1bfcfd90e51667dd83611f66654ea832bf5833b32abecc5501ec19c39b5993
9fd9d2223b7b0b163d5872d630cc68ea05daa105e19c3a8de5981f20358b681c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0f95dcad4811c2b85289326687f5e63764a1a24b5f8bd2d4ad59da3858f7992
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a75f39c5757b0cfb77c86b38e0ef416aeb38eacddc3c9158d16ad65869c1f4cf
a7cc1c0a78c74129a8c173cf11de37ec09eb2d51bc63a5ca452fa966d7c211f8
a8a0693d95e59016bded7bcb8e9e16448cf6cad486358cf9d46df952e75e6e2d
a938a2150d786d29c45dce07f3ba0b81eb04ca3f9da2d7688d06058509ba2c5c
aaca8b3e90f354ceb963d2ce112cd68a2dce76b711d6a802000addf0e7ffbb77
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
acff18b9dd469f70f4d45d24dadf6de847a9b3abeb3e891260eb8160ffac8039
adbd4855a8c8b406e9f528883f91e4cad19d3051400f5bdba7dadf446a8d6815
af9edf3e86a80586d0770850908bf3929a2112adc59211e9cb715c0218f14b9c
afcd7eae5d0720a264f530e379454b66d413ceb9c11c333da026a8cc2c1cb54d
b01d53596221a10ad89cd142297dd43310bbe0531fe4694fd590fdbeebf5a18d
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b867ac437b30bd53f92899eff8a032b87aba4077354eb274368bc25888389d19
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb370110f64dfcaf5d851a20e610037840980ee2627b4507b3427cf8a2e37124
bcdaedbfd60b8d0a8a9eb4b16285345a749068b601c93f494362990f2a3e61f4
be16dce573945b7bbc66dd1eb20fa5949d17d6585f48b2f1ccfa6e7db7240dc6
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c24ccee9a35eef9e74411eac871935bdff6bcb895cce80b754b66d3e4292a3ce
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
c80f26852c5c3cdf30041c656b2410f4805a7c1c9de9ee54854d0d08ebdce85c
c9535891aa33ecb83b7bc32deb9995f2d7408df3ec66a111c1faaf10f354056c
caf2558c473f0989ccb9e45da327c56bb9f877da13fe442adc10644d75e2f1d9
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cebc0ded9f2ef3dd4e3c6d6010538dee890c24a070d6ba991e0c93e451d96ccd
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf8d2666fdbdec1c532294446cdfcb17760fae6c0d5f04f0e30e5ee64da6e788
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d2975ad9fed76943cd29612c490a47ff3885a95e75457aeef4a6d1c8752f156e
d5e9c7abd3990ae5655dbd663c0af4e539eee368f1bf308d62d83866fb79774c
d76a32c0f67bc0afd51c84000c98148846f284257b7ed16c437b0a21f3ac44c4
d79ede867e31cc892b29bed89f510c166dae4f43c3fc24785e9184fd0bfac16d
d7f2a6a4e1ca0345e8813bdc5c48a9bf9b02f9b96d4a31b260841b089a948a94
d839b193eba1dd4578cc90dfe2fe6edea552e807f65af9e79780a58d0ad9b1bb
d851b241b34cdb2839594f11db847375c382c26c2a5bb38e5229cca93f178ed2
d8a73607bb37cfd6ada8a3bcdd55aa671988b829b76e9d15833885b8a94f7bf9
d947b805e04a78be4629fbf610ad54b7bdd217b422c9b566fbbef83b84d86d12
dce8ae752b8ed25d878707381a347b8889bfde191cd468eac141c5526a1f13dc
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de87bb69f975f75ecc1e95684d9f1bdaaae75bcbbb118b4b280a8c425be735c6
e286031bab2a01f6284da514b3feb85b3a65a264d5d0172329ea44f698d46314
e2a34e11ebf0ce5dc89f255eaba05379c048b35c2e259f719162caf48ba2fbdc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e611f58b19c2ff6aba81588e7b0a148e523d8acbadc40092f8de5f50dca2f93c
e6cead609d342bd202f23b8fa86aff54f2503372d68ae63acca87e7dca2bec15
e738d6a7bb359fe3c36cf7f34b1701ac10e21f5b8df7a1db4b4448a71c1a818e
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e88e9b8dfe97af4f2c61338518effa4a01451f210619a9fea9b1a3bd9746ac47
e8cf20f6e98c91ff5a877209649b0839bb06e5751793babfb0dbbbb60a9e811a
ea91280f0bd697d996db882b3b493fddcd2870c0bf2f2b0c24f382249eb48a96
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eccd38680a730362f3e1c7bf8a8215808a4d79a1189ef9732b10bcf89150de7b
ed6cd01c384db70bedbe24986aa85b0745f994ad71b7e5712f8a60e1ff457d7f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efea659079a0c30c3a180f1ba8f9acf0b54a1a0033961490179f838dfc6ad247
f2e858e11bbfe82d0150dd8fc768dfdb4577415c0ee84435e0d6c51a50e6cb64
f41bcc9c9a485fcff259943e6e6cdc70393618aa13076f4d5dfcaba16488fdda
f49cc53a7ce96e4476a352ccf35e886ef1a6328a167f558a970e6268a379c643
f511fa7924776077436e0e7c47d96a420282192ee4f9c5dc96def26cb856c709
f54e3223688b13aabdb70b64de73dd290ac5c5a6af29ced4a3677212c94b58ff
f5f3ffbc113e9eaf870fc8aacceae9f84ba5fe2117184cb1432834b5d97ff6a7
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
f76140f6be6fb9c864f45f5f2ef648066dc3ea448c29c0bbfd8b3acf51883066
f7b8af9b735073ec39e38018ae49ba7396286cd7e2cb2c4d457885ff41ad755f
f918083d056ed60d25f5f4a01660991185490f91c27b0ea14fe063e6291f205c
fa23132735379ba3a4e870aa325f80c4792f1be7d1ac9ab1b4563ef3d9702816
fe917cd13fd4d9f376fd1cfa6ee6d31d6c7a89a5e7129dc8511b6e2aec860fa1
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e